VMware Security Advisory - Service console packages for Network Security Services (NSS) and NetScape Portable Runtime (NSPR) are updated to versions nss-3.12.3.99.3-1.2157 and nspr-4.7.6-1.2213 respectively. This patch fixes several security issues in the service console packages for NSS and NSPR.
750bfc5b2e28a67af487861fbcc96e099b1881a6cbe999078d4626cf32cfde37Mandriva Linux Security Advisory 2009-290 - Security issues were identified and fixed in firefox 3.0.x.
d427b7335ca3b2bd0e78ec0908a1797eb3e8671e91a8ae002fc03da4802fb66bMandriva Linux Security Advisory 2009-294 - Security issues were identified and fixed in Firefox 3.5.x.
4addcca5fafa803913097baa6c63f7a85816ac4e4393a557c0051bbed68d1b5bUbuntu Security Notice 853-1 - Various vulnerabilities in Firefox and XULRunner have been addressed.
f50fa4b2a88547c5439a7c01db10ed6b6670dedefe78df956584118149cf91abMandriva Linux Security Advisory 2009-290 - Security issues were identified and fixed in Firefox 3.0.x. This update provides the latest Mozilla Firefox 3.0.x to correct these issues. Additionally, some packages which require so, have been rebuilt and are being provided as updates.
81cd4ae6c0e4a6fbd63e6be6811775c38ed6270fdf26efb68f1373d24354eb81Debian Linux Security Advisory 1922-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser.
a220a510e52acdc35e63b91c7fafa29b451ce1d41d75745b324d947eec52a426Remote exploitation of a buffer overflow in the Mozilla Foundation's libpr0n image processing library allows attackers to execute arbitrary code. The libpr0n GIF parser was designed using a state machine which is represented as a series of switch/case statements. One particularly interesting state, 'gif_image_header', is responsible for interpreting a single image/frame description record. A single GIF file may contain many images, each with a different color map associated. The problem lies in the handling of changes to the color map of subsequent images in a multiple-image GIF file. Memory reallocation is not managed correctly and can result in an exploitable heap overflow condition. iDefense confirmed the existence of this vulnerability using Mozilla Firefox versions 3.0.13 and 3.5.2 on 32-bit Windows XP SP3. Other versions, and potentially other applications using libpr0n, are suspected to be vulnerable.
2586d2a113c390f692bd4a3a7b5d2efa7e97552fe0c5a23297e4dd9eebfa000a
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed