Lucene search
K
MozillaMost viewed

1574 matches found

Mozilla
Mozilla
added 2012/08/28 12:0 a.m.46 views

Installer will launch incorrect executable following new installation — Mozilla

Security researcher Masato Kinugawa reported that if a crafted executable is placed in the root partition on a Windows file system, the Firefox and Thunderbird installer will launch this program after a standard installation instead of Firefox or Thunderbird, running this program with the user's...

6.9CVSS3.8AI score0.00296EPSS
Exploits1References2Affected Software5
Mozilla
Mozilla
added 2012/08/28 12:0 a.m.46 views

Insecure use of __android_log_print — Mozilla

Mozilla developer Blake Kaplan reported that androidlogprint is called insecurely in places. If a malicious web page used a dump statement with a specially crafted string, it can trigger a potentially exploitable crash...

6.8CVSS6.1AI score0.01884EPSS
Exploits1References2Affected Software1
Mozilla
Mozilla
added 2012/08/28 12:0 a.m.46 views

DOMParser loads linked resources in extensions when parsing text/html — Mozilla

Security researcher vsemozhetbyt reported that when the DOMParser is used to parse text/html data in a Firefox extension, linked resources within this HTML data will be loaded. If the data being parsed in the extension is untrusted, it could lead to information leakage and can potentially be...

4.3CVSS8.9AI score0.01869EPSS
Exploits0References2Affected Software3
Mozilla
Mozilla
added 2012/04/24 12:0 a.m.46 views

Ambiguous IPv6 in Origin headers may bypass webserver access restrictions — Mozilla

Security researcher Simone Fabiano reported that if a cross-site XHR or WebSocket is opened on a web server on a non-standard port for web traffic while using an IPv6 address, the browser will send an ambiguous origin headers if the IPv6 address contains at least 2 consecutive 16-bit fields of...

2.6CVSS9.1AI score0.01858EPSS
Exploits0References2Affected Software3
Mozilla
Mozilla
added 2012/04/24 12:0 a.m.46 views

HTTP Redirections and remote content can be read by javascript errors — Mozilla

Security researcher Daniel Divricean reported that a defect in the error handling of javascript errors can leak the file names and location of javascript files on a server, leading to inadvertent information disclosure and a vector for further attacks...

5CVSS8.7AI score0.01663EPSS
Exploits1References2Affected Software3
Mozilla
Mozilla
added 2011/11/08 12:0 a.m.46 views

Miscellaneous memory safety hazards (rv:8.0) — Mozilla

Mozilla developers fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run...

10CVSS9.9AI score0.05657EPSS
Exploits0References6Affected Software3
Mozilla
Mozilla
added 2011/09/27 12:0 a.m.46 views

Potentially exploitable crash in the YARR regular expression library — Mozilla

Security researcher Aki Helin reported a potentially exploitable crash in the YARR regular expression library used by JavaScript...

9.3CVSS9.2AI score0.05007EPSS
Exploits1References3Affected Software3
Mozilla
Mozilla
added 2011/08/16 12:0 a.m.46 views

Security issues addressed in Thunderbird 6 — Mozilla

Many of the issues listed below are not exploitable through mail since JavaScript is disabled by default in Thunderbird. These particular issues may be triggered while viewing RSS feeds and displaying full remote content rather than the feed summary. Addons that expose browser functionality may...

10CVSS8.9AI score0.0544EPSS
Exploits1References16Affected Software1
Mozilla
Mozilla
added 2010/12/09 12:0 a.m.46 views

Incomplete fix for CVE-2010-0179 — Mozilla

Mozilla security researcher mozbugra4 reported that the fix for CVE-2010-0179 could be circumvented permitting the execution of arbitrary JavaScript with chrome privileges...

5.1CVSS2.2AI score0.03275EPSS
Exploits0References3Affected Software2
Mozilla
Mozilla
added 2010/12/09 12:0 a.m.46 views

Add support for OTS font sanitizer — Mozilla

Mozilla added the OTS font sanitizing library to prevent downloadable fonts from exposing vulnerabilities in the underlying OS font code. This library mitigates against several issues independently reported by Red Hat Security Response Team member Marc Schoenefeld and Mozilla security researcher...

