Privilege Escalation

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

Arbitrary Code Execution

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

Critical: Red Hat Security Advisory: firefox security update

Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Errors in the handling of CORS preflight request headers — Mozilla

Mozilla developer Ehsan Akhgari reported two issues with Cross-origin resource sharing CORS "preflight" requests...

Spoofing attack on WebRTC permission prompt — Mozilla

Mozilla developer Ehsan Akhgari reported a spoofing attack where the permission prompt for a WebRTC session can appear to be from a different site than its actual originating site if a timed navigation occurs during the prompt generation. This allows an attacker to potentially gain access to the...