11 matches found
Astra Linux - уязвимость в firefox, thunderbird
Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt. This results in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR 102.5, Thunderbird 102.5, and Firefox 107...
Linux Distros Unpatched Vulnerability : CVE-2022-45408
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in...
Spoofing
Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR 102.5, Thunderbird 102.5, and Firefox 107...
CVE-2022-45408
Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR 102.5, Thunderbird 102.5, and Firefox 107...
Mozilla: Fullscreen notification bypass via windowName
The Mozilla Foundation Security Advisory describes this flaw as: Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks...
Mozilla: Fullscreen notification bypass via windowName
The Mozilla Foundation Security Advisory describes this flaw as: Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks...
Mozilla: Fullscreen notification bypass via windowName
The Mozilla Foundation Security Advisory describes this flaw as: Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks...
Mozilla: Fullscreen notification bypass via windowName
The Mozilla Foundation Security Advisory describes this flaw as: Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks...
AlmaLinux 8 : thunderbird (ALSA-2022:8547)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2022:8547 advisory. - Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined with...
Mageia: Security Advisory (MGASA-2022-0427)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Advantech WebAccess webvrpcs Service BwOpcSvc.dll WindowName sprintf Stack-Based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x1389F IOCTL in the BwOpcTool subsystem. A stack-based buff...