[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

247213

 
 

909

 
 

194329

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 31005 Download | Alert*

Mozilla Thunderbird 78.12 : If Thunderbird was configured to use STARTTLS for an IMAP connection, and an attacker injected IMAP server responses prior to the completion of the STARTTLS handshake, then Thunderbird didn't ignore the injected data. This could have resulted in Thunderbird showing incorrect information, for example the attacker could have tricked Thunderbird to show folders that didn't ...

Mozilla Thunderbird 78.7 : During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session.

The host is installed with Apple iTunes before 11.0.3.42 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to properly handle multiple memory corruption issues. Successful exploitation could allow attackers to crash the service or execute arbitrary code.

Use-after-free vulnerability in WebKit before r65958, as used in Google Chrome before 6.0.472.59, Apple Safari before 5.0.6 or Apple iTunes before 10.5, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger use of document APIs such as document.close during parsing, as demonstrated by a Cascading Style Sheets (CSS) file referencing ...

Apple iTunes before 9.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 podcast file.

The host is installed with Apple iTunes before 11.0.3 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to properly verify X.509 certificates. Successful exploitation could allow attackers to spoof HTTPS servers via an arbitrary certificate.

The host is installed with Apple iTunes before 8.2 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to handle a long URL component after a colon. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

The host is installed with Apple iTunes before 10.6.3 and is prone to heap buffer overflow vulnerability. A flaw is present in the application, which fails to handle crafted .m3u playlist. Successful exploitation could allow attackers to crash the service.

The host is installed with Apple QuickTime before 7.7.1 or Apple iTunes before 10.5 and is prone to an buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted movie file with H.264 encoding. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

The host is installed with Apple Safari before 5.0.5 or Apple iTunes before 10.5 and is prone to a heap based buffer overflow vulnerability. A flaw is present in the application, as it fails to handle TIFF images. Successful exploitation could allow attackers to execute arbitrary code or crash the service.


Pages:      Start    1674    1675    1676    1677    1678    1679    1680    1681    1682    1683    1684    1685    1686    1687    ..   3100

© SecPod Technologies