[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249622

 
 

909

 
 

195521

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 1796 Download | Alert*

Security researcher Sachin Shinde reported that moving certain XBL-backed nodes from a document into the replacement document created by document.open() can cause a JavaScript compartment mismatch which can often lead to exploitable conditions. Starting with Firefox 20 this condition was turned into a run-time assertion that would crash the browser in an unexploitable way, and in Firefox 24 th ...

Security researcher Aki Helin reported that combining lists, floats, and multiple columns could trigger a potentially exploitable buffer overflow.

Security researcher Nils reported two potentially exploitable memory corruption bugs involving scrolling. The first was a use-after-free condition due to scrolling an image document. The second was due to nodes in a range request being added as children of two different parents.

Mozilla developer Boris Zbarsky reported that user-defined getters on DOM proxies would incorrectly get the expando object as this . It is unlikely that this is directly exploitable but could lead to JavaScript client or add-on code making incorrect security sensitive decisions based on hacker supplied values.

The host is missing a critical security update according to Adobe advisory, APSB12-02. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to sanitize user supplied input. Successful exploitation could allow attackers to execute arbitrary code.

The host is missing an update according to Apple advisory APPLE-SA-2012-09-05-1. The update is required to fix Unspecified vulnerability. A flaw is present in the application, which fail to handle malicious input. Successful exploitation could allow attackers to execute arbitrary code.

The host is missing important security update according to Apple advisory, APPLE-SA-2013-02-01-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to sanitize user supplied input. Successful exploitation could allow attackers to execute arbitrary code with the privileges of the current user.

The host is missing important security update according to Apple advisory, APPLE-SA-2013-02-19-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to sanitize user supplied input. Successful exploitation could allow attackers to execute arbitrary code with the privileges of the current user.

The host is missing a security update according to Apple advisory, APPLE-SA-2013-03-04-1. The update is required to fix multiple arbitrary code execution vulnerabilities. The flaws are present in the application, which fails to handle a specially crafted applet or Web Start application. Successful exploitation allows attackers to cause arbitrary code to be executed on the target user's system.

The host is missing a security update according to Apple advisory, APPLE-SA-2013-03-06-1. The update is required to fix multiple arbitrary code execution vulnerabilities. The flaws are present in the application, which fails to handle the web plug-in blocking mechanism. Successful exploitation allows attackers to cause arbitrary code to be executed on the target user's system.


Pages:      Start    65    66    67    68    69    70    71    72    73    74    75    76    77    78    ..   179

© SecPod Technologies