2 matches found
firefox: thunderbird: WebChannel APIs susceptible to confused deputy attack
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to...
Coinlancer has a flawed logic vulnerability
Coinlancer CL is an ethereum-based digital currency.A security vulnerability exists in the onlyOwner modifier of CL's smart contract implementation, which stems from the program not correctly comparing msg.sender and owner.An attacker could exploit this vulnerability to execute arbitrary code...