[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247862

 
 

909

 
 

194603

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 790 Download | Alert*

Security researcher Holger Fuhrmannek discovered an out-of-bounds read during the creation of an audio timeline in Web Audio. This results in a crash and could allow for the reading of random memory values.

Security researcher regenrecht reported, via TippingPoint"s Zero Day Initiative, a use-after-free during text layout when interacting with the setting of text direction. This results in a use-after-free which can lead to arbitrary code execution.

Antoine Delignat-Lavaud , security researcher at Inria Paris in team Prosecco, reported an issue in Network Security Services (NSS) libraries affecting all versions. He discovered that NSS is vulnerable to a variant of a signature forgery attack previously published by Daniel Bleichenbacher. This is due to lenient parsing of ASN.1 values involved in a signature and could lead to the forging of RSA ...

Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code.

Using the Address Sanitizer tool, security researcher Atte Kettunen from OUSPG discovered a buffer overflow when making capitalization style changes during CSS parsing. This can cause a crash that is potentially exploitable.

Security researcher Holger Fuhrmannek used the used the Address Sanitizer tool to discover an out-of-bounds read issue with Web Audio when interacting with custom waveforms with invalid values. This results in a crash and could allow for the reading of random memory which may contain sensitive data, or of memory addresses that could be used in combination with another bug.

Using the Address Sanitizer tool, security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team found an out-of-bounds write when buffering WebM format video containing frames with invalid tile sizes. This can lead to a potentially exploitable crash during WebM video playback.

Security researcher regenrecht reported, via TippingPoint"s Zero Day Initiative, a use-after-free during text layout when interacting with text direction. This results in a crash which can lead to arbitrary code execution.

Mozilla developer Patrick McManus reported a method to use SPDY or HTTP/2 connection coalescing to bypass key pinning on different sites that resolve to the same IP address.This could allow the use of a fraudulent certificate when a saved pin for that subdomain should have prevented the connection. This leads to possible man-in-the-middle attacks if an attacker has control of the DNS connection an ...

Mozilla developers Eric Shepherd and Jan-Ivar Bruaroey reported issues with privacy and video sharing using WebRTC. Once video sharing has started within a WebRTC session running within an <iframe> , video will continue to be shared even if the user selects the &quote;Stop Sharing" button in the controls. The camera will also remain on even if the user navigates to another site and will ...


Pages:      Start    10    11    12    13    14    15    16    17    18    19    20    21    22    23    ..   78

© SecPod Technologies