21 matches found
EUVD-2021-10904
Malware in sbrugna...
DEBIAN-CVE-2024-8386
If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2...
Mozilla Firefox < 130.0
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 130.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-39 advisory. - Memory safety bugs present in Firefox 129. Some of these bugs showed evidence of memory corruption and we...
Important: firefox
Issue Overview: Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported memory safety bugs present in Firefox 94. Some of these bugs showed evidence of memory corruption and we presume that with enough...
SUSE CVE-2018-17477
Incorrect dialog placement in Extensions in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of extension popups via a crafted HTML page...
CVE-2022-34479
A malicious website that could create a popup could have resized the popup to overlay the address bar with its own content, resulting in potential user confusion or spoofing attacks. This bug only affects Thunderbird for Linux. Other operating systems are unaffected.. This vulnerability affects...
CVE-2022-45408
Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR 102.5, Thunderbird 102.5, and Firefox 107...
SUSE-SU-2021:14684-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: - Firefox was updated to 78.9.0 ESR MFSA 2021-11, bsc1183942 CVE-2021-23981: Texture upload into an unbound backing buffer resulted in an out-of-bound read CVE-2021-23982: Internal network hosts could have been probed by a malicious webpa...
SUSE-SU-2021:0966-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: - Firefox was updated to 78.9.0 ESR MFSA 2021-11, bsc1183942 CVE-2021-23981: Texture upload into an unbound backing buffer resulted in an out-of-bound read CVE-2021-23982: Internal network hosts could have been probed by a malicious webpa...
Mozilla: Malicious extensions could have spoofed popup information
The Mozilla Foundation Security Advisory describes this issue as: A malicious extension could have opened a popup window lacking an address bar. The title of the popup lacking an address bar should not be fully controllable, but in this situation was. This could have been used to spoof a website...
CVE-2018-17477
Incorrect dialog placement in Extensions in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of extension popups via a crafted HTML page...
openSUSE 10 Security Update : mozilla-xulrunner (mozilla-xulrunner-5163)
This update brings the Mozilla XULRunner engine to security update version level 1.1.9 Following security problems were fixed : - MFSA 2008-19/CVE-2008-1241: XUL popup spoofing variant cross-tab popups - MFSA 2008-18/CVE-2008-1195 and CVE-2008-1240: Java socket connection to any local port via...
SuSE 10 Security Update : epiphany (ZYPP Patch Number 5164)
This update fixes security issues also fixes in the Mozilla Firefox 2.0.0.13 update round. Following security problems were fixed : - XUL popup spoofing variant cross-tab popups. MFSA 2008-19 / CVE-2008-1241 - Java socket connection to any local port via LiveConnect. MFSA 2008-18 / CVE-2008-1195 ...
SuSE 10 Security Update : Security update for (ZYPP Patch Number 5134)
This update brings Mozilla Firefox to security update version 2.0.0.13 Following security problems were fixed : - XUL popup spoofing variant cross-tab popups. MFSA 2008-19 / CVE-2008-1241 - Java socket connection to any local port via LiveConnect. MFSA 2008-18 / CVE-2008-1195 / CVE-2008-1240 -...
openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-5135)
This update brings Mozilla Firefox to security update version 2.0.0.13 Following security problems were fixed : - MFSA 2008-19/CVE-2008-1241: XUL popup spoofing variant cross-tab popups - MFSA 2008-18/CVE-2008-1195 and CVE-2008-1240: Java socket connection to any local port via LiveConnect - MFSA...
Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : firefox vulnerabilities (USN-592-1)
Alexey Proskuryakov, Yosuke Hasegawa and Simon Montagu discovered flaws in Firefox's character encoding handling. If a user were tricked into opening a malicious web page, an attacker could perform cross-site scripting attacks. CVE-2008-0416 Various flaws were discovered in the JavaScript engine...
XUL popup spoofing
GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 allows remote attackers to spoof form elements and redirect user inputs via a borderless XUL pop-up window from a background tab...
XUL popup spoofing
GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 allows remote attackers to spoof form elements and redirect user inputs via a borderless XUL pop-up window from a background tab...
USN-592-1: Firefox vulnerabilities
Alexey Proskuryakov, Yosuke Hasegawa and Simon Montagu discovered flaws in Firefox's character encoding handling. If a user were tricked into opening a malicious web page, an attacker could perform cross-site scripting attacks. CVE-2008-0416 Various flaws were discovered in the JavaScript engine...
CVE-2007-2871
Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to spoof or hide the browser chrome, such as the location bar, by placing XUL popups outside of the browser's content pane. NOTE: this issue can be leveraged for phishing and other...