EUVD-2008-4044

Malware in sbrugna...

EUVD-2008-4043

Malware in sbrugna...

SUSE CVE-2008-4059

The XPConnect component in Mozilla Firefox before 2.0.0.17 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to a SCRIPT element...

SUSE CVE-2012-0446

Multiple cross-site scripting XSS vulnerabilities in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to inject arbitrary web script or HTML via a 1 web page or 2 Firefox extension, related to improper enforcement of XPConnect security...

Firefox Proxy Prototype Privileged Javascript Injection Exploit

Exploit for multiple platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex/exploitation/jsobfu' class Metasploit3 'Firefox Proxy Prototype Privileged...

Mozilla Firefox - Proxy Prototype Privileged JavaScript Injection (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex/exploitation/jsobfu' class Metasploit3 'Firefox Proxy Prototype Privileged Javascript Injection', 'Description' = %q This exploit gains...

Firefox Proxy Prototype Privileged Javascript Injection

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex/exploitation/jsobfu' class Metasploit3 'Firefox Proxy Prototype Privileged Javascript Injection', 'Description' = %q This exploit gains...

Firefox Proxy Prototype Privileged Javascript Injection

This exploit gains remote code execution on Firefox 31-34 by abusing a bug in the XPConnect component and gaining a reference to the privileged chrome:// window. This exploit requires the user to click anywhere on the page to trigger the vulnerability. This module requires Metasploit:...

Mozilla Products Multiple Vulnerabilities - May12 (Windows)

This host is installed with Mozilla firefox/thunderbird/seamonkey and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaprdtsmultvulnmay12win.nasl 6444 2017-06-27 11:24:02Z santu $ Mozilla Products Multiple Vulnerabilities - May12 Windows Authors: Rachana Shetty...

Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : firefox vulnerabilities (USN-1430-1)

Bob Clary, Christian Holler, Brian Hackett, Bobby Holley, Gary Kwong, Hilary Hall, Honza Bambas, Jesse Ruderman, Julian Seward, and Olli Pettay discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cau...

use-after-free in IDBKeyRange — Mozilla

Using the Address Sanitizer tool, security researcher Aki Helin from OUSPG found that IDBKeyRange of indexedDB remains in the XPConnect hashtable instead of being unlinked before being destroyed. When it is destroyed, this causes a use-after-free, which is potentially exploitable...

USN-1369-1: Thunderbird vulnerabilities

Nicolas Gregoire and Aki Helin discovered that when processing a malformed embedded XSLT stylesheet, Thunderbird can crash due to memory corruption. If the user were tricked into opening a specially crafted page, an attacker could exploit this to cause a denial of service via application crash, o...

Mozilla Firefox < 10.0 Multiple Vulnerabilities

Binary data 6306.prm...

Mozilla Products Multiple Unspecified Vulnerabilities - Feb12 (MAC OS X 01)

The host is installed with Mozilla firefox/thunderbird/seamonkey and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaprdtsmultvulnmacosx01feb12.nasl 6445 2017-06-27 12:31:06Z santu $ Mozilla Products Multiple Unspecified Vulnerabilities - Feb12 MAC OS X 01 Authors:...

Mozilla Foundation Security Advisory 2012-05

Mozilla Foundation Security Advisory 2012-05 Title: Frame scripts calling into untrusted objects bypass security checks Impact: Critical Announced: January 31, 2012 Reporter: mozbugra4 Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 10.0 Thunderbird 10.0 SeaMonkey 2.7 Description...

CVE-2012-0446

Multiple cross-site scripting XSS vulnerabilities in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to inject arbitrary web script or HTML via a 1 web page or 2 Firefox extension, related to improper enforcement of XPConnect security...

CVE-2012-0446

Multiple cross-site scripting XSS vulnerabilities in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to inject arbitrary web script or HTML via a 1 web page or 2 Firefox extension, related to improper enforcement of XPConnect security...

SeaMonkey < 2.7.0 Multiple Vulnerabilities

The installed version of SeaMonkey is earlier than 2.7.0. Such versions are potentially affected by the following security issues : - A use-after-free error exists related to removed nsDOMAttribute child nodes.CVE-2011-3659 - Various memory safety issues exist. CVE-2012-0442, CVE-2012-0443 - Memo...

Firefox < 10.0 Multiple Vulnerabilities (Mac OS X)

The installed version of Firefox 9.x is potentially affected by the following security issues : - A use-after-free error exists related to removed nsDOMAttribute child nodes.CVE-2011-3659 - Various memory safety issues exist. CVE-2012-0442, CVE-2012-0443 - Memory corruption errors exist related t...

Mozilla Thunderbird < 10.0 Multiple Vulnerabilities

The installed version of Thunderbird is earlier than 10.0 and thus, is potentially affected by the following security issues : - A use-after-free error exists related to removed nsDOMAttribute child nodes.CVE-2011-3659 - Various memory safety issues exist. CVE-2012-0442, CVE-2012-0443 - Memory...