|Paid content will be excluded from the download.
| Matches : 772
|The host is missing a security update according to Apple advisory, APPLE-SA-2014-02-25-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle certain crafted vectors in a movie file. Successful exploitation allows attackers to cause a denial of service or an application crash.
The host is missing a critical security update according to Adobe advisory, APSB11-23. The update is required to fix a cross site scripting vulnerability. A flaw is present in the application, which fails to sanitize user supplied input. Successful exploitation could allow attackers to inject arbitrary code.
Mozilla developers and community identified identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code.
Using the Address Sanitizer tool, security researcher Atte Kettunen from OUSPG discovered a buffer overflow during interaction with the Web Audio buffer for playback because of an error in the the amount of allocated memory for buffers. This leads to a potentially exploitable crash with some audio content.
Using the Address Sanitizer tool, security researcher Atte Kettunen from OUSPG discovered a use-after-free in Web Audio due to an issue with how control messages for Web Audio are ordered and processed. This leads to a potentially exploitable crash.
Mozilla community member James Kitchener reported a crash in DirectWrite when rendering MathML content with specific fonts due to an error in how font resources and tables are handled. This leads to use-after-free of a DirectWrite font-face object, resulting in a potentially exploitable crash.
Security researcher Jethro Beekman of the University of California, Berkeley reported a crash when the FireOnStateChange event is triggered in some circumstances. This leads to a use-after-free and a potentially exploitable crash when it occurs.
Security researchers Tyson Smith and Jesse Schwartzentruber used the Address Sanitizer tool while fuzzing to discover a use-after-free error resulting in a crash. This is a result of a pair of NSSCertificate structures being added to a trust domain and then one of them is removed while they are still in use by the trusted cache. This crash is potentially exploitable. This issue was addressed ...
Mozilla community member John reported a crash in the Skia library when scaling high quality images if the scaling operation takes too long. This is caused by the image data being discarded while still in use by the scaling operation. This crash is potentially exploitable on some systems.
Pages:      Start    65    66    67    68    69    70    71    72    73    74    75    76    77    ..   77
© 2013 SecPod Technologies