Mozilla Patches Vulnerability

Grok Headline matches for Mozilla Patches Vulnerability

Mozilla / Mozilla Firefox User Interface
Spoofing Vulnerability

Mozilla / Mozilla Firefox User Interface
Spoofing Vulnerability 08/01/2004 10:04 AM

Direct and Related Links for 'Mozilla / Mozilla Firefox User Interface Spoofing Vulnerability'

“A vulnerability has been reported in Mozilla and Mozilla Firefox, allowing malicious websites to spoof the user interface. The problem is that Mozilla and Mozilla Firefox don’t restrict websites from including arbitrary, remote XUL (XML User Interface Language) files. This can be exploited to “hijack” most of the user interface (including tool bars, SSL certificate dialogs, address bar and more), thereby controlling almost anything the user sees….A PoC (Proof of Concept) exploit for Mozilla Firefox…

Mozilla Patches Firefox Again

Mozilla Patches Firefox Again 03/24/2005 11:38 PM
TechTree Mar 25 2005 4:16AM GMT

Mozilla / Mozilla Firefox Vulnerability

Mozilla / Mozilla Firefox Vulnerability 09/18/2004 10:48 AM

Direct and Related Links for 'Mozilla / Mozilla Firefox Vulnerability'

“Software: Mozilla 0.x, Mozilla 1.0, Mozilla 1.1, Mozilla 1.2, Mozilla 1.3, Mozilla 1.4, Mozilla 1.5, Mozilla 1.6, Mozilla 1.7.x, Mozilla Firefox 0.x Description: WESTPOINT has reported a vulnerability in Mozilla / Mozilla Firefox, which potentially can be exploited by malicious people to conduct session fixation attacks. For more information: SA12341 Solution: Do not follow untrusted links.”…

Mozilla patches another Firefox hole

Mozilla patches another Firefox hole 03/27/2005 05:36 AM
Latest security news.

Mozilla Patches Security Hole

Mozilla Patches Security Hole 07/09/2004 06:14 PM

HP Patches Tru64 Unix Vulnerability

HP Patches Tru64 Unix Vulnerability 01/17/2004 10:53 PM
Hewlett-Packard recently discovered and patched a potential hole in its Tru64 Unix OS that could have provided unauthorized access or a denial-of-service attack.

Microsoft Patches 'Critical' ASN.1
Vulnerability

Microsoft Patches 'Critical' ASN.1
Vulnerability 02/10/2004 04:03 PM
Buffer overflows could give malicious hackers complete control of unpatched machines.

Apple Patches App-Launching
Vulnerability in Mac OS X

Apple Patches App-Launching
Vulnerability in Mac OS X 06/07/2004 08:31 PM
The company plugs another security vulnerability in its OS X operating system. The new patch addresses vulnerabilities when launching documents and applications from a Web page.

Apple patches vulnerability in Safari

Apple patches vulnerability in Safari 05/21/2004 06:53 PM

Mozilla Patches Firefox Hole (PC World)

Mozilla Patches Firefox Hole (PC World) 03/23/2005 05:29 PM
PC World - Foundation denies that the browser is attracting more hackers as it gains market share.

Apple patches vulnerability in Safari
(MacCentral)

Apple patches vulnerability in Safari
(MacCentral) 05/21/2004 07:05 PM
MacCentral - Apple Computer Inc. issued an update on Friday to fix a reported security hole in its Safari Web Browser. The venerability, which was classified as "Extremely Critical" by security firm Secunia, allowed the execution of malicious code on the users computer.

Mozilla patches Firefox image handling
flaw

Mozilla patches Firefox image handling
flaw 03/26/2005 05:41 AM
Today's bug patches and security alerts:

Mozilla/Netscape Vulnerability

Mozilla/Netscape Vulnerability 08/03/2004 10:28 AM
Zzen-parse has reported a vulnerability in Mozilla and Netscape, potentially allowing malicious people to compromise a vulnerable system. The vulnerability is caused due to an integer overflow within the SOAPParameter object's constructor. This can e.g. be exploited via a malicious web page containing specially crafted javascript. This has been reported in Mozilla 1.6, and Netscape 7.0 and 7.1. Prior versions may also be affected.

Affected Mozilla/Netscape Web browsers:

• Mozilla 0.x
  
• Mozilla 1.0 to 1.6
  
• Netscape 7.x

Firefox 0.9 onwards is not affected; all users of the older versions are advised to upgrade the newer releases.
View: Bugzilla Bug 236618
News source: Secunia

Read full story...

