43 matches found
CVE-2022-45407
If an attacker loaded a font using FontFace on a background worker, a use-after-free could have occurred, leading to a potentially exploitable crash. This vulnerability affects Firefox 107...
CVE-2022-45407
If an attacker loaded a font using FontFace on a background worker, a use-after-free could have occurred, leading to a potentially exploitable crash. This vulnerability affects Firefox 107...
Mozilla Firefox < 107.0
The version of Firefox installed on the remote Windows host is prior to 107.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-47 advisory. - Mozilla developers Gabriele Svelto, Yulia Startsev, Andrew McCreight and the Mozilla Fuzzing Team reported memory safe...
Security Vulnerabilities fixed in Firefox 107 — Mozilla
Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined with Range requests might have allowed them to determine the presence or length of a media file. Through a series of popup and window.print calls, an...
Apple Safari FontFace Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
Denial Of Service (DoS)
Mozilla Firefox is vulnerable to use-after-free vulnerability. This occurs when events are fired for a "FontFace" object after the object has been already been destroyed while working with fonts resulting a potentially exploitable crash...
CVE-2017-5402
A use-after-free can occur when events are fired for a "FontFace" object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...
CVE-2017-5402
A use-after-free can occur when events are fired for a "FontFace" object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...
Design/Logic Flaw
A use-after-free can occur when events are fired for a "FontFace" object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...
CVE-2017-5402
CVE-2017-5402 is a use-after-free in FontFace event handling that can crash Firefox/Thunderbird when a FontFace object is destroyed but events are fired. Affected products and versions include Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird
CVE-2017-5402
A use-after-free can occur when events are fired for a "FontFace" object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...
CVE-2017-5402
A use-after-free can occur when events are fired for a "FontFace" object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...
Chrome Security: Universal XSS through removing link elements (CVE-2017-5010)
VULNERABILITY DETAILS When a link element is notified about its removal from the tree and the linked stylesheet happens to be the last pending one in the document, the fragment anchor may be updated, which triggers layout updates when it should be forbidden. In special circumstances, the updates...
Updated thunderbird packages fix security vulnerability
JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. CVE-2017-5400 A crash triggerable by web content in which an ErrorResult references unassigned memory due to a logic error. The resulting crash may...
SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2017:0714-1)
This update for MozillaFirefox to ESR 45.8 fixes the following issues: Security issues fixed bsc1028391 : - CVE-2017-5402: Use-after-free working with events in FontFace objects - CVE-2017-5410: Memory corruption during JavaScript garbage collection incremental sweeping - CVE-2017-5400: asm.js...
Mozilla: Use-after-free working with events in FontFace objects (MFSA 2017-06)
A use-after-free can occur when events are fired for a "FontFace" object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...
Mozilla Firefox < 52.0 Multiple Vulnerabilities
The version of Mozilla Firefox installed on the remote Windows host is prior to 52.0. It is, therefore, affected by multiple vulnerabilities : - Mozilla developers and community members Boris Zbarsky, Christian Holler, Honza Bambas, Jon Coppeard, Randell Jesup, Andre Bargull, Kan-Ru Chen, and...
Mozilla: Use-after-free working with events in FontFace objects (MFSA 2017-06)
A use-after-free can occur when events are fired for a "FontFace" object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...
Mozilla: Use-after-free working with events in FontFace objects (MFSA 2017-06)
A use-after-free can occur when events are fired for a "FontFace" object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...
CVE-2017-5402
A use-after-free can occur when events are fired for a "FontFace" object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...