[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

 
 
Paid content will be excluded from the download.

Filter
Matches : 1025 Download | Alert*

The host is missing a critical security update according to Mozilla advisory, MFSA2014-91. A flaw is present in the applications which fails to properly handle a Chrome Object Wrapper. Successful exploitation allows remote attackers to bypass intended DOM object restrictions via a call to an unspecified method.

The host is missing a security update according to MFSA 2014-88. The update is required to fix a stack-based buffer overflow vulnerability. A flaw is present in the applications, which fail to handle a crafted media content. Successful exploitation allows attackers to execute arbitrary code.

The host is missing a security update according to MFSA 2014-89. The update is required to fix an arbitrary code execution vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Successful exploitation allows attackers to execute arbitrary code by leveraging an incorrect cast from the BasicThebesLayer data type to the BasicContainerLayer data type.

Mozilla developer Patrick McManus reported a method to use SPDY or HTTP/2 connection coalescing to bypass key pinning on different sites that resolve to the same IP address.This could allow the use of a fraudulent certificate when a saved pin for that subdomain should have prevented the connection. This leads to possible man-in-the-middle attacks if an attacker has control of the DNS connection a ...

The host is missing a security update according to MFSA 2014-83. The update is required to fix multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation allows attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code.

The host is missing a security update according to MFSA 2014-84. The update is required to fix a security bypass vulnerability. A flaw is present in the applications, which fail to handle an XBL binding. Successful exploitation allows attackers to bypass intended access restrictions.

The host is missing a security update according to MFSA 2014-85. The update is required to fix a denial of service vulnerability. A flaw is present in the applications, which fail to handle a crafted JavaScript object. Successful exploitation allows attackers to cause a denial of service (application crash).

The host is missing a security update according to MFSA 2014-86. The update is required to fix an information disclosure vulnerability. A flaw is present in the path strings in CSP violation reports, which fail to handle a crafted a web site that receives a report after a redirect. Successful exploitation allows attackers to obtain sensitive information.

The host is missing a security update according to MFSA 2014-87. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fail to handle a addition of a second root element to an HTML5 document during parsing. Successful exploitation allows attackers to execute arbitrary code.

Google security researcher Michal Zalewski reported that when a malformed GIF image is repeatedly rendered within a canvas element, memory may not always be properly initialized. The resulting series of images then uses this uninitialized memory during rendering, allowing data to potentially leak to web content.


Pages:      Start    87    88    89    90    91    92    93    94    95    96    97    98    99    100    ..   102

© 2013 SecPod Technologies