14 matches found
Mozilla: Extensions could have bypassed permission confirmation during update
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: If a user installed a particular type of extension, the extension could have auto-updated itself, and while doing so may have bypassed the prompt which grants the new version the new requested permission...
Mozilla: frame-ancestors Content Security Policy directive was not enforced for framed extension pages
The Mozilla Foundation Security Advisory describes this flaw as: Web-accessible extension pages pages with a moz-extension:// scheme were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension's Content Security Policy...
Mozilla: Extensions could have bypassed permission confirmation during update
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: If a user installed a particular type of extension, the extension could have auto-updated itself, and while doing so may have bypassed the prompt which grants the new version the new requested permission...
Mozilla: Extensions could have bypassed permission confirmation during update
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: If a user installed a particular type of extension, the extension could have auto-updated itself, and while doing so may have bypassed the prompt which grants the new version the new requested permission...
User Agent String Switcher Service - XSS Vulnerabilities
Document Title: =============== User Agent String Switcher Service - XSS Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2189 Release Date: ============= 2019-08-13 Vulnerability Laboratory ID VL-ID: ====================================...
Dennis Fisher and Mike Mimoso Discuss Patch Tuesday, Facebook's ThreatExchange and More
Dennis Fisher and Mike Mimoso discuss Patch Tuesday, the Facebook ThreatExchange platform, Mozilla’s extension signing plan, plus questions from readers! Music by Chris Gonsalves Download: digitalunderground185.mp3...
Fedora Update for mozvoikko FEDORA-2011-13422
Check for the Version of mozvoikko OpenVAS Vulnerability Test Fedora Update for mozvoikko FEDORA-2011-13422 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
[SECURITY] Fedora 13 Update: mozvoikko-1.0-14.fc13
This is mozvoikko, an extension for Mozilla programs for using the Finnish spell-checker Voikko...
[SECURITY] Fedora 13 Update: mozvoikko-1.0-11.fc13
This is mozvoikko, an extension for Mozilla programs for using the Finnish spell-checker Voikko...
[SECURITY] Fedora 11 Update: mozvoikko-0.9.7-0.7.rc1.fc11
This is mozvoikko, an extension for Mozilla programs for using the Finnish spell-checker Voikko...
[SECURITY] Fedora 11 Update: mozvoikko-0.9.7-0.6.rc1.fc11
This is mozvoikko, an extension for Mozilla programs for using the Finnish spell-checker Voikko...
[SECURITY] Fedora 10 Update: mozvoikko-0.9.5-12.fc10
This is mozvoikko, an extension for Mozilla programs for using the Finnish spell-checker Voikko...
[SECURITY] Fedora 10 Update: mozvoikko-0.9.5-11.fc10
This is mozvoikko, an extension for Mozilla programs for using the Finnish spell-checker Voikko...
[Full-disclosure] Fizzle : Firefox Extension Vulnerability
Fizzle allows feeds to use HTML in feed data resulting in JavaScript being run in the chrome: window with chrome permissions. The extension will convert HTML entities back to their ASCII equivalents thus becomes and so forth. Various feeds fields are vulnerable including the title which allows th...