SUSE CVE-2016-5256

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...

Chrome Universal XSS using widget updates in ContainerNode::parserRemoveChild (CVE-2016-1630)

VULNERABILITY DETAILS There are 3 methods where ContainerNode::removeBetween is invoked: 1. ContainerNode::removeChild 2. ContainerNode::parserRemoveChild 3. ContainerNode::removeChildren The calls in 1 and 3 are within the scope of HTMLFrameOwnerElement::UpdateSuspendScope, but 2 is unprotected...

Mozilla Firefox Security Advisories (MFSA2016-91, MFSA2016-91) - Mac OS X

Mozilla Firefox is prone to an URL redirection vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

Mozilla Firefox Security Advisories (MFSA2016-91, MFSA2016-91) - Windows

Mozilla Firefox is prone to an URL redirection vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

Nextcloud: xss on demo.nextcloud.com due to outdated version

Hello. I found the possibility of introducing "html-tag" and of xss attack in the form of adding comments. Details video. Payload: Browser: Firefox 49.0 OS: Ubuntu 16.04...

Mozilla: Memory safety bugs fixed in Firefox ESR 45.4 (MFSA 2016-85, MFSA 2016-86)

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4 and Thunderbird 45.4 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...

openSUSE Security Update : MozillaFirefox / mozilla-nss (openSUSE-2016-1128)

MozillaFirefox was updated to version 49.0 boo999701 - New features - Updated Firefox Login Manager to allow HTTPS pages to use saved HTTP logins. - Added features to Reader Mode that make it easier on the eyes and the ears - Improved video performance for users on systems that support SSE3 witho...

Security update for MozillaFirefox, mozilla-nss (important)

MozillaFirefox was updated to version 49.0 boo999701 - New features Updated Firefox Login Manager to allow HTTPS pages to use saved HTTP logins. Added features to Reader Mode that make it easier on the eyes and the ears Improved video performance for users on systems that support SSE3 without...

Security update for MozillaFirefox, mozilla-nss (important)

This update for MozillaFirefox and mozilla-nss fixes the following issues: MozillaFirefox was updated to version 49.0 boo999701 - New features Updated Firefox Login Manager to allow HTTPS pages to use saved HTTP logins. Added features to Reader Mode that make it easier on the eyes and the ears...

CVE-2016-5271

The PropertyProvider::GetSpacingInternal function in Mozilla Firefox before 49.0 allows remote attackers to cause a denial of service out-of-bounds read and application crash via text runs in conjunction with a "display: contents" Cascading Style Sheets CSS property...

[ASA-201609-22] firefox: multiple issues

Arch Linux Security Advisory ASA-201609-22 ========================================== Severity: Critical Date : 2016-09-22 CVE-ID : CVE-2016-5256 CVE-2016-5257 CVE-2016-5270 CVE-2016-5271 CVE-2016-5272 CVE-2016-5273 CVE-2016-5274 CVE-2016-5275 CVE-2016-5276 CVE-2016-5277 CVE-2016-5278 CVE-2016-52...

Mozilla: use-after-free in nsFrameManager::CaptureFrameState (MFSA 2016-85, MFSA 2016-86)

Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between restyling and the Web Animations model...

Mozilla: Memory safety bugs fixed in Firefox ESR 45.4 (MFSA 2016-85, MFSA 2016-86)

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4 and Thunderbird 45.4 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...