83 matches found
CVE-2024-0748
A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox 122...
UBUNTU-CVE-2024-0748
A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox 122...
CVE-2024-0748
A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox 122...
CVE-2024-0748
A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox 122...
Mozilla: Out-of-bounds write in PathOps
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: A compromised content process could have provided malicious data in a PathRecording, resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process...
Mozilla: Out-of-bounds write in PathOps
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: A compromised content process could have provided malicious data in a PathRecording, resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process...
Mozilla: Out-of-bounds write in PathOps
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: A compromised content process could have provided malicious data in a PathRecording, resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process...
CVE-2023-5169
A compromised content process could have provided malicious data in a PathRecording resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3...
CVE-2023-5170
In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This memory leak could be used to effect a sandbox escape if the correct data was leaked. This vulnerability affects Firefox 118...
CVE-2023-5169
A compromised content process could have provided malicious data in a PathRecording resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3...
CVE-2023-5169
A compromised content process could have provided malicious data in a PathRecording resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3...
CVE-2023-5168
A compromised content process could have provided malicious data to FilterNodeD2D1 resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This bug only affects Firefox on Windows. Other operating systems are unaffected. This vulnerability affects...
CVE-2023-5168
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: A compromised content process could have provided malicious data to FilterNodeD2D1, resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process...
SUSE CVE-2023-5169
A compromised content process could have provided malicious data in a PathRecording resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3...
CVE-2022-28281
If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of bounds write would have occurred leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 91.8, Firefox 99, and...
CVE-2022-46872
An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages.This bug only affects Thunderbird for Linux. Other operating systems are unaffected.. This vulnerability affects Firefox 108, Firefox ESR 102.6, and...
RHEL 8 : thunderbird (RHSA-2022:9074)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:9074 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.6.0. Security Fixes: Mozilla:...
RHEL 8 : firefox (RHSA-2022:9068)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:9068 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
RHEL 9 : firefox (RHSA-2022:9066)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:9066 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
Mozilla: Arbitrary file read from a compromised content process
The Mozilla Foundation Security Advisory describes this flaw as: An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages. This bug only affects Firefox for Linux. Other operating systems are unaffected...