firefox -- multiple vulnerabilities

[email protected] reports: Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack...

Mozilla Firefox and Thunderbird Security Bypass Vulnerability

Mozilla Firefox is an open source web browser.Mozilla Thunderbird is a set of e-mail client software separate from the Mozilla Application Suite. A security bypass vulnerability exists in Mozilla Firefox and Thunderbird, caused by an error related to capturing form validation pop-ups for escape k...

SUSE CVE-2010-1422

WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly handle changes to keyboard focus that occur during processing of key press events, which allows remote attackers to force arbitrary key presses via a crafted HTML docume...

SUSE CVE-2017-5460

A use-after-free vulnerability in frame selection triggered by a combination of malicious script content and key presses by a user. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...

CVE-2018-15002

The Vivo V7 device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/release-keys allows any app co-located on the device to set system properties as the com.android.phone user. The com.qualcomm.qti.modemtestmode app versionCode=25, versionName=7.1.2 that contains an...

DEBIAN-CVE-2017-5460

A use-after-free vulnerability in frame selection triggered by a combination of malicious script content and key presses by a user. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...

Design/Logic Flaw

A use-after-free vulnerability in frame selection triggered by a combination of malicious script content and key presses by a user. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...

CVE-2017-5460

A use-after-free vulnerability in frame selection triggered by a combination of malicious script content and key presses by a user. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...

Mozilla: Use-after-free in frame selection (MFSA 2017-11, MFSA 2017-12)

A use-after-free vulnerability in frame selection triggered by a combination of malicious script content and key presses by a user. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...

Mozilla: Use-after-free in frame selection (MFSA 2017-11, MFSA 2017-12)

A use-after-free vulnerability in frame selection triggered by a combination of malicious script content and key presses by a user. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...

Mozilla: Use-after-free in frame selection (MFSA 2017-11, MFSA 2017-12)

A use-after-free vulnerability in frame selection triggered by a combination of malicious script content and key presses by a user. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...

UBUNTU-CVE-2017-5460

A use-after-free vulnerability in frame selection triggered by a combination of malicious script content and key presses by a user. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...

CVE-2017-5460

A use-after-free vulnerability in frame selection triggered by a combination of malicious script content and key presses by a user. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...

A combination of clicks and key presses can lead to cross site scripting or code execution

When a user double clicks on a page, they may expect the two clicks to target the same object. If a page uses the first click to open a pop-up window in a predictable location, the second click may focus parts of the new window, such as its address field. If the page can then convince the user to...

Mandriva Update for kdebase MDKSA-2007:138 (kdebase)

Check for the Version of kdebase OpenVAS Vulnerability Test Mandriva Update for kdebase MDKSA-2007:138 kdebase Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

Mandrake Linux Security Advisory : kdebase (MDKSA-2007:138)

An issue with the interaction between the Flash Player and the Konqueror web browser was discovered, which could lead to key presses leaking to the Flash Player instead of to the browser. This only affects users who have actually installed the Adobe Flash Player plugin. Updated packages have been...

Important: Red Hat Security Advisory: kdebase security update

Updated kdebase packages that resolve an interaction security issue with Adobe Flash Player are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The kdebase packages provide the core applications for KDE, the K Desktop Environmen...

MacOS X screensaver protection bypass

Keys pressed shortly before the authentication window appears will be sent to the general user environment...

CVE-2002-1763

The dtscreen Sun Solaris 8 CDE screensaver crashes when the "Shift" and "Return" keys are pressed repeatedly and quickly, which allows local users to access the current session...