73 matches found
CVE-2018-5119
The reader view will display cross-origin content when CORS headers are set to prohibit the loading of cross-origin content by a site. This could allow access to content that should be restricted in reader view. This vulnerability affects Firefox 58...
FreeBSD : mozilla -- multiple vulnerabilities (a891c5b4-3d7a-4de9-9c71-eef3fd698c77)
Mozilla Foundation reports : CVE-2018-5091: Use-after-free with DTMF timers CVE-2018-5092: Use-after-free in Web Workers CVE-2018-5093: Buffer overflow in WebAssembly during Memory/Table resizing CVE-2018-5094: Buffer overflow in WebAssembly with garbage collection on uninitialized memory...
Mozilla Firefox Security Advisories (MFSA2018-02, MFSA2018-03) - Mac OS X
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
CVE-2018-5119
The reader view will display cross-origin content when CORS headers are set to prohibit the loading of cross-origin content by a site. This could allow access to content that should be restricted in reader view. This vulnerability affects Firefox 58...
UBUNTU-CVE-2018-5119
The reader view will display cross-origin content when CORS headers are set to prohibit the loading of cross-origin content by a site. This could allow access to content that should be restricted in reader view. This vulnerability affects Firefox 58...
mozilla -- multiple vulnerabilities
Mozilla Foundation reports: CVE-2018-5091: Use-after-free with DTMF timers CVE-2018-5092: Use-after-free in Web Workers CVE-2018-5093: Buffer overflow in WebAssembly during Memory/Table resizing CVE-2018-5094: Buffer overflow in WebAssembly with garbage collection on uninitialized memory...
The vulnerability of the Firefox browser allows a hacker to circumvent existing access restrictions and execute cross-site scripting attacks.
The vulnerability of the Firefox browser’s Reader View function exists due to an improperly formed white list of addresses. Exploiting this vulnerability can allow a malicious actor to bypass existing access restrictions and perform cross-site scripting attacks...
Mozilla Firefox Reader View Feature Cross-Site Scripting Vulnerability
Mozilla Firefox is an open source web browser. A security vulnerability exists in the Mozilla Firefox Reader View feature that allows remote attackers to bypass the Content Security Policy CSP protection mechanism and conduct cross-site scripting attacks...
CVE-2015-4518
The Reader View implementation in Mozilla Firefox before 42.0 has an improper whitelist, which makes it easier for remote attackers to bypass the Content Security Policy CSP protection mechanism and conduct cross-site scripting XSS attacks via vectors involving SVG animations and the about:reader...
Cross site scripting
The Reader View implementation in Mozilla Firefox before 42.0 has an improper whitelist, which makes it easier for remote attackers to bypass the Content Security Policy CSP protection mechanism and conduct cross-site scripting XSS attacks via vectors involving SVG animations and the about:reader...
CVE-2015-4518
Mozilla Firefox CVE-2015-4518 describes an improper Reader View whitelist that can bypass CSP protections, enabling cross-site scripting via SVG-related vectors and the about:reader URL in Firefox versions before 42.0. Affected product: Firefox Reader View. Root cause: overly permissive allowlist...
CVE-2015-4518
The Reader View implementation in Mozilla Firefox before 42.0 has an improper whitelist, which makes it easier for remote attackers to bypass the Content Security Policy CSP protection mechanism and conduct cross-site scripting XSS attacks via vectors involving SVG animations and the about:reader...
UBUNTU-CVE-2015-4518
The Reader View implementation in Mozilla Firefox before 42.0 has an improper whitelist, which makes it easier for remote attackers to bypass the Content Security Policy CSP protection mechanism and conduct cross-site scripting XSS attacks via vectors involving SVG animations and the about:reader...