141 matches found
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS via MsQuic.dll, allowing a peer to allocate small chunks of memory as long as a connection stays alive. Note: This issue only affects Windows systems. Details Denial of Service DoS describes a family of attacks, al...
SUSE CVE-2023-5727
The executable file warning was not presented when downloading .msix, .msixbundle, .appx, and .appxbundle files, which can run commands on a user's computer. Note: This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox 119,...
CVE-2023-5168
A compromised content process could have provided malicious data to FilterNodeD2D1 resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This bug only affects Firefox on Windows. Other operating systems are unaffected. This vulnerability affects...
UBUNTU-CVE-2023-5174
If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash. This bug only affects Firefox on Windows when run in non-standard configurations such as using runas...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE via Microsoft.DiaSymReader.Native.amd64.dll when reading a corrupted PDB file. Note: This issue only affects Windows systems. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-x86 to version 7.0.11, 6.0.22 ...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE via Microsoft.DiaSymReader.Native.amd64.dll when reading a corrupted PDB file. Note: This issue only affects Windows systems. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-arm64 to version 7.0.11, 6.0.2...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE via the Microsoft.DiaSymReader.Native.amd64.dll file when reading a corrupted PDB file. Note: This issue only affects Windows systems. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-arm64 to version...
CVE-2023-4052
The Firefox updater created a directory writable by non-privileged users. When uninstalling Firefox, any files in that directory would be recursively deleted with the permissions of the uninstalling user account. This could be combined with creation of a junction a form of symbolic link to allow...
CVE-2023-29532
A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not...
Microsoft Tightens OneNote Security by Auto-Blocking 120 Risky File Extensions
Microsoft has announced plans to automatically block embedded files with "dangerous extensions" in OneNote following reports that the note-taking service is being increasingly abused for malware delivery. Up until now, users were shown a dialog warning them that opening such attachments could har...
SUSE CVE-2016-5294
The Mozilla Updater can be made to choose an arbitrary target working directory for output files resulting from the update process. This vulnerability requires local system access. Note: this issue only affects Windows operating systems. This vulnerability affects Thunderbird 45.5, Firefox ESR...
SUSE CVE-2016-5293
When the Mozilla Updater is run, if the Updater's log file in the working directory points to a hardlink, data can be appended to an arbitrary local file. This vulnerability requires local system access. Note: this issue only affects Windows operating systems. This vulnerability affects Firefox E...
SUSE CVE-2019-11694
A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked to a renderer from a broker when making a call to access an otherwise unavailable file. This results in the potential leaking of information stored at that memory location. Note: this issue only...
SUSE CVE-2019-11700
A hyperlink using the res: protocol can be used to open local files at a known location in Internet Explorer if a user approves execution when prompted. Note: this issue only occurs on Windows. Other operating systems are unaffected.. This vulnerability affects Firefox 67...
SUSE CVE-2019-11736
The Mozilla Maintenance Service does not guard against files being hardlinked to another file in the updates directory, allowing for the replacement of local files, including the Maintenance Service executable, which is run with privileged access. Additionally, there was a race condition during...
SUSE CVE-2020-15657
Firefox could be made to load attacker-supplied DLL files from the installation directory. This required an attacker that is already capable of placing files in the installation directory. Note: This issue only affected Windows operating systems. Other operating systems are unaffected.. This...
SUSE CVE-2022-21295
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.32. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise...
SUSE CVE-2022-22746
A race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed.This bug only affects Firefox for Windows. Other operating systems are unaffected.. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird...
CVE-2022-22736
If Firefox was installed to a world-writable directory, a local privilege escalation could occur when Firefox searched the current directory for system libraries. However the install directory is not world-writable by default.This bug only affects Firefox for Windows in a non-default installation...
UBUNTU-CVE-2022-31739
When downloading files on Windows, the % character was not escaped, which could have lead to a download incorrectly being saved to attacker-influenced paths that used variables such as %HOMEPATH% or %APPDATA%.This bug only affects Firefox for Windows. Other operating systems are unaffected.. This...