7 matches found
EUVD-2026-31727
Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7 has insufficient HTML sanitization that could lead to Cascading Style Sheets CSS injection via an SVG document that has an animate element with the attributeName attribute...
EUVD-2015-0840
Malware in sbrugna...
Mozilla Firefox < 36.0 Multiple Vulnerabilities
Binary data 8653.prm...
Heap overflow
Heap-based buffer overflow in the mozilla::gfx::CopyRect function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to obtain sensitive information from uninitialized process memory via a malformed SVG graphic...
CVE-2015-0827
Heap-based buffer overflow in the mozilla::gfx::CopyRect function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to obtain sensitive information from uninitialized process memory via a malformed SVG graphic...
thunderbird: multiple issues
CVE-2015-0822 information leak: Security researcher Armin Razmdjou reported that a user readable file in a known local path could be uploaded to a malicious site. This was done by manipulating the autocomplete feature in a form and user interaction with it. While the local file is not visibly...
Firefox ESR 31.x < 31.5 Multiple Vulnerabilities (Mac OS X)
The version of Firefox ESR 31.x installed on the remote Mac OS X host is prior to 31.5. It is, therefore, affected by the following vulnerabilities : - An information disclosure vulnerability exists related to the autocomplete feature that allows an attacker to read arbitrary files. CVE-2015-0822...