3 matches found
Mozilla Foundation Security Advisory 2008-54
Mozilla Foundation Security Advisory 2008-54 Title: Buffer overflow in http-index-format parser Impact: Critical Announced: November 12, 2008 Reporter: Justin Schuh Products: Firefox, SeaMonkey Fixed in: Firefox 3.0.4 Firefox 2.0.0.18 SeaMonkey 1.1.13 Description Justin Schuh of the IBM X-Force...
Mozilla Foundation Security Advisory 2008-48
Mozilla Foundation Security Advisory 2008-48 Title: Image stealing via canvas and HTTP redirect Impact: High Announced: November 12, 2008 Reporter: Georgi Guninski, Michal Zalewski, Chris Evans Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 2.0.0.18 Thunderbird 2.0.0.18 SeaMonkey...
Mozilla -moz-binding property bypasses security checks on codebase principals
Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the protection mechanism for codebase principals and execute arbitrary script via the -moz-binding CSS property in a signed JAR file...