DELTA 370938 0 32095 SVN† † :¯™’®S …Þ6ÀN9 libxul 2014-10-16

MFSA 2014-49 Use-after-free and out of bounds issues found using Address Sanitizer

MFSA 201ŒÀ† † }€|†Ÿ|cvename>CVE-2014-1487 CVE-2014-1488 CVE-2014-1489

RT Ÿ † †   ^Â@ž†Ÿ

A Bugzilla Security Advis¥À† † }€|†Ÿ|y. Specially crafted requests may trick Opera into thinking that the target site has given permission when it had«à† † }€|†Ÿ| name, it was possible to produce a XSS : 1) On the Database Structure page, creating a new table with a crafted n²€† † n€mƒ©t†{ me> CVE-2011-3097 CVE-2011-3099 CVE-2011-3100¸ † † }€|†Ÿ|ault error response for status code 400. This flaw could be used by an attacker to expose "httpOnly" cookies when¾À† † }€|†Ÿ|django 1.31.3.1 1.21.2.7 <Äà† † }€|†Ÿ| CVE-2011-0997 107886 2011-04-05<Ë€† † }€|†Ÿ|ion install via a browser dialog. Credit to Sergey Glazunov.
[83841] Low CVE-2011-2784: Local file path disÑ † † }€|†Ÿ|erified before being used to include files. This can be exploited to includes arbitrary files from local resources×À† † }€|†Ÿ|including 3.1.7.1 can be brought down and probably exploited.

cscope -- multiple buffer overflows 䀆 † }€|†Ÿ|ject and execute arbitrary shell commands.

Input passed via the name and content of files to the "Indexed Seaê † † }€|†Ÿ|">

Heap-based buffer overflow in the decodeMP4file function (frontend/main.c) in FAAD2 2.6.1 and earlier allows rðÀ† † }€|†Ÿ|a. Because spamdyke is controlling relaying, the RELAYCLIENT environment variable is set and qmail won't check foöà† † }€|†Ÿ| CVE-2007-6036 http://aluigi.altervista.org/adv/live555xý€† †  D €C_ƒ½†ž^&Crtain security restrictions or cause a DoS (Denial of Service)ƒ † † }€|†Ÿ|n attacker has to have the ability to post content on the site. He or she would then be able to poison the page ca‰À† † }€|†Ÿ|.html?artnum=304357 2006-09-08 2006-09-14

An attacker may be able to construc–€† † }€|†Ÿ|il.info/fetchmail-SA-2006-01.txt http://bugs.debian.org/348747 14620 CVE-2005-2491 http://www.pcre.org/changelog.txt ruby -- arbitrary c¨à† †  ` €_‡q†žu_> CVE-2005-0966 http://gaim.sourceforge.net/security/?id=14¯€† † }€|†Ÿ| opera -- multiple vulnerabilities in Java implemeµ † † }€|†Ÿ|s IMAP code adds new entries to this array this is done with the help of the postfix increment operator in combination »À† †  l €kJ†<†žK9kred statements API (libmysqlclient) when a statement containing thousands of placeholders is executedÁà† † }€|†Ÿ|541 http://www.osvdb.org/6791 http://secunia.com/advisories/11804 105È€ŸS O}€|ŸS| from IP spoofing.

CVE-2005-1519