SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 8348)

MozillaFirefox was updated to the 10.0.10ESR security release. The following issues have been fixed : - Mozilla has fixed a number of issues related to the Location object in order to enhance overall security. Details for each of the current fixed issues are below. MFSA 2012-90 Thunderbird is onl...

CentOS 5 / 6 : firefox (CESA-2012:1407)

Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity rating...

Chrome privilege escalation in XPCVariant::VariantDataToJS() — Mozilla

Mozilla security researcher mozbugra4 reported that the XPCOM utility XPCVariant::VariantDataToJS unwrapped doubly-wrapped objects before returning them to chrome callers. This could result in chrome privileged code calling methods on an object which had previously been created or modified by web...

Mozilla Foundation Security Advisory 2008-39

Mozilla Foundation Security Advisory 2008-39 Title: Privilege escalation using feed preview page and XSS flaw Impact: Critical Announced: September 23, 2008 Reporter: mozbugra4 Products: Firefox Fixed in: Firefox 2.0.0.17 Description Mozilla security researcher mozbugra4 reported a series of...

XPCNativeWraper pollution using Script object — Mozilla

Mozilla security researcher mozbugra4 reported that it was possible to use the Script object to modify XPCNativeWrappers in such a way that subsequent access by the browser chrome--such as by right-clicking to open a context menu--can cause attacker-supplied javascript to run with the same...

Mozilla Foundation Security Advisory 2007-21

Mozilla Foundation Security Advisory 2007-21 Title: Privilege escallation using an event handler attached to an element not in the document Impact: Critical Announced: July 17, 2007 Reporter: mozbugra4 Products: Firefox Fixed in: Firefox 2.0.0.5 Description An attecker can use an element outside ...

Privilege escalation using addSelectionListener — Mozilla

Web content could access the nsISelectionPrivate interface of the Selection object and use it to add a SelectionListener. The listener would be called when the user did a "Find" on the page or a "select all", and as intended this shouldn't cause any problems. But as with escaping the PAC sandbox ...

firefoxSploit-2.txt

Proof-of-Concept for Firefox 1.0.3 - by mozbugra4 // it needs chrome privilege to get |Components.stack| var code = "alert'Exploit!\n\n' + Components.stack;"; var evalCode = code.replace/'/g, '"'.replace/\/g, '\\'; var scriptCode = "arguments.callee.parent.eval'" + evalCode + "';'';"; var...

Mozilla Suite And Firefox - DOM Property Overrides Code Execution

source: https://www.securityfocus.com/bid/13645/info Mozilla Suite and Mozilla Firefox are affected by a code-execution vulnerability. This issue is due to a failure in the application to properly verify Document Object Model DOM property values. An attacker may leverage this issue to execute...