Opera JPEG Processing Heap Corruption Vulnerabilities

Opera is vulnerable in parsing the JPEG file format. Discovered were four vulnerabilities, each in different segments of the file format. posidron will describe in this advisory the two important ones. 1 – ntdll.RtlAllocateHeap() DHT vulnerability2 – ntdll.RtlAllocateHeap() SOS vulnerability Opera Mini for mobile phones could be vulnerable also. The second bug looks very interesting to this topic. Vulnerable Systems: * Opera version 9.01 Build 8552 DetailsThe following code produces the sample image on which all further operations are made. It’s a valid image which was generated with Adobe Photoshop. Credit:The information has been provided by posidron.The original article can be … Continue reading Opera JPEG Processing Heap Corruption Vulnerabilities

Opera Browser patched in secret

Opera patched two remote code execution holes secretly as per Heise Security. Changelog for v9.10 did not mention the said security patch. Details at http://www.heise-security.co.uk/news/83279

Internet Explorer MSXML3 Race Condition Memory Corruption Vulnerability

Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability because of a race condition that may cause a NULL-pointer dereference, read or write operations to invalid addresses, or other memory-corruption issues. Attackers may likely exploit this issue to execute arbitrary machine code in the context of the vulnerable application, but this has not been confirmed. Failed exploit attempts will likely crash the application. Affected version is the v6 SP2 and earlier of Internet Explorer.  More at http://www.securityfocus.com/bid/21872/discuss

Mozilla Foundation Security Advisories (Dec. 19, 2006)

MFSA 2006-76 XSS using outer window’s Function objectMFSA 2006-75 RSS Feed-preview referrer leakMFSA 2006-74 Mail header processing heap overflowsMFSA 2006-73 Mozilla SVG Processing Remote Code ExecutionMFSA 2006-72 XSS by setting img.src to javascript: URIMFSA 2006-71 LiveConnect crash finalizing JS objectsMFSA 2006-70 Privilege escallation using watch pointMFSA 2006-69 CSS cursor image buffer overflow (Windows only)MFSA 2006-68 Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1)Details on the above advisories at:http://www.mozilla.org/security/announce/ Security Alerts & Announcements:http://www.mozilla.org/security/ Security Update (December 19, 2006): Security updates have been issued for Firefox and Thunderbird that fix critical security vulnerabilities. All users should install these udpates as soon as possible. … Continue reading Mozilla Foundation Security Advisories (Dec. 19, 2006)

Opera released v9.10 of Opera Browser by adding Phishing filter (fraud protection) and other fixes/improvements

If you are using Opera browser, get the latest version 9.10 which is available now.  One of the new security enhancement is by adding a Fraud Protection (aka Phishing filter).  See Opera’s Fraud Protection in action by viewing the demo at http://portal.opera.com/startup/?tip=fraud You can download it from http://www.opera.com/download/ or check for updates from the browser which will direct you to the same download link http://www.opera.com/download/. The complete change log is in http://www.opera.com/docs/changelogs/  Changelog for Opera 9.10 for Windows User interfaceFixed handling of access keys on Web pages with frames. Mail, messaging, and newsfeedsFixed an instability connected with delayed entry of the … Continue reading Opera released v9.10 of Opera Browser by adding Phishing filter (fraud protection) and other fixes/improvements

Firefox 2.0 delayed by bug outbreak

The new version of open-source browser Firefox has been delayed for a month. Version 2.0, codenamed Bon Echo, had been due on 26 September but will now make its debut on 24 October. The test schedule has also been adjusted, with the second beta now appearing a week late on 23 August. The delay has been put down to a small hill of bugs that still have to be ironed out, totalling 87, according to the project’s latest bug list. The new version will have a raft of new features to keep up with those coming in rivals Opera and … Continue reading Firefox 2.0 delayed by bug outbreak

Mozilla Firefox XML Handler Race Condition Memory Corruption Vulnerability

Mozilla Firefox is prone to a remote memory-corruption vulnerability because of a race condition that may result in double-free or other memory-corruption issues. Attackers may likely exploit this issue to execute arbitrary machine code in the context of the vulnerable application, but this has not been confirmed. Failed exploit attempts will likely crash the application. Mozilla Firefox is vulnerable to this issue. Due to code-reuse, other Mozilla products are also likely affected. It has been reported that the Flock web browser version 0.7.4.1 and the K-Meleon web browser version 1.0.1 are also vulnerable. Vulnerable:  Mozilla Firefox 1.5 beta 2Mozilla Firefox … Continue reading Mozilla Firefox XML Handler Race Condition Memory Corruption Vulnerability

OneStat.com reported "Most Popular browsers by Country"

Global usage share Mozilla Firefox has increased according to OneStat.com OneStat.com reported that Mozilla Firefox’s browsers have a total global usage share of 12.93 percent.  The total usage share of Mozilla Firefox increased 1.14 percent since May 2006. The total global usage share of Internet Explorer is 83.05 percent which is 2.12 percent less than at the of May. View the stats by country at http://www.onestat.com/html/aboutus_pressbox44-mozilla-firefox-has-slightly-increased.html via Calendar of Updates

IE 7 can be reset finally

The IE team blogged today that Internet Explorer 7 in Windows XP and Vista can be reset if the browser become unstable due to badly written add-ons or side-effect of malware infection.  They wrote… “We have heard from users on their need to recover Internet Explorer to a workable state if it reaches an unusable state due to spurious add-ons, incompatible browser extensions, spyware or malware. Reset Internet Explorer Settings (RIES) provides a one-button solution to get Internet Explorer settings to its workable state. Internet Explorer 7 for Windows XP and 7+ in Windows Vista have many security enhancements which make … Continue reading IE 7 can be reset finally