9.3CVSS0.5AI score0.04812EPSS
Exploits0References3Affected Software3
Mozilla
Mozilla
added 2010/09/07 12:0 a.m.46 views

Copy-and-paste or drag-and-drop into designMode document allows XSS — Mozilla

Security researcher Paul Stone reported that when an HTML selection containing JavaScript is copy-and-pasted or dropped onto a document with designMode enabled the JavaScript will be executed within the context of the site where the code was dropped. A malicious site could leverage this issue in ...

4.3CVSS0.6AI score0.0207EPSS
Exploits0References2Affected Software3
Mozilla
Mozilla
added 2010/07/20 12:0 a.m.46 views

nsTreeSelection dangling pointer remote code execution vulnerability — Mozilla

Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an integer overflow vulnerability in the implementation of the XUL element's selection attribute. When the size of a new selection is sufficiently large the integer used in calculating the length of the selection can...

9.3CVSS3.5AI score0.06672EPSS
Exploits1References2Affected Software3
Mozilla
Mozilla
added 2010/03/30 12:0 a.m.46 views

Arbitrary code execution with Firebug XMLHttpRequestSpy — Mozilla

Mozilla security researcher mozbugra4 reported that the XMLHttpRequestSpy module in the Firebug add-on was exposing an underlying chrome privilege escalation vulnerability. When the XMLHttpRequestSpy object was created, it would attach various properties of itself to objects defined in web conten...

5.1CVSS1AI score0.03275EPSS
Exploits0References2Affected Software2
Mozilla
Mozilla
added 2010/03/23 12:0 a.m.46 views

Deleted frame reuse in multipart/x-mixed-replace image — Mozilla

Security researcher regenrecht reported via TippingPoint's Zero Day Initiative a potential reuse of a deleted image frame in Firefox 3.6's handling of multipart/x-mixed-replace images. Although no exploit was shown, re-use of freed memory has led to exploitable vulnerabilities in the past...

9.3CVSS9.4AI score0.05724EPSS
Exploits2References2Affected Software1
Mozilla
Mozilla
added 2009/08/01 12:0 a.m.46 views

Compromise of SSL-protected communication — Mozilla

IOActive security researcher Dan Kaminsky reported a mismatch in the treatment of domain names in SSL certificates between SSL clients and the Certificate Authorities CA which issue server certificates. In particular, if a malicious person requested a certificate for a host name with an invalid...

6.8CVSS1.6AI score0.05741EPSS
Exploits4References3Affected Software4
Mozilla
Mozilla
added 2009/04/21 12:0 a.m.46 views

Same-origin violations when Adobe Flash loaded via view-source: scheme — Mozilla

Security researcher Gregory Fleischer reported that when an Adobe Flash file is loaded via the view-source: scheme, the Flash plugin misinterprets the origin of the content as localhost, leading to two specific vulnerabilities:...

6.8CVSS2.4AI score0.02183EPSS
Exploits0References2Affected Software3
Mozilla
Mozilla
added 2008/07/01 12:0 a.m.46 views

Crash and remote code execution in block reflow — Mozilla

Security research firm Astabis reported a vulnerability in Firefox 2 submitted through the iSIGHT Partners GVP Program by Greg McManus, Primary GVP Researcher. The reported crash in Mozilla's block reflow code could be used by an attacker to crash the browser and run arbitrary code on the victim'...

10CVSS3.8AI score0.07081EPSS
Exploits1References3Affected Software3
Mozilla
Mozilla
added 2007/05/30 12:0 a.m.46 views

Security Vulnerability in APOP Authentication — Mozilla

Gaëtan Leurent informed us of a weakness in APOP authentication that could allow an attacker to recover the first part of your mail password if the attacker could interpose a malicious mail server on your network masquerading as your legitimate mail server. With normal settings it could take...

