8 matches found
SUSE CVE-2012-4193
Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1, Thunderbird ESR 10.x before 10.0.9, and SeaMonkey before 2.13.1 omit a security check in the defaultValue function during the unwrapping of security wrappers, which allows remote attackers to bypass the Same...
CVE-2018-17703
Foxit Reader (Windows) is affected, including version 9.2.0.9297 and earlier, with vulnerabilities tied to the handling of the defaultValue property of ComboBox objects. The underlying flaw is a failure to validate the existence of an object before performing operations, resulting in a use-after-...
Same Origin Policy Bypass
xulrunner is vulnerable to same origin policy bypass attacks. It omits a security check in the defaultValue function during the unwrapping of security wrappers, which allows remote attackers to bypass the Same Origin Policy and read the properties of a Location object, or execute arbitrary...
Foxit Reader and Foxit PhantomPDF for Windows Memory Misreference Vulnerability (CNVD-2018-21843)
Foxit Reader for Windows is a Windows-based PDF document reader from China's Foxit Foxit Software Corporation.Foxit PhantomPDF for Windows is its commercial version. A memory misreference vulnerability exists in the handling of the defaultValue property of the ComboBox object in Foxit Reader...
WebKit JSC - ObjectPatternNode::appendEntry Stack Use-After-Free
WebKit JSC - ObjectPatternNode::appendEntry Stack Use-After-Free Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1256 Here's a snippet of ObjectPatternNode::appendEntry. void appendEntryconst JSTokenLocation&, ExpressionNode propertyExpression, DestructuringPatternNode pattern,...
XrayWrappers can be bypassed to run user defined methods in a privileged context — Mozilla
Mozilla security researcher mozbugra4 reported that XrayWrappers can be bypassed to call content-defined toString and valueOf methods through DefaultValue. This can lead to unexpected behavior when privileged code acts on the incorrect values...
defaultValue security checks not applied — Mozilla
Mozilla security researcher mozbugra4 reported a regression where security wrappers are unwrapped without doing a security check in defaultValue. This can allow for improper access to the Location object. In versions 15 and earlier of affected products, there was also the potential for arbitrary...
FreeBSD : mozilla -- multiple vulnerabilities (6e5a9afd-12d3-11e2-b47d-c8600054b392)
The Mozilla Project reports : MFSA 2012-74 Miscellaneous memory safety hazards rv:16.0/ rv:10.0.8 MFSA 2012-75 select element persistance allows for attacks MFSA 2012-76 Continued access to initial origin after setting document.domain MFSA 2012-77 Some DOMWindowUtils methods bypass security check...