24 matches found
SUSE CVE-2015-4478
Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 do not impose certain ECMAScript 6 requirements on JavaScript object properties, which allows remote attackers to bypass the Same Origin Policy via the reviver parameter to the JSON.parse method...
Mozilla Firefox Security Advisory (MFSA2015-82) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
SUSE: Security Advisory (SUSE-SU-2015:1528-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:1476-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Arbitrary Code Execution
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...
Arbitrary Code Execution
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...
SUSE SLES10 Security Update : Mozilla Firefox (SUSE-SU-2015:2081-1)
MozillaFirefox ESR was updated to version 38.4.0ESR to fix multiple security issues. MFSA 2015-116/CVE-2015-4513 Miscellaneous memory safety hazards rv:42.0 / rv:38.4 MFSA 2015-122/CVE-2015-7188 Trailing whitespace in IP address hostnames can bypass same-origin policy MFSA 2015-123/CVE-2015-7189...
Oracle: Security Advisory (ELSA-2015-1586)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2015:1389-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED11 / SLES11 Security Update : MozillaFirefox, mozilla-nss (SUSE-SU-2015:1528-1)
Mozilla Firefox is being updated to the current Firefox 38ESR branch specifically the 38.2.0ESR release. Security issues fixed : - MFSA 2015-78 / CVE-2015-4495: Same origin violation and local file stealing via PDF reader - MFSA 2015-79 / CVE-2015-4473/CVE-2015-4474: Miscellaneous memory safety...
SUSE SLES11 Security Update : MozillaFirefox, mozilla-nss (SUSE-SU-2015:1449-1) (Logjam)
Mozilla Firefox is being updated to the current Firefox 38ESR branch specifically the 38.2.0ESR release. Security issues fixed : - MFSA 2015-78 / CVE-2015-4495: Same origin violation and local file stealing via PDF reader - MFSA 2015-79 / CVE-2015-4473/CVE-2015-4474: Miscellaneous memory safety...
openSUSE Security Update : MozillaThunderbird (openSUSE-2015-558)
This update to Thunderbird 38.2.0 fixes the following issues bnc940806 : - MFSA 2015-79/CVE-2015-4473 Miscellaneous memory safety hazards - MFSA 2015-80/CVE-2015-4475 bmo1175396 Out-of-bounds read with malformed MP3 file - MFSA 2015-82/CVE-2015-4478 bmo1105914 Redefinition of non-configurable...
openSUSE Security Update : MozillaThunderbird (openSUSE-2015-559)
This update to Thunderbird 38.2.0 fixes the following issues bnc940806 : - MFSA 2015-79/CVE-2015-4473 Miscellaneous memory safety hazards - MFSA 2015-80/CVE-2015-4475 bmo1175396 Out-of-bounds read with malformed MP3 file - MFSA 2015-82/CVE-2015-4478 bmo1105914 Redefinition of non-configurable...
Mozilla Firefox ESR Multiple Vulnerabilities (Aug 2015) - Windows
Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...
Mozilla Firefox ESR Multiple Vulnerabilities (Aug 2015) - Mac OS X
Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...
CVE-2015-4478
Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 do not impose certain ECMAScript 6 requirements on JavaScript object properties, which allows remote attackers to bypass the Same Origin Policy via the reviver parameter to the JSON.parse method...
CVE-2015-4478
CVE-2015-4478 affects Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2. The issue arises when parsing JSON with JSON.parse and a reviver, which can redefine non-configurable properties on JavaScript objects and bypass the Same Origin Policy. Affected products: Firefox/ESR; root cause:...
CentOS Update for firefox CESA-2015:1586 centos5
Check the version of firefox SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882244";...
Firefox ESR < 38.2 Multiple Vulnerabilities (Mac OS X)
The version of Firefox ESR installed on the remote Mac OS X host is prior to 38.2. It is, therefore, affected by the following vulnerabilities : - Multiple memory corruption issues exist that allow a remote attacker, via a specially crafted web page, to corrupt memory and potentially execute...
[SECURITY] [DSA 3333-1] iceweasel security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3333-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 12, 2015 https://www.debian.org/security/faq -...