797 matches found
Design/Logic Flaw
Unspecified vulnerability in Websense TRITON AP-EMAIL before 8.0.0 has unknown impact and attack vectors, related to "Autocomplete Enabled."...
CVE-2015-2767
Unspecified vulnerability in Websense TRITON AP-EMAIL before 8.0.0 has unknown impact and attack vectors, related to "Autocomplete Enabled."...
CVE-2015-2767
CVE-2015-2767 is an unspecified vulnerability affecting Websense TRITON AP-EMAIL, specifically in versions earlier than 8.0.0, linked to the Autocomplete feature. Public CNVD/NVD records describe an information exposure risk without explicit impact details; one CNVD entry notes that attackers cou...
thunderbird security update
CentOS Errata and Security Advisory CESA-2015:0642 An updated thunderbird package that fixes multiple security issues is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base...
SA-CONTRIB-2015-079 - Chaos tool suite (ctools) - Multiple vulnerabilities
This module provides a set of APIs and tools to improve the developer experience. Access bypass in autocomplete Drupal 7 only Among other many other things, CTools provides an autocomplete callback for finding entities by their titles or ID. In CTools version 1.5, additional checks were created t...
Security update for MozillaThunderbird (important)
MozillaThunderbird was updated to version 31.5.0 to fix four security issues. These security issues were fixed: - CVE-2015-0836: Miscellaneous memory safety hazards - CVE-2015-0831: Use-after-free in IndexedDB - CVE-2015-0827: Out-of-bounds read and write while rendering SVG content -...
Mozilla: Reading of local files through manipulation of form autocomplete (MFSA 2015-24)
An information leak flaw was found in the way Firefox implemented autocomplete forms. An attacker able to trick a user into specifying a local file in the form could use this flaw to access the contents of that file...
Mozilla: Reading of local files through manipulation of form autocomplete (MFSA 2015-24)
An information leak flaw was found in the way Firefox implemented autocomplete forms. An attacker able to trick a user into specifying a local file in the form could use this flaw to access the contents of that file...
Critical: Red Hat Security Advisory: firefox security update
Updated firefox packages that fix multiple security issues are now available for the little-endian 64-bit PowerPC platform architecture ppc64le on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVS...
Ubuntu: Security Advisory (USN-2506-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mozilla Firefox ESR Multiple Vulnerabilities-01 (Mar 2015) - Windows
Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...
FreeBSD : mozilla -- multiple vulnerabilities (99029172-8253-407d-9d8b-2cfeab9abf81)
The Mozilla Project reports : MFSA-2015-11 Miscellaneous memory safety hazards rv:36.0 / rv:31.5 MFSA-2015-12 Invoking Mozilla updater will load locally stored DLL files MFSA-2015-13 Appended period to hostnames can bypass HPKP and HSTS protections MFSA-2015-14 Malicious WebGL content crash when...
Updated firefox and thunderbird packages fix security vulnerabilities
Updated firefox and thunderbird packages fix security vulnerabilities: Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox or Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user...
CentOS Update for thunderbird CESA-2015:0266 centos5
Check the version of thunderbird SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882127";...
Scientific Linux Security Update : firefox on SL5.x, SL6.x, SL7.x i386/x86_64 (20150225)
Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2015-0836, CVE-2015-0831, CVE-2015-0827 An information leak flaw w...
Scientific Linux Security Update : thunderbird on SL5.x, SL6.x i386/x86_64 (20150225)
Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. CVE-2015-0836, CVE-2015-0831, CVE-2015-0827 An information lea...
USN-2505-1 firefox vulnerabilities
Matthew Noorenberghe discovered that Mozilla domains in the allowlist could make UITour API calls from background tabs. If one of these domains were compromised and open in a background tab, an attacker could potentially exploit this to conduct clickjacking attacks. CVE-2015-0819 Jan de Mooij...
Mozilla: Reading of local files through manipulation of form autocomplete (MFSA 2015-24)
An information leak flaw was found in the way Firefox implemented autocomplete forms. An attacker able to trick a user into specifying a local file in the form could use this flaw to access the contents of that file...
Firefox ESR 31.x < 31.5 Multiple Vulnerabilities (Mac OS X)
The version of Firefox ESR 31.x installed on the remote Mac OS X host is prior to 31.5. It is, therefore, affected by the following vulnerabilities : - An information disclosure vulnerability exists related to the autocomplete feature that allows an attacker to read arbitrary files. CVE-2015-0822...
thunderbird: multiple issues
CVE-2015-0822 information leak: Security researcher Armin Razmdjou reported that a user readable file in a known local path could be uploaded to a malicious site. This was done by manipulating the autocomplete feature in a form and user interaction with it. While the local file is not visibly...