|Paid content will be excluded from the download.
| Matches : 1924
Security researchers Tyson Smith and JesseSchwartzentruber of the BlackBerry Security Automated Analysis Team used the Address Sanitizer tool while fuzzing to discover a mechanism where inserting an ordered list into a document through script could lead to a potentially exploitable crash that can be triggered by web content.
Firefox user Sijie Xia reported that if a user explicitly removes the trust for extended validation (EV) capable root certificates in the certificate manager, the change is not properly used when validating EV certificates, causing the setting to be ignored. This removes the ability of users to explicitly untrust root certificates from specific certificate authorities.
Security researchers Tyson Smith and JesseSchwartzentruber of the BlackBerry Security Automated Analysis Team used the Address Sanitizer tool while fuzzing to discover a user-after-free in the functions for synthetic mouse movement handling. Security researcher Atte Kettunen from OUSPG also reported a variant of the same flaw. This issue leads to a potentially exploitable crash.
Google notified Mozilla that an intermediate certificate, which chains up to a root included in Mozilla's root store, was loaded into a man-in-the-middle (MITM) traffic management device. This certificate was issued by Agence nationale de la scurit des systmesd" information (ANSSI), an agency of the French government and a certificate authority in Mozilla's root program. A subordinate certificate ...
The host is missing a security update according to Adobe advisory, APSB14-19. The update is required to fix sandbox bypass vulnerability. The flaws are present in the applications, which fail to properly handle unspecified vectors. Successful exploitation allows attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context.
The host is missing a critical security update according to Microsoft security bulletin, MS13-099. The update is required to fix remote code execution vulnerability. The flaw is present in Microsoft Scripting Runtime Object Library, which fails to handle a website that hosts specially crafted content. Successful exploitation allows attackers to install programs; view, change, or delete data; or cr ...
The host is missing an important security update according to Microsoft security bulletin, MS14-044. The update is required to fix multiple elevation of privilege vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to stop responding until a manual reboot is initiated.
Pages:      Start    168    169    170    171    172    173    174    175    176    177    178    179    180    181    ..   192
© 2013 SecPod Technologies