CVE-2012-4184

The Chrome Object Wrapper COW implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not prevent access to properties of a prototype for a standard class, which allows remote...

CVE-2012-3993

CVE-2012-3993 affects Mozilla Firefox (pre-16.0), Firefox ESR (pre-10.0.8), Thunderbird (pre-16.0), Thunderbird ESR (pre-10.0.8), and SeaMonkey (pre-2.13). The Chrome Object Wrapper (COW) implementation can mishandle InstallTrigger failures, enabling remote JavaScript execution with chrome privil...

CVE-2012-4184

CVE-2012-4184 affects Mozilla's COW in Firefox (and related Mozilla products) prior to version 16.0 (Firefox), ESR 10.x prior to 10.0.8, Thunderbird prior to 16.0, Thunderbird ESR 10.x prior to 10.0.8, and SeaMonkey prior to 2.13. The issue allows a crafted web site to bypass restrictions and acc...

Mozilla: Chrome Object Wrapper (COW) does not disallow acces to privileged functions or properties (MFSA 2012-83)

The Chrome Object Wrapper COW implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not prevent access to properties of a prototype for a standard class, which allows remote...

Mozilla: Chrome Object Wrapper (COW) does not disallow acces to privileged functions or properties (MFSA 2012-83)

The Chrome Object Wrapper COW implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not properly interact with failures of InstallTrigger methods, which allows remote attackers to...

Mozilla: Chrome Object Wrapper (COW) does not disallow acces to privileged functions or properties (MFSA 2012-83)

The Chrome Object Wrapper COW implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not prevent access to properties of a prototype for a standard class, which allows remote...

Mozilla: Chrome Object Wrapper (COW) does not disallow acces to privileged functions or properties (MFSA 2012-83)

The Chrome Object Wrapper COW implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not properly interact with failures of InstallTrigger methods, which allows remote attackers to...

CVE-2012-3993

The Chrome Object Wrapper COW implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not properly interact with failures of InstallTrigger methods, which allows remote attackers to...

Chrome Object Wrapper (COW) does not disallow access to privileged functions or properties — Mozilla

Security researcher Mariusz Mlynski reported that when InstallTrigger fails, it throws an error wrapped in a Chrome Object Wrapper COW that fails to specify exposed properties. These can then be added to the resulting object by an attacker, allowing access to chrome privileged functions through...

Google Chrome v8 script object wrapper vulnerability

Google Chrome is an open source WEB browser. A security vulnerability exists in the v8 script object wrapper in Google Chrome, which can be exploited by remote attackers to cause a denial of service and other remote attacks...