10 matches found
Astra Linux – Vulnerability in Firefox
In violation of the specification, cookie prefixes such as Secure were ignored if they were not capitalized correctly. According to the specification, these prefixes should be checked using a case-insensitive comparison. This could result in the browser not correctly implementing the behaviors...
Linux Distros Unpatched Vulnerability : CVE-2024-5689
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In addition to detecting when a user was taking a screenshot XXX, a website was able to overlay the 'My Shots' button that appeared, and direct the user to a...
Linux Distros Unpatched Vulnerability : CVE-2024-5691
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - By tricking the browser with a X-Frame-Options header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to...
Linux Distros Unpatched Vulnerability : CVE-2024-5696
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - By manipulating the text in an tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox...
DEBIAN-CVE-2024-5696
By manipulating the text in an input tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12...
CVE-2024-5687
If a specific sequence of actions is performed when opening a new tab, the triggering principal associated with the new tab may have been incorrect. The triggering principal is used to calculate many values, including the Referer and Sec- headers, meaning there is the potential for incorrect...
CVE-2024-5692
On Windows 10, when using the 'Save As' functionality, an attacker could have tricked the browser into saving the file with a disallowed extension such as .url by including an invalid character in the extension. Note: This issue only affected Windows operating systems. Other operating systems are...
UBUNTU-CVE-2024-5689
In addition to detecting when a user was taking a screenshot XXX, a website was able to overlay the 'My Shots' button that appeared, and direct the user to a replica Firefox Screenshots page that could be used for phishing. This vulnerability affects Firefox 127...
UBUNTU-CVE-2024-5698
By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid a text box over the address bar. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox 127...
UBUNTU-CVE-2024-5690
By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. This vulnerability affects Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12...