The JSSubScriptLoader in Mozilla Firefox before 3.6.24 and Thunderbird before 3.1.6 mishandles XPCNativeWrappers during calls to the loadSubScript method, allowing remote attackers to gain privileges via a crafted web site
Reporter | Title | Published | Views | Family All 125 |
---|---|---|---|---|
![]() | Design/Logic Flaw | 9 Nov 201111:55 | – | prion |
![]() | Design/Logic Flaw | 29 Sep 201100:55 | – | prion |
![]() | CVE-2011-3647 | 9 Nov 201111:00 | – | cvelist |
![]() | CVE-2011-3004 | 29 Sep 201100:00 | – | cvelist |
![]() | CVE-2011-3647 | 9 Nov 201111:55 | – | nvd |
![]() | CVE-2011-3004 | 29 Sep 201100:55 | – | nvd |
![]() | loadSubScript unwraps XPCNativeWrapper scope parameter (1.9.2 branch) — Mozilla | 8 Nov 201100:00 | – | mozilla |
![]() | loadSubScript unwraps XPCNativeWrapper scope parameter — Mozilla | 27 Sep 201100:00 | – | mozilla |
![]() | Privilege Escalation | 10 Apr 202001:06 | – | veracode |
![]() | Mozilla Products Privilege Escalation Vulnerability (MFSA2011-46) - Mac OS X | 14 Nov 201100:00 | – | openvas |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo