Unspecified Vulnerability in Mozilla Firefox (CNVD-2024-41049)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox that stems from a compromised content process that could allow arbitrary loading of cross-origin pages. No details of the vulnerability are provided a...

firefox: thunderbird: Compromised content process can bypass site isolation

The Mozilla Foundation's Security Advisory: A compromised content process could allow for the arbitrary loading of cross-origin pages...

CVE-2024-9392

The Mozilla Foundation's Security Advisory: A compromised content process could allow for the arbitrary loading of cross-origin pages...

CVE-2024-9392

A compromised content process could have allowed for the arbitrary loading of cross-origin pages. This vulnerability affects Firefox 131, Firefox ESR 128.3, Firefox ESR 115.16, Thunderbird 128.3, and Thunderbird 131...

CVE-2024-9392

A compromised content process could have allowed for the arbitrary loading of cross-origin pages. This vulnerability affects Firefox 131, Firefox ESR 128.3, Firefox ESR 115.16, Thunderbird 128.3, and Thunderbird 131...

CVE-2024-9392

A compromised content process could have allowed for the arbitrary loading of cross-origin pages. This vulnerability affects Firefox 131, Firefox ESR 128.3, Firefox ESR 115.16, Thunderbird 128.3, and Thunderbird 131...

CVE-2024-9392

CVE-2024-9392 impacts Firefox and Thunderbird before version 131 (and ESR before 128.3/115.16) where a compromised content process could bypass site isolation and load cross-origin content. This could enable cross-origin access to PDF/JSON via multipart responses and, in some cases, broader arbit...

Security Vulnerabilities fixed in Firefox 131 — Mozilla

A user who enables full-screen mode on a specially crafted web page could potentially be prevented from exiting full screen mode. This may allow spoofing of other sites as the address bar is no longer visible.This bug only affects Firefox Focus for Android. Other versions of Firefox are unaffecte...

Mozilla Thunderbird < 131.0

The version of Thunderbird installed on the remote Windows host is prior to 131.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-50 advisory. - An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the...

Mozilla Firefox ESR < 128.3

The version of Firefox ESR installed on the remote Windows host is prior to 128.3. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-47 advisory. - An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the...

Mozilla Thunderbird < 131.0

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 131.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-50 advisory. - An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the...