BugTraq Latest Security Advisories

Syndicate content
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
Updated: 31 min 16 sec ago

two browser mem disclosure bugs (CVE-2014-1580 and CVE-something-or-other)

October 15, 2014 - 8:00am

Posted by Michal Zalewski on Oct 15

First of all, CVE-2014-1580 (MSFA 2014-78) is a bug that caused
Firefox prior to version 33 (released today) to leak bits of
uninitialized memory when rendering certain types of truncated images
onto <canvas>.

Mozilla's advisory is here:
https://www.mozilla.org/security/announce/2014/mfsa2014-78.html

Bug is here:
https://bugzilla.mozilla.org/show_bug.cgi?id=1063733

PoC is here:
http://lcamtuf.coredump.cx/ffgif2/

Secondly, MSRC case...
Categories:

LiveZilla 5.3.0.7 Security Issue

October 15, 2014 - 7:52am

Posted by sourav . infosec on Oct 15

I had reported few xss issues on LiveZilla 5.3.0.7 . They fixed it properly and informed me. Now latest build is
5.3.0.8 / 2014-09-25.

http://changelog.livezilla.net/

Can you help me regarding CVE. I can send you the vulnerability details.
Categories: