[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 790 Download | Alert*

Google notified Mozilla that an intermediate certificate, which chains up to a root included in Mozilla's root store, was loaded into a man-in-the-middle (MITM) traffic management device. This certificate was issued by Agence nationale de la scurit des systmesd" information (ANSSI), an agency of the French government and a certificate authority in Mozilla's root program. A subordinate certificate ...

Security researcher Nils used the Address Sanitizer tool while fuzzing to discover missing strong references in browsing engine leading to use-after-frees. This can lead to a potentially exploitable crash.

Security researcher Nils used the Address Sanitizer tool while fuzzing to discover a memory corruption issue with the JavaScript engine when using workers with direct proxies. This results in a potentially exploitable crash.

Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover a user-after-free when interacting with HTML document templates. This leads to a potentially exploitable crash.

Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code.

Security researcher Jordi Chancel discovered a method to put arbitrary HTML content within <select> elements and place it in arbitrary locations. This can be used to spoof the displayed addressbar, leading to clickjacking and other spoofing attacks.

Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover an access violation due to uninitialized data during Extensible Stylesheet Language Transformation (XSLT) processing. This leads to a potentially exploitable crash.

Compiler Engineer Dan Gohman of Google discovered a flaw in the JavaScript engine where memory was being incorrectly allocated for some functions and the calls for allocations were not always properly checked for overflow, leading to potential buffer overflows. When combined with other vulnerabilities, these flaws could be potentially exploitable.

Mozilla community member Ezra Pool reported a potentially exploitable crash on extremely large pages. This was caused when a cycle collected image object was released on the wrong thread during decoding, creating a race condition.

Security researcher Byoungyoung Lee of Georgia Tech Information Security Center (GTISC) used the Address Sanitizer tool to discover a use-after-free during state change events while updating the offline cache. This leads to a potentially exploitable crash.


Pages:      Start    14    15    16    17    18    19    20    21    22    23    24    25    26    27    ..   78

© SecPod Technologies