3 matches found
Ubuntu 5.10 / 6.06 LTS / 6.10 : firefox vulnerabilities (USN-428-1)
Several flaws have been found that could be used to perform Cross-site scripting attacks. A malicious website could exploit these to modify the contents or steal confidential data such as passwords from other opened web pages. CVE-2006-6077, CVE-2007-0780, CVE-2007-0800, CVE-2007-0981,...
Design/Logic Flaw
Mozilla Firefox 2.0.0.2 allows remote attackers to spoof the address bar, favicons, and document source, and perform updates in the context of arbitrary websites, by repeatedly setting document.location in the onunload attribute when linking to another website, a variant of CVE-2007-1092...
CVE-2007-1092
CVE-2007-1092 affects Mozilla Firefox 1.5.0.9 and 2.0.0.1 and SeaMonkey before 1.0.8. The issue stems from JavaScript onUnload handlers that can modify the document structure, causing memory corruption due to the absence of a finalize hook on DOM window objects, enabling remote code execution. Re...