12 matches found
Mozilla: Screen hijack via browser fullscreen mode
The Mozilla Foundation Security Advisory describes this flaw as: A background script invoking requestFullscreen and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks...
Mozilla: Fullscreen notification bypass
The Mozilla Foundation Security Advisory describes this flaw as: By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks...
Mozilla: Fullscreen notification bypass
The Mozilla Foundation Security Advisory describes this flaw as: By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks...
Updated firefox packages fix security vulnerability
A vulnerability was found in NSS. The NSS client auth crashes without a user certificate in the database, leading to a segmentation fault or crash CVE-2022-3479. An out of date library libusrsctp contained vulnerabilities that could potentially be exploited CVE-2022-46871. By confusing the browse...
Mozilla: Fullscreen notification bypass
The Mozilla Foundation Security Advisory describes this flaw as: By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks...
CVE-2022-46877
The Mozilla Foundation Security Advisory describes this flaw as: By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks...
Debian DSA-5322-1 : firefox-esr - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5322 advisory. - An out of date library libusrsctp contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox DataTransfer.setData...
CVE-2022-46877
By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox 108...
Design/Logic Flaw
The browser could have been confused into transferring a pointer lock state into another tab, which could have lead to clickjacking attacks. This vulnerability affects Firefox 85...
CVE-2021-23958
The browser could have been confused into transferring a screen sharing state into another tab, which would leak unintended information. This vulnerability affects Firefox 85...
CVE-2021-23958
The browser could have been confused into transferring a screen sharing state into another tab, which would leak unintended information. This vulnerability affects Firefox 85...
MS12-004 midiOutPlayNextPolyEvent Heap Overflow
This module exploits a heap overflow vulnerability in the Windows Multimedia Library winmm.dll. The vulnerability occurs when parsing specially crafted MIDI files. Remote code execution can be achieved by using the Windows Media Player ActiveX control. Exploitation is done by supplying a speciall...