Debian Linux Security Advisory 3688-1 - Several vulnerabilities were discovered in NSS, the cryptography library developed by the Mozilla project.
b93966cf45b459b94721e41f799657ce1d921ea91d32c39e7fe841f2d97f11e7Debian Linux Security Advisory 3410-1 - Multiple security issues have been found in Icedove, Debian's version of integer overflows, buffer overflows and other implementation errors may lead to the execution of arbitrary code or denial of service.
c4d03a712c3b367a9fc290b0a72f11c5be169a10a74c8653d379d55399f41c23Ubuntu Security Notice 2819-1 - Christian Holler, David Major, Jesse Ruderman, Tyson Smith, Boris Zbarsky, Randell Jesup, Olli Pettay, Karl Tomlinson, Jeff Walden, and Gary Kwong discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. Tyson Smith and David Keeler discovered a use-after-poison and buffer overflow in NSS. An attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. Various other issues were also addressed.
a311c779f9fd27a3a7bb5fd804f6f177902aee369fc6236ab5b3d629b731ef65Red Hat Security Advisory 2015-2068-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A use-after-poison flaw and a heap-based buffer overflow flaw were found in the way NSS parsed certain ASN.1 structures. An attacker could use these flaws to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library.
fe60a25cea587409eb3e69819ff10f018734fe33d7f5c69935f661f1071aa61dSlackware Security Advisory - New mozilla-nss packages are available for Slackware 14.0, 14.1, and -current to fix security issues.
9b0befe56f80c153f34a19aac88a216bf782f29de0d132c69ac59ecc057a73b1Debian Linux Security Advisory 3393-1 - Multiple security issues have been found in Iceweasel, Debian's version integer overflows, buffer overflows and other implementation errors may lead to the execution of arbitrary code, information disclosure or denial of service.
72e5c1890f7f8850f396383ff3d6fc35d3f3f513b99e26e855a9949cd694801aUbuntu Security Notice 2785-1 - Christian Holler, David Major, Jesse Ruderman, Tyson Smith, Boris Zbarsky, Randell Jesup, Olli Pettay, Karl Tomlinson, Jeff Walden, Gary Kwong, Andrew McCreight, Georg Fritzsche, and Carsten Book discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.
dbba07af115f849b37a270b8478366a007822e4f6fb2d26a2d111c4d90b83109Ubuntu Security Notice 2791-1 - Tyson Smith and David Keeler discovered that NSS incorrectly handled decoding certain ASN.1 data. An remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code.
048510c419c7f8a7894fe20fe051b1e0b56ac2b48d823b93cdb831c44e100f2aRed Hat Security Advisory 2015-1981-01 - Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A use-after-poison flaw and a heap-based buffer overflow flaw were found in the way NSS parsed certain ASN.1 structures. An attacker could use these flaws to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library.
f218558d94300f2eeece5fe28759616cde41313ce2bbebe7fd77469b034c87e4Red Hat Security Advisory 2015-1980-01 - Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A use-after-poison flaw and a heap-based buffer overflow flaw were found in the way NSS parsed certain ASN.1 structures. An attacker could use these flaws to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library.
8cfcb360352e3c75f30ec51f7bbd0be2d86035b626fb9ea84115b65545e233f8
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed