21 matches found
CVE-2021-29975
Through a series of DOM manipulations, a message, over which the attacker had control of the text but not HTML or formatting, could be overlaid on top of another domain with the new domain correctly shown in the address bar resulting in possible user confusion. This vulnerability affects Firefox ...
CVE-2021-29975
Through a series of DOM manipulations, a message, over which the attacker had control of the text but not HTML or formatting, could be overlaid on top of another domain with the new domain correctly shown in the address bar resulting in possible user confusion. This vulnerability affects Firefox ...
Mozilla Firefox < 90.0
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 90.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-28 advisory. - If a user had granted a permission to a webpage and saved that grant, any webpage running on the same host -...
Memory Corruption
Firefox is vulnerable to memory corruption attacks. This occurs during DOM manipulations of accessibility tree through script, the DOM tree can become out sync with the accessibility tree, crashing the application which results in denial of service...
CVE-2017-5464
During DOM manipulations of the accessibility tree through script, the DOM tree can become out of sync with the accessibility tree, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...
Mozilla: Potential use-after-free during DOM manipulations (MFSA 2017-02)
A potential use-after-free found through fuzzing during DOM manipulation of SVG content. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...
Mozilla Firefox Security Advisories (MFSA2017-01, MFSA2017-02) - Windows
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
Microsoft Internet Explorer Type Confusion Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose information on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Microsoft Internet Explorer CTreeNode Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Microsoft Internet Explorer CTreePos Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with the...
CVE-2011-0116
Use-after-free vulnerability in the setOuterText method in the htmlelement library in WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via vectors related to DO...
Design/Logic Flaw
Use-after-free vulnerability in the setOuterText method in the htmlelement library in WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via vectors related to DO...
CVE-2011-0116
Use-after-free vulnerability in the setOuterText method in the htmlelement library in WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via vectors related to DO...
Memory corruption
The DOM level 2 implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, does not properly handle DOM manipulations associated with event listeners during processing of range objects, which allows man-in-the-middle attackers to execute arbitrary code or cause a...
CVE-2011-0115
The DOM level 2 implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, does not properly handle DOM manipulations associated with event listeners during processing of range objects, which allows man-in-the-middle attackers to execute arbitrary code or cause a...
ZDI-11-097: Apple Webkit setOuterText Memory Corruption Remote Code Execution Vulnerability
ZDI-11-097: Apple Webkit setOuterText Memory Corruption Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-097 March 2, 2011 -- CVE ID: CVE-2011-0116 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Apple -- Affected Products: Apple WebKit --...
CVE-2010-2661
Opera before 10.54 on Windows and Mac OS X, and before 10.60 on UNIX platforms, does not properly restrict access to the full pathname of a file selected for upload, which allows remote attackers to obtain potentially sensitive information via unspecified DOM manipulations...
CVE-2010-2661
Opera before 10.54 on Windows and Mac OS X, and before 10.60 on UNIX platforms, does not properly restrict access to the full pathname of a file selected for upload, which allows remote attackers to obtain potentially sensitive information via unspecified DOM manipulations...
CVE-2010-2661
Opera before 10.54 (Windows/Mac) and before 10.60 (Unix) does not properly restrict access to the full pathname of a file selected for upload, potentially exposing sensitive information via DOM manipulations. Affected components/versions include the described Opera releases; CVE-2010-2661 is the ...