12 matches found
SUSE CVE-2016-9061
A previously installed malicious Android application which defines a specific signature-level permissions used by Firefox can access API keys meant for Firefox only. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects...
SUSE CVE-2016-9065
The location bar in Firefox for Android can be spoofed by forcing a user into fullscreen mode, blocking its exiting, and creating of a fake location bar without any user notification. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This...
CVE-2017-5384
Proxy Auto-Config PAC files can specify a JavaScript function called for all URL requests with the full URL path which exposes more information than would be sent to the proxy itself in the case of HTTPS. Normally the Proxy Auto-Config file is specified by the user or machine owner and presumed t...
CVE-2016-5298
A mechanism where disruption of the loading of a new web page can cause the previous page's favicon and SSL indicator to not be reset when the new page is loaded. Note: this issue only affects Firefox for Android. Desktop Firefox is unaffected. This vulnerability affects Firefox 50...
CVE-2016-5289
Memory safety bugs were reported in Firefox 49. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox 50...
Mozilla Firefox Information Disclosure Vulnerability (CNVD-2018-02234)
Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A security vulnerability exists in versions of Mozilla Firefox prior to 58. A remote attacker could exploit the vulnerability to access frames across sources...
Mozilla Firefox memory misreference vulnerability (CNVD-2017-222751)
Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A memory misreference vulnerability exists in versions of Mozilla Firefox prior to 55. A remote attacker could exploit this vulnerability to cause a denial of service crash...
Mozilla Firefox has an unspecified vulnerability (CNVD-2017-222715)
Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A security vulnerability exists in versions of Mozilla Firefox prior to 55. A remote attacker could exploit the vulnerability to perform unauthorized operations...
Mozilla Firefox Memory Misreference Vulnerability (CNVD-2016-11415)
Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A memory misreference vulnerability exists in the 'nsINode::ReplaceOrInsertBefore' function in versions of Mozilla Firefox prior to 50. An attacker could exploit this vulnerability to cause a...
Mozilla Firefox Timing Attack Vulnerability
Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A timing attack vulnerability exists in the Canvas filter in versions of Mozilla Firefox prior to 50. An attacker can exploit this vulnerability to conduct timing attacks...
Mozilla Firefox Memory Misreference Vulnerability (CNVD-2016-11417)
Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A memory misreference vulnerability exists in the 'nsINode::ReplaceOrInsertBefore' function in versions of Mozilla Firefox prior to 50. An attacker could exploit this vulnerability to cause a...
Mozilla Firefox Denial of Service Vulnerability (CNVD-2016-11416)
Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A denial of service vulnerability exists in the 'nsRefreshDriver' function in versions of Mozilla Firefox prior to 50. An attacker can exploit this vulnerability to cause a denial of service...