289 matches found
CVE-2023-37202
Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free. This vulnerability affects Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13...
CVE-2023-37202
The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free...
CVE-2023-37202
Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free. This vulnerability affects Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13...
Mozilla Firefox ESR < 102.13
The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 102.13. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-23 advisory. - Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. Some of these bu...
Security Vulnerabilities fixed in Firefox ESR 102.13 — Mozilla
An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free. A website could have...
Security Vulnerabilities fixed in Thunderbird 102.13 — Mozilla
An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free. A website could have...
Slackware Linux 15.0 / current mozilla-firefox Multiple Vulnerabilities (SSA:2023-185-01)
The version of mozilla-firefox installed on the remote host is prior to 102.13.0esr / 115.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-185-01 advisory. - An attacker could have triggered a use-after-free condition when creating a WebRTC connection over...
Mozilla Firefox ESR < 102.13
The version of Firefox ESR installed on the remote Windows host is prior to 102.13. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-23 advisory. - Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. Some of these bugs showed...
Mozilla Firefox < 115.0
The version of Firefox installed on the remote Windows host is prior to 115.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-22 advisory. - Memory safety bugs present in Firefox 114. Some of these bugs showed evidence of memory corruption and we presume that...
Mozilla Thunderbird < 102.13
The version of Thunderbird installed on the remote Windows host is prior to 102.13. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-24 advisory. - Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. Some of these bugs showed...
CVE-2023-25735
Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free after unwrapping the proxy. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
CVE-2023-25735
Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free after unwrapping the proxy. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
DEBIAN-CVE-2023-25735
Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free after unwrapping the proxy. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
Design/Logic Flaw
Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free after unwrapping the proxy. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
CVE-2023-25735
Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free after unwrapping the proxy. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
CVE-2023-25735
Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free after unwrapping the proxy. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
CVE-2023-25735
Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free after unwrapping the proxy. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
CVE-2023-25735
CVE-2023-25735 describes a use-after-free caused by cross-compartment wrappers wrapping a scripted proxy, which could cause objects from other compartments to be stored in the main compartment during unwrapping. Affected products include Firefox <110, Thunderbird <102.8, and Firefox ESR
CVE-2023-25735
Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free after unwrapping the proxy. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
Important: thunderbird
Issue Overview: If a MIME email combines OpenPGP and OpenPGP MIME data in a certain way Thunderbird repeatedly attempts to process and display the message, which could cause Thunderbird's user interface to lock up and no longer respond to the user's actions. An attacker could send a crafted messa...