[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 26616 Download | Alert*

The host is installed with Google Chrome before 35.0.1916.114 and is prone to an UI spoofing vulnerability. A flaw is present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to spoof the UI by extending scrollbar painting into the parent frame.

The host is installed with Google Chrome before 38.0.2125.101 or Apple iTunes before 12.2 and is prone to an use-after-free vulnerability. The flaw is present in the applications, which fail to handle unknown vectors. Successful exploitation allows attackers to cause a denial of service or possibly have unspecified other impact.

Mozilla Thunderbird 68.10: If an attacker intercepts Thunderbird's initial attempt to perform automatic account setup using the Microsoft Exchange autodiscovery mechanism, and the attacker sends a crafted response, then Thunderbird sends username and password over https to a server controlled by the attacker.

Mozilla Thunderbird 60.5: A use-after-free vulnerability can occur while playing a sound notification in Thunderbird. The memory storing the sound data is immediately freed, although the sound is still being played asynchronously, leading to a potentially exploitable crash.

Mozilla Thunderbird 60.5: A crash can occur when processing a crafted S/MIME message or an XPI package containing a crafted signature. This can be used as a denial-of-service (DOS) attack because Thunderbird reopens the last seen message on restart, triggering the crash again.

Mozilla Thunderbird 91.3 : Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS signatures.

Mozilla Firefox ESR 78.9 and Mozilla Thunderbird 78.9: An out of date graphics library (Angle) likely contained vulnerabilities that could potentially be exploited.

Mozilla Thunderbird before 78.8.1: Thunderbird unprotects a secret OpenPGP key prior to using it for a decryption, signing or key import task. If the task runs into a failure, the secret key may remain in memory in its unprotected state.

Mozilla Thunderbird before 78.9.1: Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self signature. An attacker may create a crafted version of an OpenPGP key, by either replacing the original user ID, or by adding another user ID. If Thunderbird imports and accepts the crafted key, the Thunderbird user may falsely conclude that the false user ID belongs to the c ...

Mozilla Thunderbird before 78.9.1: When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. If a computer has already been infected with a malicious library of the alternative filename, and the malicious library has been copied to a directory that is contained in the search p ...


Pages:      Start    1476    1477    1478    1479    1480    1481    1482    1483    1484    1485    1486    1487    1488    1489    ..   2661

© SecPod Technologies