18 matches found
EUVD-2008-3822
Malware in sbrugna...
SUSE CVE-2008-3836
feedWriter in Mozilla Firefox before 2.0.0.17 allows remote attackers to execute scripts with chrome privileges via vectors related to feed preview and the 1 elem.doCommand, 2 elem.dispatchEvent, 3 setTitleText, 4 setTitleImage, and 5 initSubscriptionUI functions...
SUSE CVE-2009-3079
Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter...
Debian DSA-1886-1 : iceweasel - several vulnerabilities
Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-3079 'mozbugra4' discovered that a programming error in the FeedWriter...
CVE-2009-3079
Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter...
CVE-2009-3079
Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter...
Command injection
Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter...
CVE-2009-3079
Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter...
Mozilla Foundation Security Advisory 2009-51
Mozilla Foundation Security Advisory 2009-51 Title: Chrome privilege escalation with FeedWriter Impact: Critical Announced: September 9, 2009 Reporter: mozbugra4 Products: Firefox Fixed in: Firefox 3.5.3 Firefox 3.0.14 Description Mozilla security researcher mozbugra4 reported that the...
Firefox 3.5.3 3.0.14 Chrome privilege escalation with FeedWriter
Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter...
Chrome privilege escalation with FeedWriter — Mozilla
Mozilla security researcher mozbugra4 reported that the BrowserFeedWriter could be leveraged to run JavaScript code from web content with elevated privileges. Using this vulnerability, an attacker could construct an object containing malicious JavaScript and cause the FeedWriter to process the...
CVE-2009-1841
js/src/xpconnect/src/xpcwrappedjsclass.cpp in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to execute arbitrary web script with the privileges of a chrome object, as demonstrated by the browser sidebar and the FeedWriter...
Firefox JavaScript arbitrary code execution
js/src/xpconnect/src/xpcwrappedjsclass.cpp in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to execute arbitrary web script with the privileges of a chrome object, as demonstrated by the browser sidebar and the FeedWriter...
Debian DSA-1649-1 : iceweasel - several vulnerabilities
Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0016 Justin Schuh, Tom Cross and Peter Williams discovered a buffer overfl...
CVE-2008-3836
feedWriter in Mozilla Firefox before 2.0.0.17 allows remote attackers to execute scripts with chrome privileges via vectors related to feed preview and the 1 elem.doCommand, 2 elem.dispatchEvent, 3 setTitleText, 4 setTitleImage, and 5 initSubscriptionUI functions...
CVE-2008-3836
feedWriter in Mozilla Firefox before 2.0.0.17 allows remote attackers to execute scripts with chrome privileges via vectors related to feed preview and the 1 elem.doCommand, 2 elem.dispatchEvent, 3 setTitleText, 4 setTitleImage, and 5 initSubscriptionUI functions...
CVE-2008-3836
feedWriter in Mozilla Firefox before 2.0.0.17 allows remote attackers to execute scripts with chrome privileges via vectors related to feed preview and the 1 elem.doCommand, 2 elem.dispatchEvent, 3 setTitleText, 4 setTitleImage, and 5 initSubscriptionUI functions...
Privilege escalation using feed preview page and XSS flaw — Mozilla
Mozilla security researcher mozbugra4 reported a series of vulnerabilities in feedWriter which allow scripts from page content to run with chrome privileges...