SUSE CVE-2015-0802

Mozilla Firefox before 37.0 relies on docshell type information instead of page principal information for Window.webidl access control, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via certain content navigation that leverages the reachability of ...

The vulnerability of the Firefox browser, which allows a remote attacker to execute arbitrary JavaScript code

The vulnerability of Firefox lies in the use of Window.webidl for controlling access to docshell types, rather than page principal information. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code with Chrome privileges through content navigation, thereby...

Mozilla Firefox Arbitrary Code Execution Vulnerability (CNVD-2015-02149)

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox versions prior to 37.0, which originates from a program that controls Window.webidl access based on docshell type information. A remote attack...

UBUNTU-CVE-2015-0802

Mozilla Firefox before 37.0 relies on docshell type information instead of page principal information for Window.webidl access control, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via certain content navigation that leverages the reachability of ...