14 matches found
Security update for MozillaFirefox, MozillaFirefox-branding-SLE
This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues: MozillaFirefox is updated to the 140ESR series. Firefox Extended Support Release 140.0esr ESR: General Reader View now has an enhanced Text and Layout menu with new options for character spacing, word spacing,...
Security update for MozillaFirefox, MozillaFirefox-branding-SLE
This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues: This is the Firefox Extended Support Release 140.0esr ESR Major changes: General: Reader View now has an enhanced Text and Layout menu with new options for character spacing, word spacing, and text alignment...
SUSE-SU-2025:02339-1 Security update for MozillaFirefox, MozillaFirefox-branding-SLE
This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues: This is the Firefox Extended Support Release 140.0esr ESR Major changes: General: - Reader View now has an enhanced Text and Layout menu with new options for character spacing, word spacing, and text alignment...
Security Problem in Web Browser Permission Mechanism
Overview A research team of Waseda University and NTT Social Informatics Laboratories conducted a systematic analysis of the permission mechanisms of 5 different Operating Systems both mobile and desktop OS and 22 major browsers running on each OS. The results show that they have multiple problem...
CVE-2023-37455
The permission request prompt from the site in the background tab was overlaid on top of the site in the foreground tab. This vulnerability affects Firefox for iOS 115...
SUSE CVE-2008-1241
GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 allows remote attackers to spoof form elements and redirect user inputs via a borderless XUL pop-up window from a background tab...
USN-3477-4 firefox regression
USN-3477-1 fixed vulnerabilities in Firefox. The update introduced a crash reporting issue where background tab crash reports were sent to Mozilla without user opt-in. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were...
CVE-2011-3866
Mozilla Firefox before 7.0 and SeaMonkey before 2.4 do not properly restrict availability of motion data events, which makes it easier for remote attackers to read keystrokes by leveraging JavaScript code running in a background tab...
XUL popup spoofing
GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 allows remote attackers to spoof form elements and redirect user inputs via a borderless XUL pop-up window from a background tab...
XUL popup spoofing
GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 allows remote attackers to spoof form elements and redirect user inputs via a borderless XUL pop-up window from a background tab...
XUL popup spoofing
GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 allows remote attackers to spoof form elements and redirect user inputs via a borderless XUL pop-up window from a background tab...
CVE-2004-1381
Firefox before 1.0 and Mozilla before 1.7.5 allow inactive background tabs to focus on input being entered in the active tab, as originally reported using form fields, which allows remote attackers to steal sensitive data that is intended for other sites, which could facilitate phishing attacks...
Input stealing from other tabs — Mozilla
Jakob Balle of Secunia reported two vulnerabilities in windows with multiple tabs. Malicious content in a background tab can attempt to steal information intended for the topmost tab by popping up prompt dialog that appears to come from the trusted site, or by silently redirecting input focus to ...
CVE-2004-1381
Firefox before 1.0 and Mozilla before 1.7.5 allow inactive background tabs to focus on input being entered in the active tab, as originally reported using form fields, which allows remote attackers to steal sensitive data that is intended for other sites, which could facilitate phishing attacks...