2 matches found
-moz-binding property bypasses security checks on codebase principals — Mozilla
Security researcher Collin Jackson reported that the -moz-binding CSS property can be used to bypass security checks which validate codebase principals. Similar to the issue reported in MFSA 2008-23, Jackson demonstrated that an attacker can replace a stylesheet in a signed JAR which uses relativ...
openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-5411)
Mozilla Firefox was updated to version 2.0.0.15, fixing various bugs including following security bugs : CVE-2008-2798 CVE-2008-2799 MFSA-2008-21: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these...