firefox: thunderbird: Use-after-free in XSLT

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash...

Mozilla: Use-after-free in XSLT parameter processing

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: Removing an XSLT parameter during processing could have led to an exploitable use-after-free issue. There were reports of attacks in the wild abusing this flaw...

Mozilla: Iframe sandbox bypass with XSLT

The Mozilla Foundation Security Advisory describes this flaw as: It was possible to construct specific XSLT markups that would enable someone to bypass an iframe sandbox...

The vulnerability of the XSLTResult class implementation in the Apache Struts software platform allows attackers to execute arbitrary code.

The vulnerability of the XSLTResult class implementation in the Apache Struts software framework is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code using the stylesheetLocation parameter...