7 matches found
openSUSE Security Update : seamonkey (openSUSE-SU-2011:1290-1)
SeaMonkey was upgraded to version 2.5 in order to fix the following security problems : - MFSA 2011-47/CVE-2011-3648 bmo690225 Potential XSS against sites using Shift-JIS - MFSA 2011-48/CVE-2011-3651/CVE-2011-3652/CVE-2011-3654 Miscellaneous memory safety hazards - MFSA 2011-49/CVE-2011-3650...
Mozilla Firefox 7.0 Multiple Vulnerabilities
Binary data 801321.prm...
Mozilla Foundation Security Advisory 2011-50
Mozilla Foundation Security Advisory 2011-50 Title: Cross-origin data theft using canvas and Windows D2D Impact: High Announced: November 8, 2011 Reporter: Products: Firefox, Thunderbird Fixed in: Firefox 8.0 Thunderbird 8.0 Description Mozilla developer Bas Schouten reported that the introductio...
CVE-2011-3649
Mozilla Firefox 7.0 and Thunderbird 7.0, when the Direct2D aka D2D API is used on Windows in conjunction with the Azure graphics back-end, allow remote attackers to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data into a canvas. NOTE:...
CVE-2011-3649
Mozilla Firefox 7.0 and Thunderbird 7.0, when the Direct2D aka D2D API is used on Windows in conjunction with the Azure graphics back-end, allow remote attackers to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data into a canvas. NOTE:...
CVE-2011-3649
CVE-2011-3649 affects Mozilla Firefox 7.0 and Thunderbird 7.0 on Windows when using Direct2D with the Azure graphics backend, allowing cross-origin image data to be read via a manipulated canvas (Same Origin Policy bypass). The issue stems from a regression introduced by CVE-2011-2986. According ...
CVE-2011-3649
Mozilla Firefox 7.0 and Thunderbird 7.0, when the Direct2D aka D2D API is used on Windows in conjunction with the Azure graphics back-end, allow remote attackers to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data into a canvas. NOTE:...