7 matches found
SUSE CVE-2013-1730
Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly handle movement of XBL-backed nodes between documents, which allows remote attackers to execute arbitrary code or cause a denial of...
Mozilla Firefox Security Advisory (MFSA2013-88) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
Design/Logic Flaw
Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly handle movement of XBL-backed nodes between documents, which allows remote attackers to execute arbitrary code or cause a denial of...
CVE-2013-1730
Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly handle movement of XBL-backed nodes between documents, which allows remote attackers to execute arbitrary code or cause a denial of...
CVE-2013-1730
CVE-2013-1730 affects Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0/ESR 17.x before 17.0.9, and SeaMonkey before 2.21. A crafted web site can move XBL-backed nodes across documents, enabling remote code execution or a denial of service (JavaScript compartmen...
Mozilla Thunderbird < 24.0
Binary data 8011.prm...
Compartment mismatch re-attaching XBL-backed nodes — Mozilla
Security researcher Sachin Shinde reported that moving certain XBL-backed nodes from a document into the replacement document created by document.open can cause a JavaScript compartment mismatch which can often lead to exploitable conditions...