Netscape/Mozilla Vulnerability

Netscape/Mozilla Vulnerability 08/02/2004 05:32 PM

Direct and Related Links for 'Netscape/Mozilla Vulnerability'

“Improper input validation to the SOAPParameter object constructor in Netscape and Mozilla allows execution of arbitrary code. The SOAPParameter object’s constructor contains an integer overflow which allows controllable heap corruption. A web page can be constructed to leverage this into remote execution of arbitrary code….Netscape version 7.0 and 7.1 have been confirmed to be vulnerable. Mozilla 1.6 is also vulnerable to this issue. It is suspected that earlier versions of both browsers may also be…

Mozilla UI Spoofing Vulnerability

Mozilla UI Spoofing Vulnerability 07/31/2004 05:32 AM

Mozilla moves to fix security
vulnerability

Mozilla moves to fix security
vulnerability 07/09/2004 11:56 AM
The Mozilla Foundation has urged users of its open-source Mozilla Application Suite, Firefox browser and Thunderbird e-mail client to download a small patch to work around a security vulnerability discovered Thursday.

Mozilla User Interface Spoofing
Vulnerability

Mozilla User Interface Spoofing
Vulnerability 07/31/2004 07:22 PM
A vulnerability has been reported in Mozilla and Mozilla Firefox, allowing malicious websites to spoof the user interface. The problem is that Mozilla and Mozilla Firefox don't restrict websites from including arbitrary, remote XUL (XML User Interface Language) files. This can be exploited to "hijack" most of the user interface (including tool bars, SSL certificate dialogs, address bar and more), thereby controlling almost anything the user sees.

The Mozilla user interface is built using XUL files. A PoC (Proof of Concept) exploit for Mozilla Firefox has been published. The PoC spoofs a SSL secured PayPal website. This has been confirmed using Mozilla 1.7 for Linux, Mozilla Firefox 0.9.1 for Linux, Mozilla 1.7.1 for Windows and Mozilla Firefox 0.9.2 for Windows. Prior versions may also be affected.

View: Mozilla Bug 244965
News source: Secunia

Read full story...

Mozilla Thunderbird Drag and Drop
Vulnerability

Mozilla Thunderbird Drag and Drop
Vulnerability 03/24/2005 04:03 AM
“Secunia Advisory: SA14671 Critical: Less critical Impact: Manipulation of data Where: From remote Solution Status: Vendor Patch Software: Mozilla Thunderbird 0.x, Mozilla Thunderbird 1.x A vulnerability has been reported in Thunderbird, which can be exploited by malicious people to plant malware on a user’s system. For more information: SA14160 Solution: Update to version 1.0.2. http://www.mozilla.org/products/thunderbird/ Full article: Secunia Advisory: SA14671…

Direct and Related Links for 'Mozilla Thunderbird Drag and Drop Vulnerability'

Timeline of Mozilla shell: Security
Vulnerability

Timeline of Mozilla shell: Security
Vulnerability 07/09/2004 10:04 PM

Notes and Tips: Mozilla-family
Vulnerability

Notes and Tips: Mozilla-family
Vulnerability 04/06/2005 12:19 PM
Any of the Mozilla-family browsers (including Firefox and Camino) may be coerced into revealing sensitive information in memory; here's a test...

Mozilla / Firefox Memory Exposure
Vulnerability

Mozilla / Firefox Memory Exposure
Vulnerability 04/04/2005 06:23 PM
Slashdot Apr 4 2005 8:57PM GMT

Mozilla / Firefox Certificate Store
Corruption Vulnerability

Mozilla / Firefox Certificate Store
Corruption Vulnerability 07/19/2004 03:17 PM

Direct and Related Links for 'Mozilla / Firefox Certificate Store Corruption Vulnerability'

“Marcel Boesch has reported a vulnerability in Mozilla and Firefox, which can be exploited by malicious people to cause a DoS (Denial of Service).”…

Mozilla Thunderbird GIF Image Processing
Buffer Overflow Vulnerability

Mozilla Thunderbird GIF Image Processing
Buffer Overflow Vulnerability 03/24/2005 02:15 PM
“Secunia Advisory: SA14685 Critical: Highly critical Impact: System access Where: From remote Solution Status: Vendor Patch Software: Mozilla Thunderbird 0.x, Mozilla Thunderbird 1.x Mark Dowd has reported a vulnerability in Thunderbird, which can be exploited by malicious people to compromise a user’s system. The vulnerability is caused due to a boundary error in the GIF image processing of Netscape extension 2 blocks and can be exploited to cause a heap-based buffer overflow via a specially…

D irect and Related Links for 'Mozilla Thunderbird GIF Image Processing Buffer Overflow Vulnerability'

Mozilla Firefox JavaScript Engine
Information Disclosure Vulnerability

Mozilla Firefox JavaScript Engine
Information Disclosure Vulnerability 04/05/2005 01:58 AM
Secunia Advisory: SA14820 Critical: Moderately critical Impact: Exposure of system information, Exposure of sensitive information Where: From remote Solution Status: Unpatched Software: Mozilla Firefox 0.x, Mozilla Firefox 1.x A vulnerability has been discovered in Mozilla Firefox, which can be exploited by malicious people to gain knowledge of potentially sensitive information. The vulnerability is caused due to an error in the JavaScript engine, as a “lambda” replace exposes arbitrary amounts of heap memory after the end…

