[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 26831 Download | Alert*

The host is installed with Apple iTunes through 12.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle issues in memory handling. Successful exploitation allows attackers to cause arbitrary code execution or denial of service via a crafted web site.

The host is installed with Apple iTunes through 12.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle issues in memory handling. Successful exploitation allows attackers to cause arbitrary code execution or denial of service via a crafted web site.

Mozilla Firefox ESR 102.8, Mozilla Thunderbird 102.8 : Mozilla developers Philipp and Gabriele Svelto reported memory safety bugs present in Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

Mozilla Thunderbird 102.8 : If a MIME email combines OpenPGP and OpenPGP MIME data in a certain way Thunderbird repeatedly attempts to process and display the message, which could cause Thunderbird's user interface to lock up and no longer respond to the user's actions. An attacker could send a crafted message with this structure to attempt a DoS attack.

Mozilla Thunderbird 68.10: If an attacker intercepts Thunderbird's initial attempt to perform automatic account setup using the Microsoft Exchange autodiscovery mechanism, and the attacker sends a crafted response, then Thunderbird sends username and password over https to a server controlled by the attacker.

Mozilla Thunderbird 60.5: A use-after-free vulnerability can occur while playing a sound notification in Thunderbird. The memory storing the sound data is immediately freed, although the sound is still being played asynchronously, leading to a potentially exploitable crash.

Mozilla Thunderbird 60.5: A crash can occur when processing a crafted S/MIME message or an XPI package containing a crafted signature. This can be used as a denial-of-service (DOS) attack because Thunderbird reopens the last seen message on restart, triggering the crash again.

Mozilla Thunderbird 91.3 : Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS signatures.

Mozilla Thunderbird 102.9.1: Thunderbird users who use the Matrix chat protocol were vulnerable to a denial-of-service attack.

Mozilla Thunderbird 102.7.1: The host is installed with Mozilla Thunderbird 68.x before 102.7.1 and is prone to an improper certificate validation vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to make the Mail signed with a revoked certificate to be displayed as having a valid signature.


Pages:      Start    1496    1497    1498    1499    1500    1501    1502    1503    1504    1505    1506    1507    1508    1509    ..   2683

© SecPod Technologies