10 matches found
EUVD-2015-7119
Malware in sbrugna...
Mozilla Firefox Security Advisory (MFSA2015-121) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
Updated iceape packages fix security vulnerabilities
Updated iceape packages fix security issues: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code vi...
CVE-2015-7187
The Add-on SDK in Mozilla Firefox before 42.0 misinterprets a "script: false" panel setting, which makes it easier for remote attackers to conduct cross-site scripting XSS attacks via inline JavaScript code that is executed within a third-party extension...
Cross site scripting
The Add-on SDK in Mozilla Firefox before 42.0 misinterprets a "script: false" panel setting, which makes it easier for remote attackers to conduct cross-site scripting XSS attacks via inline JavaScript code that is executed within a third-party extension...
CVE-2015-7187
The Add-on SDK in Mozilla Firefox before 42.0 misinterprets a "script: false" panel setting, which makes it easier for remote attackers to conduct cross-site scripting XSS attacks via inline JavaScript code that is executed within a third-party extension...
CVE-2015-7187
CVE-2015-7187 arises from the Add-on SDK in Mozilla Firefox before 42.0 misinterpreting a panel setting script: false, enabling inline script execution in third‑party extensions and potentially allowing remote XSS. The vulnerability affects Firefox’s extension panel rendering and can lead to cros...
CVE-2015-7187
The Add-on SDK in Mozilla Firefox before 42.0 misinterprets a "script: false" panel setting, which makes it easier for remote attackers to conduct cross-site scripting XSS attacks via inline JavaScript code that is executed within a third-party extension...
Disabling scripts in Add-on SDK panels has no effect — Mozilla
Add-on authors Jason Hamilton and Peter Arremann with AMO editor Sylvain Giroux reported a vulnerability when a panel is created using the Add-on SDK in a browser extension. Defining a panel with script: false is supposed to disable script execution but it was found that inline script would still...
KLA10689 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
Multiple serious vulnerabilities have been found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, bypass security restrictions, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilitie...