2 matches found
firefox: multiple issues
CVE-2016-1952 CVE-2016-1953 arbitrary code execution Mozilla developers fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough...
CSP reports fail to strip location information for embedded iframe pages — Mozilla
Security researcher Muneaki Nishimura nishimunea of Recruit Technologies Co.,Ltd. reported that Content Security Policy CSP violation reports contained full path information for cross-origin iframe navigations in violation of the CSP specification. This could result in information disclosure...