https://bugzilla.novell.com/show_bug.cgi?id=363574 User lmichnovic@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=363574#c1 Ladislav Michnovič changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED --- Comment #1 from Ladislav Michnovič 2008-02-21 04:23:25 MST --- Working on updates. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=363574 User thomas@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=363574#c4 --- Comment #4 from Thomas Biege 2008-02-26 05:07:22 MST --- CVE-2008-0420 modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 does not properly perform certain calculations related to the mColors table, which allows remote attackers to read portions of memory uninitialized via a crafted 8-bit bitmap (BMP) file that triggers an out-of-bounds read within the heap, as demonstrated using a CANVAS element; or cause a denial of service (application crash) via a crafted 8-bit bitmap file that triggers an out-of-bounds read. NOTE: the initial public reports stated that this affected Firefox in Ubuntu 6.06 through 7.10. CVE-2007-6524 Opera before 9.25 allows remote attackers to obtain potentially sensitive memory contents via a crafted bitmap (BMP) file, as demonstrated using a CANVAS element and JavaScript in an HTML document for copying these contents from 9.50 beta, a related issue to CVE-2008-0420. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=363574 User thomas@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=363574#c6 --- Comment #6 from Thomas Biege 2008-02-28 23:27:04 MST --- Name: CVE-2008-1080 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1080 Reference: CONFIRM:http://www.opera.com/docs/changelogs/linux/926/ Reference: CONFIRM:http://www.opera.com/support/search/view/877/ Reference: FRSIRT:ADV-2008-0622 Reference: URL:http://www.frsirt.com/english/advisories/2008/0622 Reference: SECUNIA:29029 Reference: URL:http://secunia.com/advisories/29029 Opera before 9.26 allows user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename into a file input. ====================================================== Name: CVE-2008-1081 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1081 Reference: CONFIRM:http://www.opera.com/docs/changelogs/linux/926/ Reference: CONFIRM:http://www.opera.com/support/search/view/879/ Reference: FRSIRT:ADV-2008-0622 Reference: URL:http://www.frsirt.com/english/advisories/2008/0622 Reference: SECUNIA:29029 Reference: URL:http://secunia.com/advisories/29029 Opera before 9.26 allows user-assisted remote attackers to execute arbitrary script via images that contain custom comments, which are treated as script when the user displays the image properties. ====================================================== Name: CVE-2008-1082 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1082 Reference: CONFIRM:http://www.opera.com/docs/changelogs/linux/926/ Reference: CONFIRM:http://www.opera.com/support/search/view/880/ Reference: FRSIRT:ADV-2008-0622 Reference: URL:http://www.frsirt.com/english/advisories/2008/0622 Reference: SECUNIA:29029 Reference: URL:http://secunia.com/advisories/29029 Opera before 9.26 allows remote attackers to "bypass sanitization filters" and conduct cross-site scripting (XSS) attacks via crafted attribute values in an XML document, which are not properly handled during DOM presentation. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.