Download
| Alert*
|
oval:org.secpod.oval:def:700249
Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry Sivonen, Martijn Wargers, David Baron and Marcia Knous discovered several memory issues in the browser engine. An attacker could exploit these to crash the browser or possibly run arbitrary code as the user invoking the progra ... oval:org.secpod.oval:def:700507 xulrunner-1.9.1: XUL + XPCOM application runner Multiple xulrunner-1.9.1 vulnerabilities oval:org.secpod.oval:def:600210 Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian. CVE-2010-1585 Roberto Suggi Liverani discovered that the sanitising performed by ParanoidFragmentSi ... oval:org.secpod.oval:def:600209 Several vulnerabilities have been discovered in Icedove, an unbranded version of the Thunderbird mail/news client. CVE-2010-1585 Roberto Suggi Liverani discovered that the sanitising performed by ParanoidFragmentSink was incomplete. CVE-2011-0053 Crashes in the layout engine may lead to the executio ... oval:org.secpod.oval:def:202871 SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. A flaw was found in the way SeaMonkey handled dialog boxes. An attacker could use this flaw to create a malicious web page that would present a blank dialog box that has non-functioning buttons. If ... oval:org.secpod.oval:def:202863 SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. A flaw was found in the way SeaMonkey handled dialog boxes. An attacker could use this flaw to create a malicious web page that would present a blank dialog box that has non-functioning buttons. If ... oval:org.secpod.oval:def:600181 Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey: CVE-2010-1585 Roberto Suggi Liverani discovered that the sanitising performed by ParanoidFragmentSink was incomplete. CVE-2011-0051 Zach Hoffmann discovered that incorrect parsing of recursive ev ... oval:org.secpod.oval:def:202850 Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A flaw was found in the way Firefox sanitized HTML content in extensions. If an extension loaded or rendered malicious content using the ParanoidFragmentSink class, it could fail to saf ... oval:org.secpod.oval:def:202846 Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A flaw was found in the way Firefox sanitized HTML content in extensions. If an extension loaded or rendered malicious content using the ParanoidFragmentSink class, it could fail to saf ... oval:org.secpod.oval:def:38584 The host is installed with Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14 or Mozilla SeaMonkey before 2.0.12 and is prone to a cross-site request forgery vulnerability. A flaw is present in the applications which fails to properly handle requests initiated by a plugin. Successful exploitation ... oval:org.secpod.oval:def:500210 SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. A flaw was found in the way SeaMonkey handled dialog boxes. An attacker could use this flaw to create a malicious web page that would present a blank dialog box that has non-functioning buttons. If ... oval:org.secpod.oval:def:38585 The host is missing a critical security update according to Mozilla advisory, MFSA2011-10. A flaw is present in the applications which fails to properly handle requests initiated by a plugin. Successful exploitation allow remote attackers to hijack the authentication of arbitrary users. oval:org.secpod.oval:def:1503558 Updated firefox packages that fix several security issues and one bug are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System base scores, which give detailed severit ... oval:org.secpod.oval:def:300422 Cross-site request forgery vulnerability in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to hijack the authentication of arbitrary users for requests that were initiated by a plugin and received a 307 redirect to a page on a different w ... oval:org.secpod.oval:def:500011 Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A flaw was found in the way Firefox sanitized HTML content in extensions. If an extension loaded or rendered malicious content using the ParanoidFragmentSink class, it could fail to saf ... oval:org.secpod.oval:def:307 The host is installed with Mozilla Firefox or SeaMonkey and is prone to cross-site request forgery vulnerability. A flaw is present in the applications which fails to properly handle requests that were initiated by a plugin and receive a 307 redirect to a page on a different web site. Successful exp ... |
