Mozilla Firefox < 2.0.0.19

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 2.0.0.19. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2008-68 advisory. - Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19,...

Astra Linux - уязвимость в firefox

A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and a sandbox escape. This vulnerability affects Firefox 70...

CVE-2019-25136

A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and a sandbox escape. This vulnerability affects Firefox 70...

CVE-2019-25136

A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and a sandbox escape. This vulnerability affects Firefox 70...

CVE-2019-25136

A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and a sandbox escape. This vulnerability affects Firefox 70...

CVE-2019-25136

A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and a sandbox escape. This vulnerability affects Firefox 70...

CVE-2019-25136

A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and a sandbox escape. This vulnerability affects Firefox 70...

SUSE CVE-2009-1308

Cross-site scripting XSS vulnerability in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey allows remote attackers to inject arbitrary web script or HTML via vectors involving XBL JavaScript bindings and remote stylesheets, as exploited in the wild by a March 2009 eBay listing...

SUSE CVE-2013-0752

Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted XBL file with multiple bindings that...

Mozilla Firefox Security Advisory (MFSA2014-84) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

openSUSE Security Update : seamonkey (openSUSE-SU-2014:1655-1)

seamonkey was updated to version 2.31 to fix 20 security issues. These security issues were fixed : - Miscellaneous memory safety hazards CVE-2014-1587, CVE-2014-1588. - XBL bindings accessible via improper CSS declarations CVE-2014-1589. - XMLHttpRequest crashes with some input streams...

openSUSE Security Update : seamonkey (openSUSE-SU-2014:1656-1)

seamonkey was updated to version 2.31 to fix eight security issues. These security issues were fixed : - Miscellaneous memory safety hazards CVE-2014-1587, CVE-2014-1588. - XBL bindings accessible via improper CSS declarations CVE-2014-1589. - XMLHttpRequest crashes with some input streams...

MGASA-2014-0518 Updated iceape package fixes security vulnerabilities

When the oxygen-gtk was active and iceape tried to draw a menu for example after a mouse down event on the menu bar, a segmentation fault was triggered causing iceape to crash. The oxygen-gtk theme engine contains a solution for this problem, this is now enabled for iceape. MGA 12978 Mozilla...

FreeBSD : mozilla -- multiple vulnerabilities (7ae61870-9dd2-4884-a2f2-f19bb5784d09)

The Mozilla Project reports : ASN.1 DER decoding of lengths is too permissive, allowing undetected smuggling of arbitrary data MFSA-2014-90 Apple CoreGraphics framework on OS X 10.10 logging input data to /tmp directory MFSA-2014-89 Bad casting from the BasicThebesLayer to BasicContainerLayer...

XBL bindings accessible via improper CSS declarations — Mozilla

Security researcher Cody Crews reported a method to trigger chrome level XML Binding Language XBL bindings through web content. This was possible because some chrome accessible CSS stylesheets had their primary namespace improperly declared. When this occurred, it was possible to use these...

mozilla -- multiple vulnerabilities

The Mozilla Project reports: ASN.1 DER decoding of lengths is too permissive, allowing undetected smuggling of arbitrary data MFSA-2014-90 Apple CoreGraphics framework on OS X 10.10 logging input data to /tmp directory MFSA-2014-89 Bad casting from the BasicThebesLayer to BasicContainerLayer...

Ubuntu 6.06 LTS : firefox vulnerabilities (USN-690-3)

Several flaws were discovered in the browser engine. These problems could allow an attacker to crash the browser and possibly execute arbitrary code with user privileges. CVE-2008-5500 Boris Zbarsky discovered that the same-origin check in Firefox could be bypassed by utilizing XBL-bindings. An...

Ubuntu Update for firefox USN-1360-1

Ubuntu Update for Linux kernel vulnerabilities USN-1360-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN13601.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for firefox USN-1360-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...

Ubuntu: Security Advisory (USN-1360-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Firefox 10.x < 10.0.1 Memory Corruption

The installed version of Firefox 10.x is earlier than 10.0.1 and is, therefore, potentially affected by a memory corruption vulnerability. A use-after-free error exists in the method 'nsXBLDocumentInfo::ReadPrototypeBindings' and XBL bindings are not properly removed from a hash table in the even...