Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65.

Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65.

Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65.

Mozilla developers and community members reported memory safety bugs p ...

Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65.

Уязвимость веб-браузеров Firefox, Firefox ESR и программы для работы с электронной почтой Thunderbird, связанная с переполнением буфера в памяти, позволяющая нарушителю выполнить произвольный код

Уязвимость веб-браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, вызванная выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код

libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file.

libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file.

libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file.

libical 1.0 allows remote attackers to cause a denial of service (use- ...

An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. This authentication is insufficient for channels created after the IPC process is started, leading to the authentication not being correctly applied to later channels. This could allow for a sandbox escape through IPC channels due to lack of message validation in the listener process. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65.

An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. This authentication is insufficient for channels created after the IPC process is started, leading to the authentication not being correctly applied to later channels. This could allow for a sandbox escape through IPC channels due to lack of message validation in the listener process. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65.

An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. This authentication is insufficient for channels created after the IPC process is started, leading to the authentication not being correctly applied to later channels. This could allow for a sandbox escape through IPC channels due to lack of message validation in the listener process. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65.

An earlier fix for an Inter-process Communication (IPC) vulnerability, ...

libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file.

Уязвимость почтового клиента Thunderbird, связаная с использованием памяти после освобождения, позволяющая нарушителю вызвать отказ в обслуживании

An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. This authentication is insufficient for channels created after the IPC process is started, leading to the authentication not being correctly applied to later channels. This could allow for a sandbox escape through IPC channels due to lack of message validation in the listener process. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65.

Уязвимость веб-браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная с ошибками реализации механизма аутентификации межпроцессного взаимодействия (IPC), позволяющая нарушителю повысить свои привилегии и выйти из изолированной программной среды

Security update for libical