10 matches found
Mozilla Firefox Security Advisory (MFSA2012-22) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
Chrome Universal XSS using IDBKeyRange static methods(CVE-2015-1268)
VULNERABILITY DETAILS Calling an object-returning static method with a cross-origin thing passed as |this| yields an object wrapped in the cross-origin scope. This is because FunctionCallbackInfo ends up with a cross-origin holder, and the holder acts as a creation context for the return value in...
openSUSE Security Update : MozillaFirefox / MozillaThunderbird / seamonkey / etc (openSUSE-SU-2012:0567-1)
Changes in xulrunner : - update to 12.0 bnc758408 - rebased patches - MFSA 2012-20/CVE-2012-0467/CVE-2012-0468 Miscellaneous memory safety hazards - MFSA 2012-22/CVE-2012-0469 bmo738985 use-after-free in IDBKeyRange - MFSA 2012-23/CVE-2012-0470 bmo734288 Invalid frees causes heap corruption in...
Mozilla Firefox < 12.0 Multiple Vulnerabilities
Binary data 6790.prm...
Mozilla SeaMonkey 2.x < 2.9.0 Multiple Vulnerabilities
Binary data 801320.prm...
Mozilla Multiple Products IDBKeyRange Use-After-Free (CVE-2012-0469)
A use-after-free vulnerability has been reported in Mozilla Firefox, Thunderbird, and SeaMonkey...
Firefox < 12.0 Multiple Vulnerabilities (Mac OS X)
The installed version of Firefox is earlier than 12.0 and thus, is potentially affected by the following security issues : - An error exists with handling JavaScript errors that can lead to information disclosure. CVE-2011-1187 - An off-by-one error exists in the 'OpenType Sanitizer' which can le...
CVE-2012-0469
CVE-2012-0469 is a use-after-free in Mozilla Firefox/Thunderbird/SeaMonkey components involving the IndexedDB IDBKeyRange cycleCollection Trace path. Affects Firefox 4.x–11.0, ESR 10.x before 10.0.4, Thunderbird 5.0–11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9. Root cause: u...
Mozilla: use-after-free in IDBKeyRange (MFSA 2012-22)
Use-after-free vulnerability in the mozilla::dom::indexedDB::IDBKeyRange::cycleCollection::Trace function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to...
use-after-free in IDBKeyRange — Mozilla
Using the Address Sanitizer tool, security researcher Aki Helin from OUSPG found that IDBKeyRange of indexedDB remains in the XPConnect hashtable instead of being unlinked before being destroyed. When it is destroyed, this causes a use-after-free, which is potentially exploitable...