Aggregator

A vulnerability, which was classified as critical, was found in Mozilla Firefox 41. This affects the function AddWeightedPathSegLists/SVGPathSegListSMILType::Interpolate. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2015-7199. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Mozilla Firefox 41 and classified as critical. This vulnerability affects unknown code of the component CryptoKey. The manipulation leads to code. This vulnerability was named CVE-2015-7200. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox 41 and classified as critical. This issue affects some unknown processing of the component Web Worker. The manipulation leads to improper access controls. The identification of this vulnerability is CVE-2015-7197. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Mozilla Firefox 42. This vulnerability affects unknown code. The manipulation leads to memory corruption. This vulnerability was named CVE-2015-7201. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox 42. It has been classified as critical. This affects the function mozilla::layers::BufferTextureClient::AllocateForSurface of the component Texture Handler. The manipulation leads to numeric error. This vulnerability is uniquely identified as CVE-2015-7212. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox 42. It has been classified as critical. Affected is an unknown function. The manipulation leads to numeric error (Underflow). This vulnerability is traded as CVE-2015-7205. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox 42 on 64-bit. It has been declared as critical. Affected by this vulnerability is the function MPEG4Extractor::readMetaData of the component MP4 Playback. The manipulation leads to numeric error. This vulnerability is known as CVE-2015-7213. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox 42. It has been rated as critical. Affected by this issue is the function Metadata::setData of the component libstagefright. The manipulation as part of MP4 File leads to numeric error. This vulnerability is handled as CVE-2015-7222. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Mozilla Firefox 42. This vulnerability affects unknown code of the component Data/View. The manipulation leads to information disclosure. This vulnerability was named CVE-2015-7214. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Mozilla Firefox up to 42. Affected is an unknown function of the component WebRTC. The manipulation leads to use after free. This vulnerability is traded as CVE-2015-7210. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Mozilla Network Security Services up to 3.20.1. This affects an unknown part of the component MD5 Handler. The manipulation leads to data processing error. This vulnerability is uniquely identified as CVE-2015-7575. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Oracle Java SE 6u105/7u91/8u66. Affected by this vulnerability is an unknown functionality of the component Security. The manipulation leads to data processing error. This vulnerability is known as CVE-2015-7575. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox 43. It has been rated as very critical. Affected by this issue is some unknown functionality. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2016-1930. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in IBM AIX 5.3/6.1/7.1/7.2. This affects an unknown part of the component TLS. The manipulation leads to data processing error. This vulnerability is uniquely identified as CVE-2015-7575. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

Authors/Presenters:Yifan Qiao, Zhenyuan Ruan, Haoran Ma, Adam Belay, Miryung Kim, Harry Xu

Our sincere thanks to USENIX, and the Presenters & Authors for publishing their superb 21st USENIX Symposium on Networked Systems Design and Implementation (NSDI '24) content, placing the organizations enduring commitment to Open Access front and center. Originating from the conference’s events situated at the Hyatt Regency Santa Clara; and via the organizations YouTube channel.

Permalink

The post USENIX NSDI ’24 – Harvesting Idle Memory for Application-managed Soft State with Midas appeared first on Security Boulevard.

A vulnerability, which was classified as problematic, has been found in Mozilla Firefox 41. This issue affects some unknown processing of the component Whitespace Handler. The manipulation leads to 7pk security features. The identification of this vulnerability is CVE-2015-7188. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Mozilla Firefox 41. Affected is the function JPEGEncoder. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2015-7189. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox 41. It has been declared as critical. This vulnerability affects unknown code of the component CORS Handler. The manipulation leads to 7pk security features. This vulnerability was named CVE-2015-7193. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.