14 matches found
EUVD-2018-4372
Malware in sbrugna...
EUVD-2018-4375
Malware in sbrugna...
Denial Of Service (DoS)
firefox is vulnerable to denial of service DoS. The vulnerability exists through special resource URIs loaded with optional parameters following a ? in the parsed string...
CVE-2018-12398
By using the reflected URL in some special resource URIs, such as chrome:, it is possible to inject stylesheets and bypass Content Security Policy CSP. This vulnerability affects Firefox 63...
CVE-2018-12401
Some special resource URIs will cause a non-exploitable crash if loaded with optional parameters following a '?' in the parsed string. This could lead to denial of service DOS attacks. This vulnerability affects Firefox 63...
Spoofing
Some special resource URIs will cause a non-exploitable crash if loaded with optional parameters following a '?' in the parsed string. This could lead to denial of service DOS attacks. This vulnerability affects Firefox 63...
CVE-2018-12398
By using the reflected URL in some special resource URIs, such as chrome:, it is possible to inject stylesheets and bypass Content Security Policy CSP. This vulnerability affects Firefox 63...
CVE-2018-12401
Some special resource URIs will cause a non-exploitable crash if loaded with optional parameters following a '?' in the parsed string. This could lead to denial of service DOS attacks. This vulnerability affects Firefox 63...
CVE-2018-12401
CVE-2018-12401 affects Mozilla Firefox prior to 63.0. The vulnerability is triggered by loading certain special resource URIs with optional parameters after a ‘?’, causing a non-exploitable crash and potential denial of service. No exploitation details are provided in the documents beyond this cr...
CVE-2018-12398
CVE-2018-12398 affects Firefox versions earlier than 63.0 and allows CSP bypass via stylesheet injection using a reflected URL in certain resource URIs (e.g., chrome:). Affected products are Firefox
CVE-2018-12398
By using the reflected URL in some special resource URIs, such as chrome:, it is possible to inject stylesheets and bypass Content Security Policy CSP. This vulnerability affects Firefox 63...
CVE-2018-12401
Some special resource URIs will cause a non-exploitable crash if loaded with optional parameters following a '?' in the parsed string. This could lead to denial of service DOS attacks. This vulnerability affects Firefox 63...
UBUNTU-CVE-2018-12401
Some special resource URIs will cause a non-exploitable crash if loaded with optional parameters following a '?' in the parsed string. This could lead to denial of service DOS attacks. This vulnerability affects Firefox 63...
Firefox PDF.js Privileged Javascript Injection Exploit
This Metasploit module gains remote code execution on Firefox 35-36 by abusing a privilege escalation bug in resource:// URIs. PDF.js is used to exploit the bug. This exploit requires the user to click anywhere on the page to trigger the vulnerability. This module requires Metasploit:...