9 matches found
GHSA-QXJP-W3PJ-48M7 Crawl4AI: AST Sandbox Escape via gi_frame.f_back Chain - Pre-Auth RCE in Docker API
Summary The safeevalexpression function in the computed fields feature uses an AST validator that only blocks attributes starting with underscore. Python generator and frame object attributes giframe, fback, fbuiltins do NOT start with underscore, enabling a complete sandbox escape to achieve...
CVE-2013-1738
Use-after-free vulnerability in the JSGetGlobalForScopeChain function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code by leveraging incorrect garbage collection in situations involving default compartments and...
Design/Logic Flaw
Use-after-free vulnerability in the JSGetGlobalForScopeChain function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code by leveraging incorrect garbage collection in situations involving default compartments and...
CVE-2013-1738
CVE-2013-1738 describes a use-after-free in Mozilla’s JS_GetGlobalForScopeChain, enabling remote code execution via mismanaged garbage collection in default compartments during frame-chain restoration. Affected products from the provided data include Mozilla Firefox (before 24.0), Thunderbird (be...
CVE-2013-1738
Use-after-free vulnerability in the JSGetGlobalForScopeChain function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code by leveraging incorrect garbage collection in situations involving default compartments and...
CVE-2013-1738
Use-after-free vulnerability in the JSGetGlobalForScopeChain function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code by leveraging incorrect garbage collection in situations involving default compartments and...
Memory corruption
The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to 1 the frame chain and synchronous events, 2 a SetMayHaveFrame assertion and...
Mozilla Browser engine crashes
The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to 1 the frame chain and synchronous events, 2 a SetMayHaveFrame assertion and...
CVE-2009-2462
The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to 1 the frame chain and synchronous events, 2 a SetMayHaveFrame assertion and...