48 matches found
Mozilla Firefox ESR Security Advisories (MFSA2021-07, MFSA2021-09) - Mac OS X
Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...
KLA12091 Multiple vulnerabilities in Mozilla Firefox ESR
Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A memory safety vulnerability can be exploited to execute arbitrary code. 2. A...
Code injection
When trying to load a non-video in an audio/video context the exact status code 200, 302, 404, 500, 412, 403, etc. was disclosed via the MediaError Message. This level of information leakage is inconsistent with the standardized onerror/onsuccess disclosure and can lead to inferring login status ...
CVE-2020-15666
CVE-2020-15666 affects Firefox before 80 (desktop and Android); the issue is an information-disclosure vulnerability where loading a non-video in an audio/video context leaks the exact HTTP status code via the MediaError Message. This could enable login-status inference to services or local-netwo...
CVE-2020-15666
When trying to load a non-video in an audio/video context the exact status code 200, 302, 404, 500, 412, 403, etc. was disclosed via the MediaError Message. This level of information leakage is inconsistent with the standardized onerror/onsuccess disclosure and can lead to inferring login status ...
Security Vulnerabilities fixed in Firefox for Android 80 — Mozilla
By holding a reference to the eval function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended or malicious...
Information Disclosure
firefox is vulnerable to information disclosure. The vulnerability exists as the MediaError message property leaks cross-origin response status when trying to load a non-video in an audio/video context...
KLA11942 Multiple vulnerabilities in Mozilla Firefox
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, cause denial of service, execute arbitrary code, gain privileges, spoof user interface. Below is a complete list of...