2.6CVSS2.1AI score0.02423EPSS
Exploits1References4Affected Software2
Mozilla
Mozilla
added 2025/03/04 12:0 a.m.45 views

Security Vulnerabilities fixed in Firefox 136 — Mozilla

On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape. Android apps can load web pages using the Custom Tabs feature. This feature supports a transition animation that could...

8.8CVSS7.3AI score0.00497EPSS
Exploits0References15Affected Software1
Mozilla
Mozilla
added 2024/08/06 12:0 a.m.45 views

Security Vulnerabilities fixed in Firefox 129 — Mozilla

Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape....

9.8CVSS7.9AI score0.00602EPSS
Exploits0References15Affected Software1
Mozilla
Mozilla
added 2021/08/10 12:0 a.m.45 views

Security Vulnerabilities fixed in Firefox ESR 78.13 — Mozilla

A suspected race condition when calling getaddrinfo led to memory corruption and a potentially exploitable crash. Note: This issue only affected Linux operating systems. Other operating systems are unaffected. Firefox incorrectly treated an inline list-item element as a block element, resulting i...

8.8CVSS1.5AI score0.01451EPSS
Exploits5References6Affected Software1
Mozilla
Mozilla
added 2020/12/01 12:0 a.m.45 views

Security Vulnerabilities fixed in Thunderbird 78.5.1 — Mozilla

When reading SMTP server status codes, Thunderbird writes an integer value to a position on the stack that is intended to contain just one byte. Depending on processor architecture and stack layout, this leads to stack corruption that may be exploitable...

9.3CVSS1.9AI score0.01222EPSS
Exploits0References1Affected Software1
Mozilla
Mozilla
added 2020/06/30 12:0 a.m.45 views

Security Vulnerabilities fixed in Firefox ESR 68.10 — Mozilla

Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitable crash.Note: this issue only affects Firefox on ARM64 platforms. Manipulating individual parts of a URL object could have caused an...

9.3CVSS1AI score0.03034EPSS
Exploits2References5Affected Software1
Mozilla
Mozilla
added 2020/03/10 12:0 a.m.45 views

Security Vulnerabilities fixed in Thunderbird 68.6 — Mozilla

When removing data about an origin whose tab was recently closed, a use-after-free could occur in the Quota manager, resulting in a potentially exploitable crash. By carefully crafting promise resolutions, it was possible to cause an out-of-bounds read off the end of an array resized during scrip...

9.8CVSS0.2AI score0.03191EPSS
Exploits2References7Affected Software1
Mozilla
Mozilla
added 2019/02/12 12:0 a.m.45 views

Security vulnerabilities fixed in Firefox ESR 60.5.1 — Mozilla

A use-after-free vulnerability in the Skia library can occur when creating a path, leading to a potentially exploitable crash. An integer overflow vulnerability in the Skia library can occur after specific transform operations, leading to a potentially exploitable crash. A buffer overflow...

8.8CVSS3.8AI score0.03724EPSS
Exploits0References4Affected Software1
Mozilla
Mozilla
added 2016/11/15 12:0 a.m.45 views

Security vulnerabilities fixed in Firefox ESR 45.5 — Mozilla

A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash. When the Mozilla Updater is run, if the Updater's log file in the working directory points to a hardlink, data can be appended to an arbitrary local file. Thi...

9.8CVSS9AI score0.12416EPSS
Exploits5References9Affected Software1
Mozilla
Mozilla
added 2016/08/02 12:0 a.m.45 views

Location bar spoofing via data URLs with malformed/invalid mediatypes — Mozilla

Security researcher Firas Salem reported that decoding url-encoded values in data: urls for display leads to potential spoofing in the Location bar by using non-ASCII and emoji characters in a data: url's mediatype. This issue could result in the wrong URL being displayed as a location, which can...

4.3CVSS6.7AI score0.01473EPSS
Exploits0References2Affected Software1
Mozilla
Mozilla
added 2016/08/02 12:0 a.m.45 views

Integer overflow in WebSockets during data buffering — Mozilla

Security researcher Samuel Groß reported an integer overflow error in WebSockets during data buffering on incoming packets when an allocated buffer is resized incorrectly. This results in the buffer array holding the data being shrunk, instead of grown, resulting in attacker controlled data being...

