18 matches found
User-After-Free
firefox is vulnerable touse-after-free vulnerability. The vulnerability exists in the nsFrameManager::CaptureFrameState function and remote attackers can execute arbitrary code by leveraging improper interaction between restyling and the Web Animations model implementation...
CVE-2016-5274
Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between restyling and the Web Animations model...
CVE-2016-5274
Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between restyling and the Web Animations model...
CVE-2016-5274
Mozilla Firefox (and Thunderbird <45.4) is affected by CVE-2016-5274 due to a use-after-free in nsFrameManager::CaptureFrameState, allowing remote attackers to execute arbitrary code by exploiting interactions between restyling and the Web Animations model. Affected products/versions: Firefox ...
CVE-2016-5274
Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between restyling and the Web Animations model...
Memory corruption
The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to 1 the frame chain and synchronous events, 2 a SetMayHaveFrame assertion and...
CVE-2009-2462
The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to 1 the frame chain and synchronous events, 2 a SetMayHaveFrame assertion and...
Debian DSA-1696-1 : icedove - several vulnerabilities
Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0016 Justin Schuh, Tom Cross and Peter Williams discovered a buffer...
Debian Security Advisory DSA 1671-1 (iceweasel)
The remote host is missing an update to iceweasel announced via advisory DSA 1671-1. OpenVAS Vulnerability Test $Id: deb16711.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1671-1 iceweasel Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
Debian DSA-1671-1 : iceweasel - several vulnerabilities
Several remote vulnerabilities have been discovered in the Iceweasel webbrowser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0017 Justin Schuh discovered that a buffer overflow in the http-index-forma...
Mozilla crash and remote code execution in nsFrameManager
nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by modifying properties of a file input element while it is stil...
Mozilla Thunderbird < 2.0.0.18 Multiple Vulnerabilities
The installed version of Thunderbird is earlier than 2.0.0.18. Such versions are potentially affected by the following security issues : - The canvas element can be used in conjunction with an HTTP redirect to bypass same-origin restrictions and gain access to the content in arbitrary images from...
Mozilla Foundation Security Advisory 2008-55
Mozilla Foundation Security Advisory 2008-55 Title: Crash and remote code execution in nsFrameManager Impact: Critical Announced: November 12, 2008 Reporter: ling and wushi of team509 via TippingPoint Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.0.4 Firefox 2.0.0.18 Thunderbird...
CVE-2008-5021
nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by modifying properties of a file input element while it is stil...
CVE-2008-5021
nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by modifying properties of a file input element while it is stil...
Design/Logic Flaw
nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by modifying properties of a file input element while it is stil...
Mozilla crash and remote code execution in nsFrameManager
nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by modifying properties of a file input element while it is stil...
Mozilla crash and remote code execution in nsFrameManager
nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by modifying properties of a file input element while it is stil...