CVE-2016-0314

The Report Builder and Data Collection Component DCC in IBM Jazz Reporting Service JRS 5.x before 5.0.2 ifix016 and 6.x before 6.0.1 ifix005 allow remote authenticated users to conduct clickjacking attacks via unspecified vectors...

CVE-2016-0314

The CVE-2016-0314 issue affects IBM Jazz Reporting Service (JRS) through the Report Builder/DCC component. Affects JRS 5.x before 5.0.2 IFIX016 and 6.x before 6.0.1 IFIX005; an authenticated remote attacker can perform clickjacking via unspecified vectors. IBM lists fixes: 5.0.x users should appl...

The vulnerability of Juniper SRX 240 router microprogramming software allows a hacker to execute arbitrary code.

The Juniper SRX 240 router software contains a vulnerability that allows an attacker to execute arbitrary code as a result of a “clickjacking” attack...

Legal Robot: AWS S3 website can't serve security headers, may allow clickjacking

Security researcher discovered that our AWS S3 website was not serving some basic security headers like X-Frame-Options. We resolved the issue by putting nginx in front of our AWS S3 website and adding header directives. Fixed security headers can be verified here: https://schd.io/zt...

The vulnerabilities in Firefox ESR and Firefox browsers allow attackers to trigger service failures, perform clickjacking, or carry out spoofing attacks.

The vulnerability of Firefox ESR and Fierfox is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to cause service failures user interface malfunctions, perform clickjacking, or carry out spoofing attacks using a specially crafted website...

Zomato: Clickjacking login page of http://book.zomato.com/

The login page on book.zomato.com http://book.zomato.com/account/login.aspx is vulnerable to a clickjacking attack. Reproduction steps: 1. Paste the following HTML into a text editor and save the file as .html 2. Open the file in a web browser 3. Note that the iframe appears with the login page...

Mozilla Firefox < 47.0 Multiple Vulnerabilities

Binary data 9383.prm...

CVE-2016-2831

Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not ensure that the user approves the fullscreen and pointerlock settings, which allows remote attackers to cause a denial of service UI outage, or conduct clickjacking or spoofing attacks, via a crafted web site...

CVE-2016-2831

Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not ensure that the user approves the fullscreen and pointerlock settings, which allows remote attackers to cause a denial of service UI outage, or conduct clickjacking or spoofing attacks, via a crafted web site...

DEBIAN-CVE-2016-2831

Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not ensure that the user approves the fullscreen and pointerlock settings, which allows remote attackers to cause a denial of service UI outage, or conduct clickjacking or spoofing attacks, via a crafted web site...

Design/Logic Flaw

Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not ensure that the user approves the fullscreen and pointerlock settings, which allows remote attackers to cause a denial of service UI outage, or conduct clickjacking or spoofing attacks, via a crafted web site...

CVE-2016-2831

Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not ensure that the user approves the fullscreen and pointerlock settings, which allows remote attackers to cause a denial of service UI outage, or conduct clickjacking or spoofing attacks, via a crafted web site...

CVE-2016-2831

Mozilla Firefox and Firefox ESR are affected by CVE-2016-2831 where an error during fullscreen and pointerlock handling (and window closing) could allow a pointerlock in a fullscreen window without user permission, enabling UI outage, spoofing, and clickjacking. A fix is available in later Firefo...

Mozilla Firefox and Firefox ESR Denial of Service Vulnerability (CNVD-2016-04024)

Mozilla Firefox and Firefox ESR are both browser products developed by the Mozilla Foundation in the U.S. Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox. A denial of service vulnerability exists in Mozilla Firefox versions prior to 47.0 and Firefox ES...

Ubuntu 14.04 LTS / 16.04 LTS : Firefox vulnerabilities (USN-2993-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2993-1 advisory. Christian Holler, Gary Kwong, Jesse Ruderman, Tyson Smith, Timothy Nikkel, Sylvestre Ledru, Julian Seward, Olli Pettay, Karl Tomlinson,...

Firefox < 47 Multiple Vulnerabilities (Mac OS X)

The version of Firefox installed on the remote Mac OS X host is prior to 47. It is, therefore, affected by multiple vulnerabilities : - Multiple memory corruption issues exist that allow an unauthenticated, remote attacker to execute arbitrary code. CVE-2016-2815, CVE-2016-2818 - An overflow...

Mozilla: Entering fullscreen and persistent pointerlock without user permission (MFSA 2016-58)

Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not ensure that the user approves the fullscreen and pointerlock settings, which allows remote attackers to cause a denial of service UI outage, or conduct clickjacking or spoofing attacks, via a crafted web site...

CVE-2016-2831

Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not ensure that the user approves the fullscreen and pointerlock settings, which allows remote attackers to cause a denial of service UI outage, or conduct clickjacking or spoofing attacks, via a crafted web site...

CVE-2016-2831

Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not ensure that the user approves the fullscreen and pointerlock settings, which allows remote attackers to cause a denial of service UI outage, or conduct clickjacking or spoofing attacks, via a crafted web site...

firefox: multiple issues

CVE-2016-2815 arbitrary code execution Mozilla developers and community members reported several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with...