CVE-2010-3767: Integer overflow in the NewIdArray function in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to…

CVE-2010-3776 [CRITICAL] Firefox and Xulrunner vulnerabilities Title: Firefox and Xulrunner vulnerabilities Summary: Firefox could be made to crash or run programs as your login if it opened a specially crafted website. Jesse Ruderman, Andreas Gal, Nils, Brian Hackett, and Igor Bukanov discovered several memory issues in the browser engine. An attacker could exploit these to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-3776, CVE-2010-3777, CVE-2010-3778) It was discovered that Firefox did not properly verify the about:blank location elements when it was opened via window.open(). An attacker could exploit this to run arbitrary code with chrome privileges. (CVE-2010-3771) It was discovered that Firefox did not properly handle elements when processing a XUL tree. If a user were tricked into opening a ma

CVE-2010-3767 [CRITICAL] CWE-190 Mozilla integer overflow vulnerability in NewIdArray (MFSA 2010-81) Mozilla integer overflow vulnerability in NewIdArray (MFSA 2010-81) Integer overflow in the NewIdArray function in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via a JavaScript array with many elements. Package: firefox (Red Hat Enterprise Linux Extended Update Support 4.8) - Affected Package: firefox (Red Hat Enterprise Linux Extended Update Support 5.5) - Affected Package: firefox (Red Hat Enterprise Linux Extended Update Support 6.0) - Affected

CVE-2009-3767 [MEDIUM] OpenLDAP: Doesn't properly handle NULL character in subject Common Name OpenLDAP: Doesn't properly handle NULL character in subject Common Name libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. Statement: This issue was addressed in the openldap packages as shipped with Red Hat Enterprise Linux 5 and 4 via: https://rhn.redhat.com/errata/RHSA-2010-0198.html and https://rhn.redhat.com/errata/RHSA-2010-0543.html respectively. The Red Hat Security Response Team has rated this issue as having moderate security imp

CVE-2010-3767 [HIGH] GHSA-g65j-65qf-2mcj: Integer overflow in the NewIdArray function in Mozilla Firefox before 3 Integer overflow in the NewIdArray function in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via a JavaScript array with many elements.

CVE-2010-3767 [CRITICAL] CVE-2010-3767 Mozilla integer overflow vulnerability in NewIdArray (MFSA 2010-81) CVE-2010-3767 Mozilla integer overflow vulnerability in NewIdArray (MFSA 2010-81) Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that JavaScript arrays were vulnerable to an integer overflow vulnerability. The report demonstrated that an array could be constructed containing a very large number of items such that when memory was allocated to store the array items, the integer value used to calculate the buffer size would overflow resulting in too small a buffer being allocated. Subsequent use of the array object could then result in data being written past the end of the buffer and causing memory corruption. Discussion: This is now public: http://www.mozilla.org/security/announce/2010/mfsa2010-81.html --- This issue has been addressed in following prod