Mozilla -- Denial-of-service

https://bugzilla.mozilla.org/showbug.cgi?id=2025583 reports: Denial-of-service in the Audio/Video: Playback component...

EUVD-2002-2239

Malware in sbrugna...

Kinto Attachment's attachments can be replaced on read-only records

Impact The attachment file of an existing record can be replaced if the user has "read" permission on one of the parent collection or bucket. And if the "read" permission is given to "system.Everyone" on one of the parent, then the attachment can be replaced on a record using an anonymous request...

Mozilla Firefox ESR RSA Spoof Vulnerability (Sep 2014) - Windows

Mozilla Firefox ESR is prone to spoof vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

Mozilla Firefox 8/9 - 'AttributeChildRemoved()' Use-After-Free (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Firefox 8/9...

CVE-2002-2260

Vulnerability context (CVE-2002-2260) : Mozilla Bugzilla's quips feature is affected in versions 2.10–2.17, where an XSS vulnerability exists that lets remote attackers inject arbitrary script/HTML via the “show all quips” page. Several connected sources (including Debian’s DSA-218-1 and OpenVAS ...

CVE-2002-2260

Cross-site scripting XSS vulnerability in the quips feature in Mozilla Bugzilla 2.10 through 2.17 allows remote attackers to inject arbitrary web script or HTML via the "show all quips" page...

CVE-2002-2260

Cross-site scripting XSS vulnerability in the quips feature in Mozilla Bugzilla 2.10 through 2.17 allows remote attackers to inject arbitrary web script or HTML via the "show all quips" page...