16 matches found
Mozilla Firefox 3.6 mChannel Use-After-Free Vulnerability
Mozilla Firefox 3.6 is prone to a use-after-free vulnerability in OBJECT mChannel that allows an attacker to execute arbitrary code. Title: Firefox 3.6 Universal function exploit var foo=document.getElementById"exploit";...
Mozilla Firefox 3.6 mChannel Use-After-Free
Title: Firefox 3.6 Universal function exploit var foo=document.getElementById"exploit"; e.QueryInterfaceComponents.interfaces.nsIChannelEventSink.onChannelRedirectnull,new Object,0; var vftable = unescape"\x00% u0c10"; var shellcode =...
Mozilla Firefox 3.6.x < 3.6.28 Multiple Vulnerabilities
Binary data 6351.prm...
CVE-2011-0075
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code vi...
CVE-2010-1212
js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to 1 propagation of deep aborts in...
CVE-2010-1203
The JavaScript engine in Mozilla Firefox 3.6.x before 3.6.4 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors that trigger an assertion failure in jstracer.cpp...
Mozilla Firefox 3.6.x < 3.6.4 Multiple Vulnerabilities
Binary data 5580.prm...
Content-Disposition: attachment ignored if Content-Type: multipart also present
Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, does not properly handle situations in which both "Content-Disposition: attachment" and "Content-Type: multipart" are present in HTTP headers, which allows remote attackers to conduct cross-site scripting XSS...
Design/Logic Flaw
The nsDocument::MaybePreLoadImage function in content/base/src/nsDocument.cpp in the image-preloading implementation in Mozilla Firefox 3.6 before 3.6.2 does not apply scheme restrictions and policy restrictions to the image's URL, which might allow remote attackers to cause a denial of service...
Cross site scripting
Mozilla Firefox 3.6 before 3.6.2 does not offer plugins the expected window.location protection mechanism, which might allow remote attackers to bypass the Same Origin Policy and conduct cross-site scripting XSS attacks via vectors that are specific to each affected plugin...
CVE-2010-0168
Technical details for CVE-2010-0168 are not provided in the supplied documents. The materials reference Firefox historical fixes and related advisories but do not describe affected components, root cause, impact, or remediation for this CVE. Monitor for updates.
CVE-2010-1121
Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes of DOM nodes that are moved from one document to another, which allows remote attackers to conduct use-after-free attacks and execute arbitrary code via unspecified vectors involving improper interaction with garbage collectio...
Mozilla Firefox Unspecified Vulnerability (Windows)
The host is running Mozilla Firefox and is prone to unspecified vulnerability. OpenVAS Vulnerability Test $Id: secpodfirefoxunspecifiedvuln.nasl 5394 2017-02-22 09:22:42Z teissa $ Mozilla Firefox Unspecified Vulnerability Windows Authors: Madhuri D Copyright: Copyright c 2010 SecPod,...
Integer overflow
Integer overflow in the decompression functionality in the Web Open Fonts Format WOFF decoder in Mozilla Firefox 3.6 before 3.6.2 and 3.7 before 3.7 alpha 3 allows remote attackers to execute arbitrary code via a crafted WOFF file that triggers a buffer overflow, as demonstrated by the vdff modul...
Mozilla Firefox 3.6 - XML Parser Memory Corruption (PoC) Denial of Service
Mozilla Firefox 3.6 - XML Parser Memory Corruption PoC Denial of Service Firefox 3.6XML parsermemory corruption PoC/Dos by d3b4g From tiny islands of maldivies Tested: version 3.6 Tested on windows XP SP3 20-01-2010 This same bug was in early version of firfox,found by Wojciech Pawlikowski This i...
Mozilla Firefox 3.6 - XML Parser Memory Corruption (PoC) / Denial of Service
Firefox 3.6XML parsermemory corruption PoC/Dos by d3b4g From tiny islands of maldivies Tested: version 3.6 Tested on windows XP SP3 20-01-2010 This same bug was in early version of firfox,found by Wojciech Pawlikowski This is just a update. This vulnerability cause a denial of service memory...