Mozilla: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects

POST requests made by NPAPI plugins, such as Flash, that receive a status 308 redirect response can bypass CORS requirements. This can allow an attacker to perform Cross-Site Request Forgery CSRF attacks. This vulnerability affects Firefox ESR 60.8, Firefox 68, and Thunderbird 60.8...

UBUNTU-CVE-2018-12364

NPAPI plugins, such as Adobe Flash, can send non-simple cross-origin requests, bypassing CORS by making a same-origin POST that does a 307 redirect to the target site. This allows for a malicious site to engage in cross-site request forgery CSRF attacks. This vulnerability affects Thunderbird 60,...

UBUNTU-CVE-2016-1966

The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRuntime.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service invalid pointer dereference and memory corruption via a crafted NPAPI plug...

xloadimage 4.1 - Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3006/info xloadimage is a utility used for displaying images of varying formats on X11 servers. xloadimage and possibly derivatives such as 'xli' contain a buffer overflow vulnerability in the handling of the 'Faces...

Netscape/Mozilla Navigator Plugin Path Disclosure (deprecated)

Binary data 1313.prm...

Дырка в Macromedia Flash

Переполнение буфреа в плагине к Netscape...

Переполнение буфера в MacroMedia Flash-плагине для Netscape

Переполнение буфера в strcpy...