9 matches found
Ubuntu 10.04 LTS / 10.10 / 11.04 : thunderbird vulnerabilities (USN-1254-1)
It was discovered that CVE-2011-3004, which addressed possible privilege escalation in addons, also affected Thunderbird 3.1. An attacker could potentially exploit a user who had installed an add-on that used loadSubscript in vulnerable ways. CVE-2011-3647 Yosuke Hasegawa discovered that the...
Ubuntu Update for firefox USN-1251-1
Ubuntu Update for Linux kernel vulnerabilities USN-1251-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12511.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for firefox USN-1251-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This...
CVE-2011-3647
The JSSubScriptLoader in Mozilla Firefox before 3.6.24 and Thunderbird before 3.1.6 does not properly handle XPCNativeWrappers during calls to the loadSubScript method in an add-on, which makes it easier for remote attackers to gain privileges via a crafted web site that leverages certain...
Mozilla Firefox and SeaMonkey 'loadSubScript()' Security Bypass Vulnerability
The host is installed with Mozilla firefox/seamonkey and is prone to security bypass vulnerability. OpenVAS Vulnerability Test $Id: gbmozillaprdtsloadsubscriptsecbypassvulnwin.nasl 7029 2017-08-31 11:51:40Z teissa $ Mozilla Firefox and SeaMonkey 'loadSubScript' Security Bypass Vulnerability Windo...
Mozilla Foundation Security Advisory 2011-43
Mozilla Foundation Security Advisory 2011-43 Title: loadSubScript unwraps XPCNativeWrapper scope parameter Impact: Critical Announced: September 27, 2011 Reporter: David Rees Products: Firefox, SeaMonkey Fixed in: Firefox 7.0 SeaMonkey 2.4 Description David Rees reported that the JSSubScriptLoade...
CVE-2011-3004
The JSSubScriptLoader in Mozilla Firefox 4.x through 6 and SeaMonkey before 2.4 does not properly handle XPCNativeWrappers during calls to the loadSubScript method in an add-on, which makes it easier for remote attackers to gain privileges via a crafted web site that leverages certain unwrapping...
Ubuntu: Security Advisory (USN-1222-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2011-3004
The CVE-2011-3004 issue affects Mozilla Firefox 4.x–6 and SeaMonkey before 2.4, where the JSSubScriptLoader fails to properly handle XPCNativeWrappers during loadSubScript calls. This weakens the add-on boundary, allowing a crafted web site to exploit unwrapping behavior and escalate privileges. ...
Mozilla Firefox < 7.0 Multiple Vulnerabilities
Binary data 6028.prm...