D irect and Related Links for 'Mozilla Firefox JavaScript Engine Information Disclosure Vulnerability'

Fix for URL Spoofing Security
Vulnerability Checked in to Mozilla
Trunk and 1.6 Branch

Fix for URL Spoofing Security
Vulnerability Checked in to Mozilla
Trunk and 1.6 Branch 01/07/2004 07:08 PM

VMware GSX Server and ESX Server OpenSSL
vulnerability patches

VMware GSX Server and ESX Server OpenSSL
vulnerability patches 10/31/2003 03:01 PM
VMware (Oct 31 2003)

Vulns: Mozilla Browser Input Type HTML
Tag Unauthorized Access Vulnerability

Vulns: Mozilla Browser Input Type HTML
Tag Unauthorized Access Vulnerability 08/08/2004 03:46 PM
SecurityFocus Aug 8 2004 8:17PM GMT

Mozilla 1.7.1, Mozilla Firefox 0.9.2 and
Mozilla Thunderbird 0.7.2 Released

Mozilla 1.7.1, Mozilla Firefox 0.9.2 and
Mozilla Thunderbird 0.7.2 Released 07/08/2004 08:25 PM

Microsoft: Patches, Patches Everywhere!

Microsoft: Patches, Patches Everywhere! 12/10/2003 06:41 PM
Slashdot Dec 10 2003 5:39PM ET

Microsoft: Patches, Patches Everywhere!

Microsoft: Patches, Patches Everywhere! 12/10/2003 05:27 PM
Ridgelift writes "Even though Microsoft's recently announce they would not be issuing any new patches for the month of December, the boys at Redmond were ...

Introduction to Mozilla Firefox and
Mozilla Thunderbird for IE and Outlook
Express Users

Introduction to Mozilla Firefox and
Mozilla Thunderbird for IE and Outlook
Express Users 04/14/2005 04:08 PM

Comparative Mail Client Review Includes
Mozilla 1.6 and Mozilla Thunderbird 0.5

Comparative Mail Client Review Includes
Mozilla 1.6 and Mozilla Thunderbird 0.5 03/06/2004 01:59 AM

Yahoo! News Tech Tuesday Recommends
Mozilla 1.6 and Mozilla Thunderbird

Yahoo! News Tech Tuesday Recommends
Mozilla 1.6 and Mozilla Thunderbird 02/17/2004 11:55 PM

Mozilla Firebird and Mozilla Thunderbird
Hottest Picks in UK 'Linux Format'

Mozilla Firebird and Mozilla Thunderbird
Hottest Picks in UK 'Linux Format' 02/10/2004 02:40 AM

Mozilla Staff Seeking Volunteer to Set
Up and Manage mozilla.org News Server

Mozilla Staff Seeking Volunteer to Set
Up and Manage mozilla.org News Server 04/25/2004 08:41 PM

Mozilla Firefox Convert Robin Bloor
Switches to Mozilla Thunderbird

Mozilla Firefox Convert Robin Bloor
Switches to Mozilla Thunderbird 04/21/2004 05:07 PM

Future of the Mozilla Application Suite:
No Official Mozilla 1.8, Community
Transition Plan Unveiled

Future of the Mozilla Application Suite:
No Official Mozilla 1.8, Community
Transition Plan Unveiled 03/14/2005 06:05 PM

Gecko 1.8, Mozilla Firefox 1.1 and
Mozilla Thunderbird 1.1 Release Plans

Gecko 1.8, Mozilla Firefox 1.1 and
Mozilla Thunderbird 1.1 Release Plans 03/31/2005 08:53 AM

Mozilla / Mozilla Firefox Download
Dialog Source Spoofing

Mozilla / Mozilla Firefox Download
Dialog Source Spoofing 01/04/2005 11:22 AM
Description: Secunia Research has discovered a vulnerability in Mozilla / Mozilla Firefox, which can be exploited by malicious people to spoof the source displayed in the Download Dialog box. The problem is that long sub-domains and paths aren’t displayed correctly, which therefore can be exploited to obfuscate what is being displayed in the source field of the Download Dialog box. The vulnerability has been confirmed in Mozilla 1.7.3 for Linux, Mozilla 1.7.5 for Windows, and…

Direct and Related Links for 'Mozilla / Mozilla Firefox Download Dialog Source Spoofing'

Grok Description matches for Mozilla Patches Vulnerability
GrokA matches for Mozilla Patches Vulnerability

Mozilla Patches Vulnerability

The following phrases have been identified by the grok system as matching this entry: