Electron: Use-after-free in WebContents fullscreen, pointer-lock, and keyboard-lock permission callbacks

Impact Apps that register an asynchronous session.setPermissionRequestHandler may be vulnerable to a use-after-free when handling fullscreen, pointer-lock, or keyboard-lock permission requests. If the requesting frame navigates or the window closes while the permission handler is pending, invokin...

Mozilla: Fullscreen notification obscured

The Mozilla Foundation Security Advisory describes this flaw as: A website could have obscured the fullscreen notification by using a combination of window.open, fullscreen requests, window.name assignments, and setInterval calls. This could have led to user confusion and possible spoofing attack...

USN-5880-2 firefox regressions

USN-5880-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Christian Holler discovered that Firefox did not properly manage memory when using PKCS 12 Safe Bag attribute...

Mozilla: Browser window spoof using fullscreen mode

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification...

Mozilla: Browser window spoof using fullscreen mode

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: When resizing a popup and requesting fullscreen access, the popup would have become unable to leave fullscreen mode...