10 matches found
Astra Linux - уязвимость в firefox
In violation of the specification, cookie prefixes such as Secure were ignored if they were not capitalized correctly. According to the specification, these prefixes should be checked using a case-insensitive comparison. This could result in the browser not correctly implementing the behaviors...
Linux Distros Unpatched Vulnerability : CVE-2024-5689
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In addition to detecting when a user was taking a screenshot XXX, a website was able to overlay the 'My Shots' button that appeared, and direct the user to a...
Linux Distros Unpatched Vulnerability : CVE-2024-5691
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - By tricking the browser with a X-Frame-Options header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to...
Linux Distros Unpatched Vulnerability : CVE-2024-5696
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - By manipulating the text in an tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox...
DEBIAN-CVE-2024-5696
By manipulating the text in an input tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12...
CVE-2024-5692
On Windows 10, when using the 'Save As' functionality, an attacker could have tricked the browser into saving the file with a disallowed extension such as .url by including an invalid character in the extension. Note: This issue only affected Windows operating systems. Other operating systems are...
CVE-2024-5687
If a specific sequence of actions is performed when opening a new tab, the triggering principal associated with the new tab may have been incorrect. The triggering principal is used to calculate many values, including the Referer and Sec- headers, meaning there is the potential for incorrect...
UBUNTU-CVE-2024-5689
In addition to detecting when a user was taking a screenshot XXX, a website was able to overlay the 'My Shots' button that appeared, and direct the user to a replica Firefox Screenshots page that could be used for phishing. This vulnerability affects Firefox 127...
UBUNTU-CVE-2024-5698
By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid a text box over the address bar. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox 127...
UBUNTU-CVE-2024-5690
By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. This vulnerability affects Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12...