SUSE CVE-2014-8636

The XrayWrapper implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly interact with a DOM object that has a named getter, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via unspecified vectors...

Mageia: Security Advisory (MGASA-2015-0028)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2015:0180-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2015:0173-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2015:0171-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory for Mozilla (SUSE-SU-2015:0173-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory for Mozilla (SUSE-SU-2015:0180-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2015:0077-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Firefox Proxy Prototype Remote Code Execution (CVE-2014-8636)

A remote code execution vulnerability has been detected in Mozilla Firefox. A remote attacker may exploit this vulnerability by enticing users to open a specially crafted web-page. Successful exploitation would allow an attacker to execute arbitrary code in the user's security context...

CVE-2014-8636

creationtimestamp| type| source ---|---|--- 2015-03-24 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/36480 2015-10-15 22:07:39+00:00| seen| MISP/56201e1d-f4dc-4ddd-8049-4f2e950d210b 2018-05-29 15:50:33+00:00| seen|...

Firefox Proxy Prototype Privileged Javascript Injection

This exploit gains remote code execution on Firefox 31-34 by abusing a bug in the XPConnect component and gaining a reference to the privileged chrome:// window. This exploit requires the user to click anywhere on the page to trigger the vulnerability. This module requires Metasploit:...

openSUSE Security Update : seamonkey (openSUSE-SU-2015:0192-1)

Mozilla seamonkey was updated to SeaMonkey 2.32 bnc910669 - MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 Miscellaneous memory safety hazards - MFSA 2015-02/CVE-2014-8637 bmo1094536 Uninitialized memory use during bitmap rendering - MFSA 2015-03/CVE-2014-8638 bmo1080987 sendBeacon requests lack an...

SuSE 11.3 Security Update : Mozilla Firefox (SAT Patch Number 10225)

Mozilla Firefox has been updated to the 31.4.0ESR release, fixing bugs and security issues. Mozilla NSS has been updated to 3.17.3, fixing a security issue and updating the root certificate list. For more information, please see https://www.mozilla.org/en-US/security/advisories/ %NASLMINLEVEL 703...

openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2015:0077-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SeaMonkey Multiple Vulnerabilities-01 (Jan 2015) - Windows

SeaMonkey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:seamonkey"; ifdescription...

openSUSE Security Update : MozillaFirefox (openSUSE-SU-2015:0077-2)

MozillaFirefox was updated to version 35.0 bnc910669 Notable features : - Firefox Hello with new rooms-based conversations model - Implemented HTTP Public Key Pinning Extension for enhanced authentication of encrypted connections Security fixes : - MFSA 2015-01/CVE-2014-8634/CVE-2014-8635...

Security update for MozillaFirefox (important)

MozillaFirefox was updated to version 35.0 bnc910669 Notable features: Firefox Hello with new rooms-based conversations model Implemented HTTP Public Key Pinning Extension for enhanced authentication of encrypted connections Security fixes: MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 Miscellaneous...

Security update for MozillaFirefox (important)

MozillaFirefox was updated to version 35.0 bnc910669 Notable features: Firefox Hello with new rooms-based conversations model Implemented HTTP Public Key Pinning Extension for enhanced authentication of encrypted connections Security fixes: MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 Miscellaneous...

CVE-2014-8636

CVE-2014-8636 affects Mozilla Firefox and SeaMonkey through an information flow bug in the XrayWrapper. The issue arises when interacting with a DOM object that has a named getter, allowing a remote attacker to cause arbitrary JavaScript execution with chrome privileges via unspecified vectors. A...

KLA10445 ACE vulnerability in Mozilla

Improper DOM objects interaction was found in Mozilla products. By exploiting this vulnerability malicious users can execute arbitrary code. This culnerability can be exploited remotely via unspecified vectors. Original advisories MFSA Related products Mozilla-Firefox Mozilla-SeaMonkey CVE list...