6 matches found
EUVD-2020-7651
Malware in sbrugna...
SUSE CVE-2020-15664
By holding a reference to the eval function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended or malicious...
NewStart CGSL CORE 5.05 / MAIN 5.05 : firefox Multiple Vulnerabilities (NS-SA-2021-0137)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has firefox packages installed that are affected by multiple vulnerabilities: - When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This...
Design/Logic Flaw
By holding a reference to the eval function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended or malicious...
CVE-2020-15664
The CVE-2020-15664 issue arises from a malicious page holding a reference to eval() from an about:blank window, allowing access to InstallTrigger and prompting users to install an extension. Affected products include Firefox < 80, Thunderbird < 78.2/68.12, Firefox ESR < 68.12/78.2, and F...
CVE-2020-15664
By holding a reference to the eval function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended or malicious...