Debian DSA-2064-1 Critical: Xulrunner Remote Code Execution
debian
June 27, 2010
Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications
Topics Covered
Summary
Several remote vulnerabilities have been discovered in Xulrunner, a
runtime environment for XUL applications. The Common Vulnerabilities
and Exposures project identifies the following problems:
CVE-2010-0183
"wushi" discovered that incorrect pointer handling in the frame
processing code could lead to the execution of arbitrary code.
CVE-2010-1196
"Nils" discovered that an integer overflow in DOM node parsing could
lead to the execution of arbitrary code.
CVE-2010-1197
Ilja von Sprundel discovered that incorrect parsing of
Content-Disposition headers could lead to cross-site scripting.
CVE-2010-1198
Microsoft engineers discovered that incorrect memory handling in the
interaction of browser plugins could lead to the execution of
arbitrary code.
CVE-2010-1199
Martin Barbella discovered that an integer overflow in XSLT node
parsing could lead to the execution of arbitrary code.
CVE-2010-1200
Olli Pettay, Martijn Wargers, Justin Lebar, Jesse Ruderman, Ben
...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: xulrunner
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!