FreeBSD : mozilla -- multiple vulnerabilities (7dfed67b-20aa-11e3-b8d8-0025905a4771)

The Mozilla Project reports : MFSA 2013-76 Miscellaneous memory safety hazards rv:24.0 / rv:17.0.9 MFSA 2013-77 Improper state in HTML5 Tree Builder with templates MFSA 2013-78 Integer overflow in ANGLE library MFSA 2013-79 Use-after-free in Animation Manager during stylesheet cloning MFSA 2013-8...

Firefox for Android - Same-origin bypass through symbolic links

CVE Number: CVE-2013-1727 Vender Identifier: MFSA 2013-84 Title: Firefox for Android - Same-origin bypass through symbolic links Affected Software: Prior to v24 confirmed on v14 Credit: Takeshi Terada of Mitsui Bussan Secure Directions, Inc. Issue Status: v24 was released which fixes this...

Firefox For Android Same-Origin Bypass

CVE Number: CVE-2013-1727 Vender Identifier: MFSA 2013-84 Title: Firefox for Android - Same-origin bypass through symbolic links Affected Software: Prior to v24 confirmed on v14 Credit: Takeshi Terada of Mitsui Bussan Secure Directions, Inc. Issue Status: v24 was released which fixes this...

CVE-2013-5159

WebKit in Apple iOS before 7 allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive information about use of the window.webkitRequestAnimationFrame API via an IFRAME element...

Design/Logic Flaw

WebKit in Apple iOS before 7 allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive information about use of the window.webkitRequestAnimationFrame API via an IFRAME element...

CVE-2013-5159

The CVE-2013-5159 entry concerns WebKit in Apple iOS prior to 7, where a vulnerability allowed a remote attacker to bypass the Same Origin Policy via an iframe and infer use of the window.webkitRequestAnimationFrame API, potentially exposing information about page behavior. Affected component: We...

CVE-2013-5159

WebKit in Apple iOS before 7 allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive information about use of the window.webkitRequestAnimationFrame API via an IFRAME element...

CVE-2013-1727

Mozilla Firefox before 24.0 on Android allows attackers to bypass the Same Origin Policy, and consequently conduct cross-site scripting XSS attacks or obtain password or cookie information, by using a symlink in conjunction with a file: URL for a local file...

Cross site scripting

Mozilla Firefox before 24.0 on Android allows attackers to bypass the Same Origin Policy, and consequently conduct cross-site scripting XSS attacks or obtain password or cookie information, by using a symlink in conjunction with a file: URL for a local file...

CVE-2013-1727

Mozilla Firefox before 24.0 on Android allows attackers to bypass the Same Origin Policy, and consequently conduct cross-site scripting XSS attacks or obtain password or cookie information, by using a symlink in conjunction with a file: URL for a local file...

CVE-2013-1727

CVE-2013-1727 affects Mozilla Firefox on Android prior to 24.0, where a symlink/URL trick can bypass the Same-Origin Policy for local files (file: URLs). This enables potential cross‑site scripting (XSS) and access to sensitive data such as cookies or passwords if a local file is involved. The is...

Mozilla Firefox 9.0.1 - Same Origin Policy Security Bypass

Mozilla Firefox 9.0.1 - Same Origin Policy Security Bypass source: https://www.securityfocus.com/bid/62480/info Mozilla Firefox is prone to a security-bypass vulnerability. Attackers can exploit this issue to bypass the same-origin policy and certain access restrictions to access data, or execute...

Same-origin bypass through symbolic links — Mozilla

Security researcher Takeshi Terada reported a mechanism to violate same-origin policy for local files using file:// through the use of symbolic links. This problem only affects web pages loaded from the local filesystem. This could allow for cross-site scripting XSS and access to locally stored...

Mozilla Firefox 9.0.1 - Same Origin Policy Security Bypass

source: https://www.securityfocus.com/bid/62480/info Mozilla Firefox is prone to a security-bypass vulnerability. Attackers can exploit this issue to bypass the same-origin policy and certain access restrictions to access data, or execute arbitrary script code in the browser of an unsuspecting us...

Updated chromium-browser-stable packages fix security vulnerabilities

Updated chromium-browser-stable packages fix security vulnerabilities: Karthik Bhargavan discovered a way to bypass the Same Origin Policy in frame handling CVE-2013-2881. Cloudfuzzer discovered a type confusion issue in the V8 javascript library CVE-2013-2882. Cloudfuzzer discovered a...

MGASA-2013-0249 Updated chromium-browser-stable packages fix security vulnerabilities

Updated chromium-browser-stable packages fix security vulnerabilities: Karthik Bhargavan discovered a way to bypass the Same Origin Policy in frame handling CVE-2013-2881. Cloudfuzzer discovered a type confusion issue in the V8 javascript library CVE-2013-2882. Cloudfuzzer discovered a...

mozilla -- multiple vulnerabilities

The Mozilla Project reports: MFSA 2013-76 Miscellaneous memory safety hazards rv:24.0 / rv:17.0.9 MFSA 2013-77 Improper state in HTML5 Tree Builder with templates MFSA 2013-78 Integer overflow in ANGLE library MFSA 2013-79 Use-after-free in Animation Manager during stylesheet cloning MFSA 2013-80...

Mozilla updates August 2013 (important)

This patch contains updates for - Firefox to 23.0 - xulrunner to 17.0.8esr - Thunderbird to 17.0.8 - mozilla-nspr to 4.10 - mozilla-nss to 3.15,1 MFSA 2013-63/CVE-2013-1701/CVE-2013-1702 Miscellaneous memory safety hazards MFSA 2013-64/CVE-2013-1704 bmo883313 Use after free mutating DOM during...

SuSE 11.2 / 11.3 Security Update : Mozilla Firefox (SAT Patch Numbers 8187 / 8191)

This update to Firefox 17.0.8esr bnc833389 addresses : - bmo855331, bmo844088, bmo858060, bmo870200, bmo874974, bmo861530, bmo854157, bmo893684, bmo878703, bmo862185, bmo879139, bmo888107, bmo880734. MFSA 2013-63 / CVE-2013-1701 / CVE-2013-1702 Miscellaneous memory safety hazards have been fixed...

SuSE 11.2 / 11.3 Security Update : Mozilla Firefox (SAT Patch Numbers 8187 / 8191)

This update to Firefox 17.0.8esr bnc833389 addresses : - bmo855331, bmo844088, bmo858060, bmo870200, bmo874974, bmo861530, bmo854157, bmo893684, bmo878703, bmo862185, bmo879139, bmo888107, bmo880734. MFSA 2013-63 / CVE-2013-1701 / CVE-2013-1702 Miscellaneous memory safety hazards have been fixed...