CVE-2013-0757

The Chrome Object Wrapper COW implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not prevent modifications to the prototype of an object, which allows remote attackers to...

Mozilla: Chrome Object Wrapper (COW) bypass through plugin objects (MFSA 2013-15)

Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging...

Mozilla: Chrome Object Wrapper (COW) bypass through plugin objects (MFSA 2013-15)

Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging...

Chrome Object Wrapper (COW) bypass through changing prototype — Mozilla

Security researcher Mariusz Mlynski reported that it is possible to change the prototype of an object and bypass Chrome Object Wrappers COW to gain access to chrome privileged functions. This could allow for arbitrary code execution...

local file access in `Client:send` via manipulation of `$protocol` argument

security fix: hardened the Client::send method against misuse of the $method argument issue 81. Abusing its value, it was possible to force the client to access local files or connect to undesired urls instead of the intended target server's url the one used in the Client constructor. This weakne...

Mozilla Firefox ESR Multiple Vulnerabilities - November12 (Windows)

This host is installed with Mozilla Firefox ESR and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillafirefoxesrmultvulnnov12win.nasl 6104 2017-05-11 09:03:48Z teissa $ Mozilla Firefox ESR Multiple Vulnerabilities - November12 Windows Authors: Arun Kallavi Copyright:...

Mozilla Thunderbird Multiple Vulnerabilities - November12 (Windows)

This host is installed with Mozilla Thunderbird and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillathunderbirdmultvulnnov12win.nasl 6086 2017-05-09 09:03:30Z teissa $ Mozilla Thunderbird Multiple Vulnerabilities - November12 Windows Authors: Arun Kallavi Copyright:...

Mozilla Firefox Multiple Vulnerabilities (Nov 2012) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Seamonkey Multiple Vulnerabilities - November12 (Windows)

This host is installed with Mozilla Seamonkey and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaseamonkeymultvulnnov12win.nasl 6079 2017-05-08 09:03:33Z teissa $ Mozilla Seamonkey Multiple Vulnerabilities - November12 Windows Authors: Arun Kallavi Copyright:...

Mozilla Firefox Multiple Vulnerabilities - November12 (Windows)

This host is installed with Mozilla Firefox and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaprdtsmultvulnnov12win.nasl 5956 2017-04-14 09:02:12Z teissa $ Mozilla Firefox Multiple Vulnerabilities - November12 Windows Authors: Rachana Shetty Copyright: Copyright c...

Mozilla SeaMonkey 2.13.x < 2.13.2 Multiple Vulnerabilities

Binary data 801317.prm...

Thunderbird < 16.0.2 Multiple Vulnerabilities (Mac OS X)

The installed version of Thunderbird is earlier than 16.0.2 and is therefore potentially affected by the following security issues : - The true value of 'window.location' can be shadowed by user content through the use of the 'valueOf' method, which can be combined with some plugins to perform...

Firefox 10.x < 10.0.10 Multiple Vulnerabilities

The installed version of Firefox 10.x is potentially affected by the following security issues : - The true value of 'window.location' can be shadowed by user content through the use of the 'valueOf' method, which can be combined with some plugins to perform cross-site scripting attacks...

Firefox < 16.0.2 Multiple Vulnerabilities (Mac OS X)

The installed version of Firefox is earlier than 16.0.2 and is therefore potentially affected by the following security issues : - The true value of 'window.location' can be shadowed by user content through the use of the 'valueOf' method, which can be combined with some plugins to perform...

SeaMonkey < 2.13.2 Multiple Vulnerabilities

The installed version of SeaMonkey is earlier than 2.13.2. As such, it is potentially affected by the following security issues : - The true value of 'window.location' can be shadowed by user content through the use of the 'valueOf' method, which can be combined with some plugins to perform...

Firefox < 10.0.8 Multiple Vulnerabilities (Mac OS X)

The installed version of Firefox is earlier than 10.0.8 and thus, is affected by the following vulnerabilities : - Several memory safety bugs exist in the browser engine used in Mozilla-based products that could be exploited to execute arbitrary code. CVE-2012-3983 - Some methods of a feature use...

Mozilla Thunderbird < 16.0 Multiple Vulnerabilities (Mac OS X)

The installed version of Thunderbird is earlier than 16.0 and thus, is affected by the following vulnerabilities : - Several memory safety bugs exist in the browser engine used in Mozilla-based products that could be exploited to execute arbitrary code. CVE-2012-3983 - '' elements can be abused t...

Firefox 10.0.x < 10.0.8 Multiple Vulnerabilities

The installed version of Firefox 10.0.x is affected by the following vulnerabilities : - Several memory safety bugs exist in the browser engine used in Mozilla-based products that could be exploited to execute arbitrary code. CVE-2012-3983 - Some methods of a feature used for testing DOMWindowUti...

CentOS Update for thunderbird CESA-2012:1362 centos6

Check for the Version of thunderbird OpenVAS Vulnerability Test CentOS Update for thunderbird CESA-2012:1362 centos6 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...

CentOS Update for xulrunner CESA-2012:1361 centos5

Check for the Version of xulrunner OpenVAS Vulnerability Test CentOS Update for xulrunner CESA-2012:1361 centos5 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...