Computer Security
[EN] no-pyccku

Mozilla Firefox / Thunderbird / Seamonkey multiple security vulonerabilities
updated since 10.02.2008
SecurityVulns ID:8648
Threat Level:
Description:Multiple memory corruptions, input focus stealing, code execution, stored information corruption, directory traversal, information leaks, dialog spoffing.
Affected:MOZILLA : Firefox 2.0
 MOZILLA : Thunderbird 2.0
 MOZILLA : SeaMonkey 1.1
CVE:CVE-2008-0594 (Mozilla Firefox before does not always display a web forgery warning dialog if the entire contents of a web page are in a DIV tag that uses absolute positioning, which makes it easier for remote attackers to conduct phishing attacks.)
 CVE-2008-0593 (Gecko-based browsers, including Mozilla Firefox before and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and read sensitive information from the original URL, such as with Single-Signon systems.)
 CVE-2008-0592 (Mozilla Firefox before and SeaMonkey before 1.1.8 allows user-assisted remote attackers to cause a denial of service via a plain .txt file with a "Content-Disposition: attachment" and an invalid "Content-Type: plain/text," which prevents Firefox from rendering future plain text files within the browser.)
 CVE-2008-0591 (Mozilla Firefox before and Thunderbird before allows user-assisted remote attackers to cause users to confirm a timer-enabled security dialog by using a timer to change the window focus.)
 CVE-2008-0418 (Directory traversal vulnerability in Mozilla Firefox before, Thunderbird before, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing session information from sessionstore.js.)
 CVE-2008-0414 (Mozilla Firefox before and SeaMonkey before 1.1.8 allows user-assisted remote attackers to trick the user into uploading arbitrary files via label tags that shift focus to a file input field, aka "focus spoofing.")
 CVE-2008-0412 (The browser engine in Mozilla Firefox before, Thunderbird before, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to the (1) nsTableFrame::GetFrameAtOrBefore, (2) nsAccessibilityService::GetAccessible, (3) nsBindingManager::GetNestedInsertionPoint, (4) nsXBLPrototypeBinding::AttributeChanged, (5) nsColumnSetFrame::GetContentInsertionFrame, and (6) nsLineLayout::TrimTrailingWhiteSpaceIn methods, and other vectors.)
Original documentdocumentcarl hardwick, [Full-disclosure] Firefox information leak vulnerability (11.02.2008)
 documentMOZILLA, Mozilla Foundation Security Advisory 2008-11 (10.02.2008)
 documentMOZILLA, Mozilla Foundation Security Advisory 2008-10 (10.02.2008)
 documentMOZILLA, Mozilla Foundation Security Advisory 2008-09 (10.02.2008)
 documentMOZILLA, Mozilla Foundation Security Advisory 2008-08 (10.02.2008)
 documentMOZILLA, Mozilla Foundation Security Advisory 2008-06 (10.02.2008)
 documentMOZILLA, Mozilla Foundation Security Advisory 2008-05 (10.02.2008)
 documentMOZILLA, Mozilla Foundation Security Advisory 2008-04 (10.02.2008)
 documentMOZILLA, Mozilla Foundation Security Advisory 2008-03 (10.02.2008)
 documentMOZILLA, Mozilla Foundation Security Advisory 2008-02 (10.02.2008)
 documentMOZILLA, Mozilla Foundation Security Advisory 2008-01 (10.02.2008)
Files:Firefox information leak vulnerability PoC

Linux kernel multiple security vulnerabilities
updated since 11.02.2008
SecurityVulns ID:8659
Threat Level:
Description:Kernel memory access with vmsplice syscall, access between virtual machines with /proc
Affected:LINUX : kernel 2.6
CVE:CVE-2008-0600 (The vmsplice_to_pipe function in Linux kernel 2.6.17 through does not validate a certain userspace pointer before dereference, which allows local users to gain root privileges via crafted arguments in a vmsplice system call, a different vulnerability than CVE-2008-0009 and CVE-2008-0010.)
Original documentdocumentWojciech Purczynski, CSA-L03: Linux kernel vmsplice unchecked user-pointer dereference (12.02.2008)
 documentDEBIAN, [Full-disclosure] [SECURITY] [DSA 1494-1] New linux-2.6 packages fix privilege escalation (11.02.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod