Aggregator

Plus a few interesting changes in the CVEs we track, and some notes on just what kinds of malware stagers we see.

Plus a few interesting changes in the CVEs we track, and some notes on just what kinds of malware stagers we see.

A vulnerability, which was classified as problematic, was found in Mozilla Firefox. Affected is an unknown function. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2012-1966. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox and classified as critical. Affected by this issue is some unknown functionality of the component about:certerror. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2012-1964. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2012-1965. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox. It has been declared as critical. This vulnerability affects unknown code of the component JavaScript SandBox Utility. The manipulation as part of javascript: URL leads to memory corruption. This vulnerability was named CVE-2012-1967. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as very critical was found in Mozilla Firefox and Thunderbird 14. This vulnerability affects the function nsHTMLEditor::CollapseAdjacentTextNodes. The manipulation leads to improper resource management. This vulnerability was named CVE-2012-1972. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as very critical, has been found in Mozilla Firefox and Thunderbird 14. This issue affects the function nsObjectLoadingContent::LoadObject. The manipulation leads to improper resource management. The identification of this vulnerability is CVE-2012-1973. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Mozilla Firefox and Thunderbird 14 and classified as very critical. Affected by this vulnerability is an unknown functionality of the component Browser Engine. The manipulation leads to memory corruption. This vulnerability is known as CVE-2012-1970. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox and Thunderbird 14 and classified as very critical. Affected by this issue is the function gfxTextRun::CanBreakLineBefore. The manipulation leads to improper resource management. This vulnerability is handled as CVE-2012-1974. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox and Thunderbird 14. It has been classified as very critical. This affects the function PressShell::CompleteMove. The manipulation leads to improper resource management. This vulnerability is uniquely identified as CVE-2012-1975. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox and Thunderbird 14. It has been declared as very critical. This vulnerability affects the function nsHTMLSelectElement::SubmitNamesValues. The manipulation leads to improper resource management. This vulnerability was named CVE-2012-1976. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox and Thunderbird 14. It has been rated as very critical. This issue affects the function MediaSteamGraphThreadRunnable::Run. The manipulation leads to improper resource management. The identification of this vulnerability is CVE-2012-3956. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.