7 matches found
Security vulnerabilities fixed in Firefox 62 — Mozilla
A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exploitable crash. A use-after-free vulnerability can occur when an IndexedDB index is deleted while...
CVE-2017-7770
A mechanism where when a new tab is loaded through JavaScript events, if fullscreen mode is then entered, the addressbar will not be rendered. This would allow a malicious site to displayed a spoofed addressbar, showing the location of an arbitrary website instead of the one loaded. Note: this...
CVE-2017-5452
Malicious sites can display a spoofed addressbar on a page when the existing location bar on the new page is scrolled out of view if an HTML editable page element is user selected. Note: This attack only affects Firefox for Android. Other operating systems are not affected. This vulnerability...
CVE-2017-5452
Malicious sites can display a spoofed addressbar on a page when the existing location bar on the new page is scrolled out of view if an HTML editable page element is user selected. Note: This attack only affects Firefox for Android. Other operating systems are not affected. This vulnerability...
CVE-2017-5452
CVE-2017-5452 affects Firefox for Android prior to version 53. The issue allows a spoofed address bar on a page when the new page’s location bar is scrolled out of view if an HTML editable element is user-selected. Remediation per the advisory is upgrading to Firefox 53 or newer (the fixed versio...
CVE-2017-7770
A mechanism where when a new tab is loaded through JavaScript events, if fullscreen mode is then entered, the addressbar will not be rendered. This would allow a malicious site to displayed a spoofed addressbar, showing the location of an arbitrary website instead of the one loaded. Note: this...
CVE-2017-5452
Malicious sites can display a spoofed addressbar on a page when the existing location bar on the new page is scrolled out of view if an HTML editable page element is user selected. Note: This attack only affects Firefox for Android. Other operating systems are not affected. This vulnerability...