EUVD-2006-6411

Malware in sbrugna...

EUVD-2018-4343

Malware in sbrugna...

CVE-2018-12369

WebExtensions bundled with embedded experiments were not correctly checked for proper authorization. This allowed a malicious WebExtension to gain full browser permissions. This vulnerability affects Firefox ESR 60.1 and Firefox 61...

CVE-2018-12369

Summary (CVE-2018-12369) WebExtensions bundled with embedded experiments could bypass authorization checks, allowing a malicious WebExtension to gain full browser permissions. Affected products: Mozilla Firefox (non-ESR) versions before 61 and Firefox ESR before 60.1. Root cause: improper authori...

Ubuntu: Security Advisory (USN-3705-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Firefox vulnerabilities (USN-3705-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3705-1 advisory. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacke...

Ubuntu: Security Advisory (USN-3705-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

UBUNTU-CVE-2018-12369

WebExtensions bundled with embedded experiments were not correctly checked for proper authorization. This allowed a malicious WebExtension to gain full browser permissions. This vulnerability affects Firefox ESR 60.1 and Firefox 61...

CVE-2006-6428

Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 allow remote attackers to gain access via unspecified vectors related to "browser permissions."...

CVE-2006-6428

CVE-2006-6428 affects Xerox WorkCentre/WorkCentre Pro (pre-12.060.17.000, 13.x before 13.060.17.000, 14.x before 14.060.17.000). The issue allows remote attackers to gain access via unspecified vectors related to browser permissions. Exploitation details are not provided in the connected document...

Localstore.rdf XML injection through XULDocument.persist() — Mozilla

XULDocument.persist did not validate the attribute name, allowing an attacker to inject XML into localstore.rdf that would be read and acted upon at startup. This could include JavaScript commands that would be run with the permissions of the browser...