Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Mozilla: Missing fullscreen and pointer lock notification when requesting both

The Mozilla Foundation Security Advisory describes this flaw as: By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for spoofing attacks...

RLSA-2021:5013 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.4.0 ESR. Security Fixes: Mozilla: Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 Mozilla: URL leakage when navigating while...

CVE-2021-43538

The Mozilla Foundation Security Advisory describes this flaw as: By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for spoofing attacks...

UBUNTU-CVE-2021-43538

By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for spoofing attacks. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 9...

Mozilla Firefox 竞争条件问题漏洞

Mozilla Firefox is an open source Web browser from the Mozilla Foundation. Mozilla Firefox is vulnerable to a conditional competition issue, which could be exploited by an attacker to force a notification to receive full-screen and pointer-locked access to the page...

CVE-2021-24000

A race condition with requestPointerLock and setTimeout could have resulted in a user interacting with one tab when they believed they were on a separate tab. In conjunction with certain elements such as input type="file" this could have led to an attack where a user was confused about the origin...

The vulnerability of Firefox’s requestPointerLock() and setTimeout() methods allows a intruder to gain unauthorized access to protected information.

The vulnerabilities of the requestPointerLock and setTimeout methods in Firefox browsers stem from synchronization errors when using shared resources. Exploiting these vulnerabilities can allow an attacker to gain unauthorized access to protected information...

SUSE: Security Advisory (SUSE-SU-2020:1135-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-23955

The browser could have been confused into transferring a pointer lock state into another tab, which could have lead to clickjacking attacks. This vulnerability affects Firefox 85...

Design/Logic Flaw

The browser could have been confused into transferring a pointer lock state into another tab, which could have lead to clickjacking attacks. This vulnerability affects Firefox 85...

CVE-2021-23955

The browser could have been confused into transferring a pointer lock state into another tab, which could have lead to clickjacking attacks. This vulnerability affects Firefox 85...

CVE-2021-23955

The browser could have been confused into transferring a pointer lock state into another tab, which could have lead to clickjacking attacks. This vulnerability affects Firefox 85...

CVE-2021-23955

The browser could have been confused into transferring a pointer lock state into another tab, which could have lead to clickjacking attacks. This vulnerability affects Firefox 85...

Security Vulnerabilities fixed in Firefox 85 — Mozilla

If a user clicked into a specifically crafted PDF, the PDF reader could be confused into leaking cross-origin information, when said information is served as chunked data. Using the new logical assignment operators in a JavaScript switch statement could have caused a type confusion, leading to a...

UBUNTU-CVE-2021-23955

The browser could have been confused into transferring a pointer lock state into another tab, which could have lead to clickjacking attacks. This vulnerability affects Firefox 85...

CVE-2021-23955

The browser could have been confused into transferring a pointer lock state into another tab, which could have lead to clickjacking attacks. This vulnerability affects Firefox 85...

Phishing Attack

firefox is vulnerable to phishing attack. The vulnerability exists as there are no user notification shown when the pointer lock is enabled by a website though requestPointerLock...

openSUSE Security Update : webkit2gtk3 (openSUSE-2020-602)

This update for webkit2gtk3 to version 2.28.1 fixes the following issues : Security issues fixed : - CVE-2020-10018: Fixed a denial of service because the mdeferredFocusedNodeChange data structure was mishandled bsc1165528. - CVE-2020-11793: Fixed a potential arbitrary code execution caused by a...

openSUSE: Security Advisory for webkit2gtk3 (openSUSE-SU-2020:0602-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...