exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2013-5616

Status Candidate

Overview

Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners.

Related Files

Gentoo Linux Security Advisory 201504-01
Posted Apr 7, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201504-1 - Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, and SeaMonkey, the worst of which may allow user-assisted execution of arbitrary code. Versions less than 31.5.3 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2013-1741, CVE-2013-2566, CVE-2013-5590, CVE-2013-5591, CVE-2013-5592, CVE-2013-5593, CVE-2013-5595, CVE-2013-5596, CVE-2013-5597, CVE-2013-5598, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601, CVE-2013-5602, CVE-2013-5603, CVE-2013-5604, CVE-2013-5605, CVE-2013-5606, CVE-2013-5607, CVE-2013-5609, CVE-2013-5610, CVE-2013-5612, CVE-2013-5613, CVE-2013-5614, CVE-2013-5615, CVE-2013-5616, CVE-2013-5618, CVE-2013-5619
SHA-256 | 5799f785190a4af15c846f0050efac6e2cdd60ccce19b768508224bebe1b50bb
Red Hat Security Advisory 2013-1823-01
Posted Dec 12, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1823-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A flaw was found in the way Thunderbird rendered web content with missing character encoding information. An attacker could use this flaw to possibly bypass same-origin inheritance and perform cross site-scripting attacks.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2013-5609, CVE-2013-5612, CVE-2013-5613, CVE-2013-5614, CVE-2013-5616, CVE-2013-5618, CVE-2013-6671
SHA-256 | 4936eb4d9515b188a6ff8615a5c50dd5e077108e198ef10ffaf3a322a8dfbe7f
Ubuntu Security Notice USN-2053-1
Posted Dec 12, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2053-1 - Ben Turner, Bobby Holley, Jesse Ruderman and Christian Holler discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. Tyson Smith and Jesse Schwartzentruber discovered a use-after-free in event listeners. If a user had enabled scripting, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2013-5609, CVE-2013-5616, CVE-2013-5618, CVE-2013-6671, CVE-2013-6673, CVE-2013-5613, CVE-2013-5615, CVE-2013-5609, CVE-2013-5613, CVE-2013-5615, CVE-2013-5616, CVE-2013-5618, CVE-2013-6629, CVE-2013-6630, CVE-2013-6671, CVE-2013-6673
SHA-256 | 5159e7e7049d07c70b2c77d71de23572e9d141a50325c9e5342c445e96450dd1
Ubuntu Security Notice USN-2052-1
Posted Dec 12, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2052-1 - Ben Turner, Bobby Holley, Jesse Ruderman, Christian Holler and Christoph Diehl discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Myk Melez discovered that the doorhanger notification for web app installation could persist between page navigations. An attacker could potentially exploit this to conduct clickjacking attacks. Various other issues were also addressed.

tags | advisory, web, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2013-5611, CVE-2013-5612, CVE-2013-5614, CVE-2013-5616, CVE-2013-5618, CVE-2013-5619, CVE-2013-6671, CVE-2013-6672, CVE-2013-6673, CVE-2013-5613, CVE-2013-5615, CVE-2013-5609, CVE-2013-5610, CVE-2013-5611, CVE-2013-5612, CVE-2013-5613, CVE-2013-5614, CVE-2013-5615, CVE-2013-5616, CVE-2013-5618, CVE-2013-5619, CVE-2013-6629, CVE-2013-6630, CVE-2013-6671, CVE-2013-6672, CVE-2013-6673
SHA-256 | f5392ed2aec4c1a38337707139196b135dfb0210fd9d2c93db8ff4b5a38a983e
Red Hat Security Advisory 2013-1812-01
Posted Dec 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1812-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to terminate unexpectedly or, potentially, execute arbitrary code with the privileges of the user running Firefox. A flaw was found in the way Firefox rendered web content with missing character encoding information. An attacker could use this flaw to possibly bypass same-origin inheritance and perform cross-site scripting attacks.

tags | advisory, web, arbitrary, xss
systems | linux, redhat
advisories | CVE-2013-5609, CVE-2013-5612, CVE-2013-5613, CVE-2013-5614, CVE-2013-5616, CVE-2013-5618, CVE-2013-6671
SHA-256 | 040943e2a4cdfeb053110f692259e15bb3c72d087ba11c91c00263aeb9430f21
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close