7 matches found
SUSE-SU-2019:1388-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Security issues fixed: - CVE-2019-11691: Use-after-free in XMLHttpRequest - CVE-2019-11692: Use-after-free removing listeners in the event listener manager - CVE-2019-11693: Buffer overflow in WebGL bufferdata on Linux - CVE-2019-11694:...
Mozilla Firefox ESR Security Advisories (MFSA2019-09, MFSA2019-14) - Windows
Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...
Nasty Data-Stealing Bug Haunts Internet Explorer 8
There’s an unpatched vulnerability in Internet Explorer 8 that enables simple data-stealing attacks by Web-based attackers and could lead to an attacker hijacking a user’s authenticated session on a third-party site. The flaw, which a researcher said may have been known since 2008, lies in the wa...
FreeBSD : mozilla -- multiple vulnerabilities (8c2ea875-9499-11df-8e32-000f20797ede)
The Mozilla Project reports : MFSA 2010-34 Miscellaneous memory safety hazards rv:1.9.2.7/ 1.9.1.11 MFSA 2010-35 DOM attribute cloning remote code execution vulnerability MFSA 2010-36 Use-after-free error in NodeIterator MFSA 2010-37 Plugin parameter EnsureCachedAttrParamArrays remote code...
Google Chrome < 4.0.249.78 Multiple Vulnerabilities
Binary data 5328.pasl...
Google Chrome < 4.0.249.78 Multiple Vulnerabilities
The version of Google Chrome installed on the remote host is earlier than 4.0.249.78. Such versions are reportedly affected by multiple vulnerabilities : - A pop-up blocker bypass. Issue 3275 - Cross-domain theft due to CSS design error. Issue 9877 - Browser memory error with stale pop-up block...
Cross-domain data theft with CSS load
CSS can be loaded cross-domain, and in some cases it is be possible to read the data pointed to, leading to the possibility of cross-domain data theft...