|
|
Subscribe / Log in / New account

mozilla: multiple vulnerabilities

Package(s):iceweasel firefox thunderbird seamonkey CVE #(s):CVE-2015-0817 CVE-2015-0818
Created:March 23, 2015 Updated:April 1, 2015
Description: From the Debian advisory:

CVE-2015-0817: ilxu1a reported a flaw in Mozilla's implementation of typed array bounds checking in JavaScript just-in-time compilation (JIT) and its management of bounds checking for heap access. This flaw can be leveraged into the reading and writing of memory allowing for arbitrary code execution on the local system.

CVE-2015-0818: Mariusz Mlynski discovered a method to run arbitrary scripts in a privileged context. This bypassed the same-origin policy protections by using a flaw in the processing of SVG format content navigation.

Alerts:
Slackware SSA:2015-274-03 seamonkey 2015-10-01
Mageia MGASA-2015-0342 iceape 2015-09-08
Gentoo 201504-01 firefox 2015-04-07
Mageia MGASA-2015-0126 iceape 2015-04-03
CentOS CESA-2015:0718 firefox 2015-04-01
SUSE SUSE-SU-2015:0630-1 firefox 2015-03-30
openSUSE openSUSE-SU-2015:0636-1 seamonkey 2015-03-30
SUSE SUSE-SU-2015:0593-2 MozillaFirefox 2015-03-28
Arch Linux ASA-201503-21 firefox 2015-03-21
Scientific Linux SLSA-2015:0718-1 firefox 2015-03-25
Oracle ELSA-2015-0718 firefox 2015-03-25
openSUSE openSUSE-SU-2015:0607-1 firefox 2015-03-26
CentOS CESA-2015:0718 firefox 2015-03-25
CentOS CESA-2015:0718 firefox 2015-03-25
SUSE SUSE-SU-2015:0593-1 firefox 2015-03-25
Oracle ELSA-2015-0718 firefox 2015-03-24
Oracle ELSA-2015-0718 firefox 2015-03-24
Mageia MGASA-2015-0115 firefox 2015-03-24
Red Hat RHSA-2015:0718-01 firefox 2015-03-24
Ubuntu USN-2538-1 firefox 2015-03-22
openSUSE openSUSE-SU-2015:0567-1 firefox 2015-03-22
Debian DSA-3201-1 iceweasel 2015-03-22
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds