Security vulnerabilities fixed in Thunderbird 45.5 — Mozilla

A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash. The Mozilla Updater can be made to choose an arbitrary target working directory for output files resulting from the update process. This vulnerability require...

Debian DSA-3716-1 : firefox-esr - security update

Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows and other implementation errors may lead to the execution of arbitrary code or bypass of the same-origin policy. Also, a man-in-the-middle attack in the addon update...

Mozilla Firefox Same-Origin Policy Bypass Vulnerability (CNVD-2016-11471)

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. Mozilla Firefox suffers from a homology policy bypass vulnerability, which can be exploited by an attacker to bypass the local shortcut file and load arbitrary local content from disk...

Mozilla Firefox has multiple vulnerabilities

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. Mozilla Firefox has multiple vulnerabilities. An attacker can exploit these vulnerabilities to bypass security restrictions, perform unauthorized operations, obtain sensitive information, acces...

[SECURITY] [DSA 3716-1] firefox-esr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3716-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 16, 2016 https://www.debian.org/security/faq -...

Mozilla: Same-origin policy violation using local HTML file and saved shortcut file (MFSA 2016-89, MFSA 2016-90)

A same-origin policy bypass with local shortcut files to load arbitrary local content from disk. This vulnerability affects Thunderbird 45.5, Firefox ESR 45.5, and Firefox 50...

CVE-2016-5291

A same-origin policy bypass with local shortcut files to load arbitrary local content from disk. This vulnerability affects Thunderbird 45.5, Firefox ESR 45.5, and Firefox 50...

CVE-2016-5291

A same-origin policy bypass with local shortcut files to load arbitrary local content from disk. This vulnerability affects Thunderbird 45.5, Firefox ESR 45.5, and Firefox 50...

Mozilla Firefox Security Advisories (MFSA2016-89, MFSA2016-90) - Mac OS X

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

Debian Security Advisory DSA 3716-1 (firefox-esr - security update)

Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows and other implementation errors may lead to the execution of arbitrary code or bypass of the same-origin policy. Also, a man-in-the-middle attack in the addon update...

[ASA-201611-16] firefox: multiple issues

Arch Linux Security Advisory ASA-201611-16 ========================================== Severity: Critical Date : 2016-11-16 CVE-ID : CVE-2016-5289 CVE-2016-5290 CVE-2016-5291 CVE-2016-5292 CVE-2016-5296 CVE-2016-5297 CVE-2016-9063 CVE-2016-9064 CVE-2016-9066 CVE-2016-9067 CVE-2016-9068 CVE-2016-90...

DSA-3716-1 firefox-esr - security update

Bulletin has no description...

UBUNTU-CVE-2016-5291

A same-origin policy bypass with local shortcut files to load arbitrary local content from disk. This vulnerability affects Thunderbird 45.5, Firefox ESR 45.5, and Firefox 50...

Security vulnerabilities fixed in Firefox ESR 45.5 — Mozilla

A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash. When the Mozilla Updater is run, if the Updater's log file in the working directory points to a hardlink, data can be appended to an arbitrary local file. Thi...

Security vulnerabilities fixed in Firefox 50 — Mozilla

A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash. During URL parsing, a maliciously crafted URL can cause a potentially exploitable crash. When the Mozilla Updater is run, if the Updater's log file in the...

Squid 3.5.x < 3.5.18 Multiple Vulnerabilities

Binary data 9776.prm...

CVE-2016-7199

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the Same Origin Policy and obtain sensitive window-state information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."...

CVE-2016-7199

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the Same Origin Policy and obtain sensitive window-state information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."...

Information disclosure

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the Same Origin Policy and obtain sensitive window-state information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."...

CVE-2016-7199

CVE-2016-7199 affects Microsoft Internet Explorer (IE) versions 9–11 and Microsoft Edge, where a crafted web site can bypass the Same Origin Policy to disclose sensitive window-state information (information-disclosure vulnerability). Root cause is tied to how IE/Edge handle window/state data acr...