7 matches found
Mozilla Firefox Information Disclosure Vulnerability (CNVD-2018-02266)
Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the U.S. Developer Tools is one of the development tools. A security vulnerability exists in the Developer Tools component of Mozilla Firefox prior to version 58. The vulnerability can be exploited by an attacker...
Mozilla Firefox and Firefox ESR Memory Misreference Vulnerability (CNVD-2017-22580)
Mozilla Firefox and Firefox ESR are both browser products developed by the Mozilla Foundation in the U.S. Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox. A memory misreference vulnerability exists in Mozilla Firefox versions prior to 55 and Firefox ES...
Mozilla: Use-after-free during transaction processing in the editor (MFSA 2017-11, MFSA 2017-12)
A use-after-free vulnerability occurs during transaction processing in the editor during design mode interactions. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...
Mozilla Firefox add-ons SDK cross-site scripting vulnerability
Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A cross-site scripting vulnerability exists in versions of Mozilla Firefox prior to 50.1. An attacker can exploit the vulnerability to steal cookie-based authentication...
Mozilla Firefox elevation of privilege vulnerability (CNVD-2016-11412)
Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A privilege extraction vulnerability exists in the Mozilla Maintenance Service in versions of Mozilla Firefox prior to 50 on Windows-based platforms. An attacker can exploit this vulnerability ...
Mozilla Firefox Denial of Service Vulnerability (CNVD-2016-11418)
Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A denial of service vulnerability exists in versions of Mozilla Firefox prior to 50. An attacker can exploit this vulnerability to cause a denial of service crash with a malicious URL...
CVE-2016-1692
WebKit/Source/core/css/StyleSheetContents.cpp in Blink, as used in Google Chrome before 51.0.2704.63, permits cross-origin loading of CSS stylesheets by a ServiceWorker even when the stylesheet download has an incorrect MIME type, which allows remote attackers to bypass the Same Origin Policy via...