6 matches found
Cross-site Scripting (XSS)
Firefox, Firefox ESR and Thunderbird are vulnerable to cross-site scripting XSS attacks. A remote user can bypass inline JavaScript Content Security Policy CSP and cause event handlers on marquee elements to be executed resulting in arbitrary code to execution. The affected component is Marquee T...
Mozilla: CSP bypass using marquee tag (MFSA 2016-94, MFSA 2016-95)
Event handlers on "marquee" elements were executed despite a strict Content Security Policy CSP that disallowed inline JavaScript. This vulnerability affects Firefox 50.1, Firefox ESR 45.6, and Thunderbird 45.6...
Mozilla: CSP bypass using marquee tag (MFSA 2016-94, MFSA 2016-95)
Event handlers on "marquee" elements were executed despite a strict Content Security Policy CSP that disallowed inline JavaScript. This vulnerability affects Firefox 50.1, Firefox ESR 45.6, and Thunderbird 45.6...
SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2016:2195-1)
Mozilla Firefox was updated to 45.3.0 ESR to fix the following issues bsc991809 : - MFSA 2016-62/CVE-2016-2835/CVE-2016-2836 Miscellaneous memory safety hazards rv:48.0 / rv:45.3 - MFSA 2016-63/CVE-2016-2830 Favicon network connection can persist when page is closed - MFSA 2016-64/CVE-2016-2838...
marquee.txt
Guy's the marquee tag dos exploit also afest's ie and opera also here is proof of concept credit's n00b and all that helped. This is for opera and ie. Ie voulnrability credit's to n00b and every-one who helped. /marque...
Fire fox dos exploit
I have found a problem which causes denial of service on fire fox browser Creadit:to n00b for finding this bug.. the problem lie's in the marquee html tag uses 100 cpu and crash's the browser.. Following proof of concept available html head titleCredit to n00b../title meta http-equiv="Content-Typ...