11 matches found
Mozilla Firefox Security Advisory (MFSA2017-21) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
CVE-2017-7821
A vulnerability where WebExtensions can download and attempt to open a file of some non-executable file types. This can be triggered without specific user interaction for the file download and open actions. This could be used to trigger known vulnerabilities in the programs that handle those...
CVE-2017-7821
CVE-2017-7821 : A vulnerability in Firefox (WebExtensions) allows downloading and attempting to open certain non-executable file types without user interaction, potentially triggering vulnerabilities in handlers for those document types. The issue affects Firefox versions older than 56 (per mfsa2...
CVE-2017-7821
A vulnerability where WebExtensions can download and attempt to open a file of some non-executable file types. This can be triggered without specific user interaction for the file download and open actions. This could be used to trigger known vulnerabilities in the programs that handle those...
Mozilla Firefox WebExtensions can download and open non-executable files without user interaction(CVE-2017-7821)
CVE-2017-7821 "browser.downloads addon feature may be used for RCE" Steps: 1. Go to 'about:debugging' 2. Unpack attached PoC somewhere 3. Back in 'about:debugging' choose 'Load temp addon' and choose the poc 4. jar file is automatically downloaded and executed. We are able to download and execute...
Ubuntu: Security Advisory (USN-3435-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mozilla Firefox < 56 Multiple Vulnerabilities (macOS)
The version of Mozilla Firefox installed on the remote macOS or Mac OS X host is prior to 56. It is, therefore, affected by multiple vulnerabilities, some of which allow code execution and potentially exploitable application crashes. C Tenable Network Security, Inc. include'compat.inc'; if...
Ubuntu: Security Advisory (USN-3435-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS / 16.04 LTS : Firefox regression (USN-3435-2)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3435-2 advisory. USN-3435-1 fixed vulnerabilities in Firefox. The update caused the Flash plugin to crash in some circumstances. This update fixes the problem. We...
Firefox browser.downloads addon Remote Code Execute (PoC) Vulnerability
Exploit for multiple platform in category dos / poc CVE-2017-7821 "browser.downloads addon feature may be used for RCE" Steps: 1. Go to 'about:debugging' 2. Unpack attached PoC somewhere 3. Back in 'about:debugging' choose 'Load temp addon' and choose the poc 4. jar file is automatically download...
FreeBSD : mozilla -- multiple vulnerabilities (1098a15b-b0f6-42b7-b5c7-8a8646e8be07)
Mozilla Foundation reports : CVE-2017-7793: Use-after-free with Fetch API CVE-2017-7817: Firefox for Android address bar spoofing through fullscreen mode CVE-2017-7818: Use-after-free during ARIA array manipulation CVE-2017-7819: Use-after-free while resizing images in design mode CVE-2017-7824:...