Download
| Alert*
oval:org.secpod.oval:def:700249
Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry Sivonen, Martijn Wargers, David Baron and Marcia Knous discovered several memory issues in the browser engine. An attacker could exploit these to crash the browser or possibly run arbitrary code as the user invoking the progra ... oval:org.secpod.oval:def:700507 xulrunner-1.9.1: XUL + XPCOM application runner Multiple xulrunner-1.9.1 vulnerabilities oval:org.secpod.oval:def:202850 Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A flaw was found in the way Firefox sanitized HTML content in extensions. If an extension loaded or rendered malicious content using the ParanoidFragmentSink class, it could fail to saf ... oval:org.secpod.oval:def:202846 Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A flaw was found in the way Firefox sanitized HTML content in extensions. If an extension loaded or rendered malicious content using the ParanoidFragmentSink class, it could fail to saf ... oval:org.secpod.oval:def:38582 The host is installed with Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14 or Mozilla SeaMonkey before 2.0.12 and is prone to a buffer overflow vulnerability. A flaw is present in the applications which fails to properly handle long string that triggers construction of a long text run. Success ... oval:org.secpod.oval:def:38583 The host is missing a critical security update according to Mozilla advisory, MFSA2011-07. A flaw is present in the applications which fails to properly handle long string that triggers construction of a long text run. Successful exploitation allow remote attackers to execute arbitrary code or cause ... oval:org.secpod.oval:def:1503558 Updated firefox packages that fix several security issues and one bug are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System base scores, which give detailed severit ... oval:org.secpod.oval:def:300422 Cross-site request forgery vulnerability in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to hijack the authentication of arbitrary users for requests that were initiated by a plugin and received a 307 redirect to a page on a different w ... oval:org.secpod.oval:def:500011 Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A flaw was found in the way Firefox sanitized HTML content in extensions. If an extension loaded or rendered malicious content using the ParanoidFragmentSink class, it could fail to saf ... oval:org.secpod.oval:def:306 The host is installed with Mozilla Firefox or SeaMonkey and is prone to buffer overflow vulnerability. A flaw is present in the applications which fails to properly construct the layout objects used to display the text. Successful exploitation allow remote attackers to run arbitrary code. |