4 matches found
Privilege Escalation
firefox is vulnerable to privilege escalation. The vulnerability exists in the way Firefox loaded XML User Interface Language XUL scripts. Firefox and certain add-ons could load malicious content when certain policy checks did not happen...
SuSE 11 Security Update : MozillaFirefox (SAT Patch Number 1001)
The Mozilla Firefox browser was updated to version 3.0.11, fixing various bugs and security issues : - Crashes with evidence of memory corruption rv:1.9.0.11. MFSA 2009-24 / CVE-2009-1392 / CVE-2009-1832 / CVE-2009-1833 - bmo479413 URL spoofing with invalid unicode characters. MFSA 2009-25 /...
Firefox XUL scripts skip some security checks
Mozilla Firefox before 3.0.11, Thunderbird, and SeaMonkey do not check content policy before loading a script file into a XUL document, which allows remote attackers to bypass intended access restrictions via a crafted HTML document, as demonstrated by a "web bug" in an e-mail message, or web...
mozilla -- multiple vulnerabilities
Mozilla Foundation reports: MFSA 2009-32 JavaScript chrome privilege escalation MFSA 2009-31 XUL scripts bypass content-policy checks MFSA 2009-30 Incorrect principal set for file: resources loaded via location bar MFSA 2009-29 Arbitrary code execution using event listeners attached to an element...