Debian Lenny: DSA-2106-1 Moderate: Xulrunner Remote Threats
debian
September 8, 2010
Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications
Topics Covered
Summary
Several remote vulnerabilities have been discovered in Xulrunner, a
runtime environment for XUL applications. The Common Vulnerabilities
and Exposures project identifies the following problems:
- - Implementation errors in XUL processing allow the execution of
arbitrary code (CVE-2010-2760, CVE-2010-3167, CVE-2010-3168)
- - An implementation error in the XPCSafeJSObjectWrapper wrapper allows
the bypass of the same origin policy (CVE-2010-2763)
- - An integer overflow in frame handling allows the execution of
arbitrary code (CVE-2010-2765)
- - An implementation error in DOM handling allows the execution of
arbitrary code (CVE-2010-2766)
- - Incorrect pointer handling in the plugin code allow the execution of
arbitrary code (CVE-2010-2767)
- - Incorrect handling of an object tag may lead to the bypass of cross
site scripting filters (CVE-2010-2768)
- - Incorrect copy and paste handling could lead to cross site scripting
(CVE-2010-2769)
- - Crashes in the layout engine may lead to the exe...
PREVIOUS
NEXT
Package: xulrunner
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!