EUVD-2015-7903

Malware in sbrugna...

The vulnerability affects the implementation of the COOKIE-ECHO extension for WebRTC browsers such as Google Chrome, Mozilla Firefox, Firefox ESR, and Firefox for Android. This vulnerability allows a perpetrator to cause a service failure or execute arbitrary code.

The vulnerability of the COOKIE-ECHO extension implementation in WebRTC browsers such as Google Chrome, Mozilla Firefox, Firefox ESR, and Firefox for Android is related to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to cause a service failure or...

CVE-2015-8007

The Echo extension for MediWiki does not properly implement the hideuser functionality, which allows remote authenticated users to see hidden usernames in "non-revision based" notifications, as demonstrated by viewing a hidden username in a Thanks notification...

Design/Logic Flaw

The Echo extension for MediWiki does not properly implement the hideuser functionality, which allows remote authenticated users to see hidden usernames in "non-revision based" notifications, as demonstrated by viewing a hidden username in a Thanks notification...

CVE-2015-8007

The Echo extension for MediWiki does not properly implement the hideuser functionality, which allows remote authenticated users to see hidden usernames in "non-revision based" notifications, as demonstrated by viewing a hidden username in a Thanks notification...

CVE-2015-8007

Affected software/component: MediaWiki Echo extension. Vulnerability: improper implementation of the hideuser functionality, enabling remote authenticated users to see hidden usernames in certain notifications. Impact (as described): exposure of hidden usernames in “non-revision based” notificati...