29 matches found
MiracleLinux 3 : firefox-24.5.0-1.0.2.AXS3 (AXSA:2014-356:03)
The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2014-356:03 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this releas...
SUSE SLES15: MozillaFirefox / MozillaFirefox-devel / etc (SUSE-SU-2023:0469-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0469-1 advisory. Updated to version 102.8.0 ESR bsc1208144: - CVE-2023-25728: Fixed content security policy leak in violation reports using iframes....
SUSE CVE-2014-1529
The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page f...
truhoo.win Cross Site Scripting vulnerability OBB-2486106
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Mozilla Firefox Security Advisory (MFSA2014-42) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
The vulnerability of the SeaMonkey software package allows a malicious attacker to execute arbitrary code or cause a service failure.
The SeaMonkey software contains a vulnerability in the qcmsprofilefrommemory function. Exploiting this vulnerability allows an unauthorized attacker to execute arbitrary code or cause a service failure by manipulating the web notification API component, thereby creating a special ICC profile...
The vulnerability of the Firefox browser, which allows a malicious attacker to execute arbitrary code.
Mozilla Firefox’s software contains a vulnerability in the nsJSThunk::EvaluateScript function. Exploiting this vulnerability allows an attacker to execute arbitrary code by manipulating the web notification API component...
The vulnerability of the Firefox ESR browser allows a malicious attacker to execute arbitrary code or trigger a service denial.
Mozilla Firefox ESR software contains a vulnerability in the qcmsprofilefrommemory function. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause a service failure by manipulating the web notification API component, thereby creating a custom ICC profile...
The vulnerability of the Firefox ESR browser allows a malicious attacker to execute arbitrary code.
Mozilla Firefox ESR software contains a vulnerability in the nsJSThunk::EvaluateScript function. Exploiting this vulnerability allows an attacker to execute arbitrary code by manipulating the web notification API component...
The vulnerability of the SeaMonkey software package, which allows a malicious attacker to execute arbitrary code.
The SeaMonkey software contains a vulnerability in the nsJSThunk::EvaluateScript function. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by manipulating the web notification API component...
The vulnerability of the Thunderbird email client, which allows a remote attacker to execute arbitrary code.
Mozilla Thunderbird’s software contains a vulnerability in the nsJSThunk::EvaluateScript function. Exploiting this vulnerability allows an attacker to execute arbitrary code by manipulating the web notification API component...
The vulnerability of the Thunderbird email client, which allows a remote attacker to execute arbitrary code or trigger a service denial-of-service attack.
Mozilla Thunderbird’s software contains a vulnerability in the qcmsprofilefrommemory function. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause a service failure by manipulating the web notification API component, thereby creating a special ICC profile...
SUSE SLES11 Security Update : Mozilla Firefox (SUSE-SU-2014:0665-1)
This Mozilla Firefox and Mozilla NSS update fixes several security and non-security issues. Mozilla Firefox has been updated to 24.5.0esr which fixes the following issues : - MFSA 2014-34/CVE-2014-1518 Miscellaneous memory safety hazards - MFSA 2014-37/CVE-2014-1523 Out of bounds read while...
Mozilla Firefox Multiple Vulnerabilities-01 (May 2014) - Mac OS X
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
SeaMonkey Multiple Vulnerabilities-01 (May 2014) - Mac OS X
SeaMonkey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:seamonkey"; ifdescription...
SeaMonkey < 2.26 Multiple Vulnerabilities
Binary data 8214.prm...
CVE-2014-1529
The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page f...
CVE-2014-1529
The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page f...
Design/Logic Flaw
The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page f...
CVE-2014-1529
The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page f...