43 matches found
Mozilla: Potential leak of redirect targets when loading scripts in a worker
By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox 79, Firefox ESR 68.11, Firefox ESR 78.1, Thunderbird 68.11, and Thunderbi...
Mozilla: Potential leak of redirect targets when loading scripts in a worker
By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox 79, Firefox ESR 68.11, Firefox ESR 78.1, Thunderbird 68.11, and Thunderbi...
UBUNTU-CVE-2020-15652
By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox 79, Firefox ESR 68.11, Firefox ESR 78.1, Thunderbird 68.11, and Thunderbi...
Security Vulnerabilities fixed in Firefox ESR 68.11 — Mozilla
By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. WebRTC used the memory address of a class instance as a connection identifier. Unfortunately, this value is...
Fedora 26 : wordpress (2018-19c693fd9a)
Upstream announcement : WordPress 4.9.2 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. An XSS vulnerability was discovered in the Flash fallback files in MediaElement, a library that is...
Fedora 27 : wordpress (2018-48da15ea59)
Upstream announcement : WordPress 4.9.2 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. An XSS vulnerability was discovered in the Flash fallback files in MediaElement, a library that is...
FreeBSD : wordpress -- multiple issues (c04dc18f-fcde-11e7-bdf6-00e04c1ea73d)
wordpress developers reports : JavaScript errors that prevented saving posts in Firefox have been fixed. The previous taxonomy-agnostic behavior of getcategorylink and categorydescription was restored. Switching themes will now attempt to restore previous widget assignments, even when there are n...
openSUSE Security Update : cacti / cacti-spine (openSUSE-2017-999)
This update for cacti and cacti-spine fixes security issues and bugs. The following vulnerabilities were fixed : - CVE-2017-12927: Cross-site scripting vulnerability in methodparameter bsc1054390 - CVE-2017-12978:Cross-site scripting vulnerability via the title field bsc1054742 It also contains a...
CVE-2007-2176
Unspecified vulnerability in Mozilla Firefox allows remote attackers to execute arbitrary code via unspecified vectors involving Javascript errors. NOTE: this might be the same issue as CVE-2007-2175...
Fedora 19 : phpMyAdmin-4.2.12-1.fc19 (2014-15535)
phpMyAdmin 4.2.12.0 2014-11-20 ================================ - Blank/white page when JavaScript disabled - Multi row actions cause full page reloads - ReferenceError: targeurl is not defined - Incorrect text/icon display in Tracking report - Recordset return from procedure display nothing - Ed...
Fedora 18 : ReviewBoard-1.7.18-1.fc18 / python-djblets-0.7.23-1.fc18 (2013-20817)
Fix JavaScript errors - New upstream security release 1.7.17 - http://www.reviewboard.org/docs/releasenotes/reviewboa rd/1.7.17/ - Resolves: CVE-2013-4519 - Security Fixes : - Fixed XSS vulnerabilities for the 'Branch' field and uploaded file captions. - Added a 'X-Frame-Options' header to...
Mozilla Firefox < 12.0 Multiple Vulnerabilities
Binary data 6790.prm...
SeaMonkey 2.x < 2.9.0 Multiple Vulnerabilities
Binary data 6791.prm...
Mozilla Thunderbird < 12 Multiple Vulnerabilities
Binary data 801261.prm...
Ubuntu 10.04 LTS / 11.04 / 11.10 : ubufox update (USN-1430-2)
USN-1430-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the latest Firefox. Bob Clary, Christian Holler, Brian Hackett, Bobby Holley, Gary Kwong, Hilary Hall, Honza Bambas, Jesse Ruderman, Julian Seward, and Olli Pettay discovered memory safety...
Firefox < 12.0 Multiple Vulnerabilities (Mac OS X)
The installed version of Firefox is earlier than 12.0 and thus, is potentially affected by the following security issues : - An error exists with handling JavaScript errors that can lead to information disclosure. CVE-2011-1187 - An off-by-one error exists in the 'OpenType Sanitizer' which can le...
Thunderbird < 12.0 Multiple Vulnerabilities (Mac OS X)
The installed version of Thunderbird is earlier than 12.0 and thus, is potentially affected by the following security issues : - An error exists with handling JavaScript errors that can lead to information disclosure. CVE-2011-1187 - An off-by-one error exists in the 'OpenType Sanitizer' which ca...
Firefox < 12.0 Multiple Vulnerabilities
The installed version of Firefox is earlier than 12.0 and thus, is potentially affected by the following security issues : - An error exists with handling JavaScript errors that could lead to information disclosure. CVE-2011-1187 - An off-by-one error exists in the 'OpenType Sanitizer' that could...
Mozilla Thunderbird < 12.0 Multiple Vulnerabilities
The installed version of Thunderbird is earlier than 12.0 and thus, is potentially affected by the following security issues : - An error exists with handling JavaScript errors that could lead to information disclosure. CVE-2011-1187 - An off-by-one error exists in the 'OpenType Sanitizer' that...
HTTP Redirections and remote content can be read by javascript errors — Mozilla
Security researcher Daniel Divricean reported that a defect in the error handling of javascript errors can leak the file names and location of javascript files on a server, leading to inadvertent information disclosure and a vector for further attacks...