9 matches found
CVE-2021-39658
ismsEx service is a vendor service in unisoc equipment。ismsEx service is an extension of sms system service,but it does not check the permissions of the caller,resulting in permission leaks。Third-party apps can use this service to arbitrarily modify and set system properties。Product:...
Important: thunderbird
Issue Overview: A permission leak could have occurred from a trusted site to an untrusted site via embed or object elements. This vulnerability affects Firefox 132, Firefox ESR 128.4, Firefox ESR 115.17, Thunderbird 128.4, and Thunderbird 132. CVE-2024-10458 An attacker could have caused a...
Updated thunderbird packages fix security vulnerabilities
Permission leak via embed or object elements. CVE-2024-10458 Use-after-free in layout with accessibility. CVE-2024-10459 Confusing display of origin for external protocol handler prompt. CVE-2024-10460 XSS due to Content-Disposition being ignored in multipart/x-mixed-replace response...
RLSA-2024:8729 Moderate: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: History interface could have been used to cause a Denial of Service condition in the browser CVE-2024-10464 firefox: thunderbird: XSS due to...
RockyLinux 8 : thunderbird (RLSA-2024:8790)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:8790 advisory. firefox: thunderbird: History interface could have been used to cause a Denial of Service condition in the browser CVE-2024-10464 firefox: thunderbird: X...
RHEL 9 : firefox (RHSA-2024:8726)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:8726 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
firefox: thunderbird: Permission leak via embed or object elements
The Mozilla Foundation's Security Advisory: A permission leak could occur from a trusted site to an untrusted site via embed or object elements...
Design/Logic Flaw
ismsEx service is a vendor service in unisoc equipment?ismsEx service is an extension of sms system service?but it does not check the permissions of the caller?resulting in permission leaks?Third-party apps can use this service to arbitrarily modify and set system properties?Product:...
ASB-A-207479207
ismsEx service is a vendor service in unisoc equipment。ismsEx service is an extension of sms system service,but it does not check the permissions of the caller,resulting in permission leaks。Third-party apps can use this service to arbitrarily modify and set system properties。...