6926 matches found
Mozilla Firefox Multiple Vulnerabilities-01 (Apr 2015) - Mac OS X
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
Mozilla Firefox ESR Multiple Vulnerabilities-01 (Apr 2015) - Mac OS X
Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...
Mozilla Firefox Multiple Vulnerabilities-01 (Apr 2015) - Windows
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
Mozilla Firefox ESR Multiple Vulnerabilities-01 (Apr 2015) - Windows
Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...
Mozilla Thunderbird Multiple Vulnerabilities-01 (Apr 2015) - Windows
Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...
Mozilla Thunderbird Multiple Vulnerabilities-01 (Apr 2015) - Mac OS X
Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...
thunderbird: multiple issues
CVE-2015-0801 same-origin bypass: Mozilla developer Olli Pettay reported that while investigating Mozilla Foundation Security Advisory 2015-28, he and Mozilla developer Boris Zbarsky found an alternate way to trigger a similar vulnerability. The previously reported flaw used an issue with SVG...
(Pwn2Own) Mozilla Firefox resource: URL Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
(Pwn2Own) Mozilla Firefox SVG DOMAttrModified Same-Origin Policy Bypass Vulnerability
This vulnerability allows remote attackers to bypass the same-origin policy on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
USN-2552-1: Thunderbird vulnerabilities
Olli Pettay and Boris Zbarsky discovered an issue during anchor navigations in some circumstances. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit this to bypass same-origin policy restrictions. CVE-2015-0801 Christoph...
USN-2552-1 thunderbird vulnerabilities
Olli Pettay and Boris Zbarsky discovered an issue during anchor navigations in some circumstances. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit this to bypass same-origin policy restrictions. CVE-2015-0801 Christoph...
SUSE-SU-2015:0704-2 Security update for MozillaFirefox
Mozilla Firefox was updated to 31.6.0 ESR to fix five security issues. The following vulnerabilities were fixed: Miscellaneous memory safety hazards MFSA 2015-30/CVE-2015-0814/CVE-2015-0815 Use-after-free when using the Fluendo MP3 GStreamer plugin MFSA 2015-31/CVE-2015-0813 resource:// documents...
SUSE-SU-2015:0704-1 Security update for MozillaFirefox
Mozilla Firefox was updated to 31.6.0 ESR to fix five security issues. The following vulnerabilities were fixed: Miscellaneous memory safety hazards MFSA 2015-30/CVE-2015-0814/CVE-2015-0815 Use-after-free when using the Fluendo MP3 GStreamer plugin MFSA 2015-31/CVE-2015-0813 resource:// documents...
SUSE-SU-2015:0706-1 Security update for Mozilla Firefox
Mozilla Firefox was updated to 31.6.0 ESR to fix five security issues. The following vulnerabilities have been fixed: Miscellaneous memory safety hazards MFSA 2015-30/CVE-2015-0814/CVE-2015-0815 Use-after-free when using the Fluendo MP3 GStreamer plugin MFSA 2015-31/CVE-2015-0813 resource://...
Ubuntu 14.04 LTS : Firefox vulnerabilities (USN-2550-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2550-1 advisory. Olli Pettay and Boris Zbarsky discovered an issue during anchor navigations in some circumstances. If a user were tricked in to opening a specially craft...
Mozilla Firefox/Thunderbird Same Origin Policy Bypass Arbitrary Code Execution Vulnerability
Mozilla Firefox/SeaMonkey is a WEB browser/newsgroup client released by Mozilla. The Mozilla Firefox/SeaMonkey incorrectly restricts resource: URL vulnerability, which allows remote attackers to bypass the same-origin policy and execute arbitrary JavaScript code with chrome privileges via a...
USN-2550-1 firefox vulnerabilities
Olli Pettay and Boris Zbarsky discovered an issue during anchor navigations in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin policy restrictions. CVE-2015-0801 Bobby Holley discovered that...
USN-2550-1: Firefox vulnerabilities
Olli Pettay and Boris Zbarsky discovered an issue during anchor navigations in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin policy restrictions. CVE-2015-0801 Bobby Holley discovered that...
Mozilla: Same-origin bypass through anchor navigation (MFSA 2015-40)
Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving anchor navigation, a similar issue to CVE-2015-0818...
CVE-2015-0816
Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 do not properly restrict resource: URLs, which makes it easier for remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging the ability to bypass the Same Origin Policy, as...