8.8CVSS2.5AI score0.04178EPSS
Exploits0References2Affected Software1
Mozilla
Mozilla
added 2016/08/02 12:0 a.m.45 views

Use-after-free in service workers with nested sync events — Mozilla

Security researcher Looben Yang discovered a use-after-free vulnerability when working with nested sync event loops in Service Workers. He discovered a mechanism where scripts can close their own worker, which will then trigger a synchronization XMLHttpRequest on this now closed and released...

8.8CVSS2.3AI score0.03259EPSS
Exploits1References2Affected Software2
Mozilla
Mozilla
added 2016/08/02 12:0 a.m.45 views

Crash in incremental garbage collection in JavaScript — Mozilla

Security researcher Jukka Jylänki reported a use-after-free in JavaScript caused by how objects and pointers are handled during incremental garbage collection in some circumstances working with object groups. When triggered, this causes a potential exploitable crash but is mitigated by the...

8.8CVSS9AI score0.02403EPSS
Exploits0References2Affected Software1
Mozilla
Mozilla
added 2016/06/07 12:0 a.m.45 views

Buffer overflow parsing HTML5 fragments — Mozilla

Security researcher firehack reported a buffer overflow when parsing HTML5 fragments in a foreign context such as under an node. This results in a potentially exploitable crash when inserting an HTML fragment into an existing document...

8.8CVSS3.5AI score0.23957EPSS
Exploits7References2Affected Software2
Mozilla
Mozilla
added 2016/06/07 12:0 a.m.45 views

Miscellaneous memory safety hazards (rv:47.0 / rv:45.2) — Mozilla

Mozilla developers and community members reported several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these...

8.8CVSS2.4AI score0.03873EPSS
Exploits0References4Affected Software3
Mozilla
Mozilla
added 2016/04/26 12:0 a.m.45 views

Buffer overflow in libstagefright with CENC offsets — Mozilla

Using Address Sanitizer, security researcher Sascha Just reported a buffer overflow in the libstagefright library due to issues with the handling of CENC offsets and the sizes table. This results in a potentially exploitable crash triggerable through web content...

8.8CVSS1.4AI score0.0378EPSS
Exploits0References2Affected Software2
Mozilla
Mozilla
added 2016/01/26 12:0 a.m.45 views

Firefox allows for control characters to be set in cookie names — Mozilla

Security researcher musicDespiteEverything previously reported an issue where illegal control characters were stored in as cookie values in violation of RFC6265. While fixing this issue, Mozilla developer Nicholas Hurley realized that the same issue applied to the names of cookies. These characte...

7.3AI score
Exploits0References5Affected Software1
Mozilla
Mozilla
added 2015/11/03 12:0 a.m.45 views

Trailing whitespace in IP address hostnames can bypass same-origin policy — Mozilla

Security researcher Michał Bentkowski reported that adding white-space characters to hostnames that are IP addresses can bypass same-origin policy. This flaw was caused by trailing whitespaces being evaluated differently when parsing IP addresses instead of alphanumeric hostnames. This could lead...

7.5CVSS8.5AI score0.03097EPSS
Exploits0References2Affected Software3
Mozilla
Mozilla
added 2015/07/02 12:0 a.m.45 views

Out-of-bound read while computing an oscillator rendering range in Web Audio — Mozilla

Security researcher Holger Fuhrmannek used the Address Sanitizer tool to discover an out-of-bound read while computing an oscillator rendering range in Web Audio. This could allow an attacker to infer the contents of four bytes of memory...

5CVSS4.9AI score0.02741EPSS
Exploits0References2Affected Software4
Mozilla
Mozilla
added 2015/05/12 12:0 a.m.45 views

Use-after-free during text processing with vertical text enabled — Mozilla

Security researcher Scott Bell used the Address Sanitizer tool to discover a use-after-free error during the processing of text when vertical text is enabled. This leads to a potentially exploitable crash...

6.8CVSS9AI score0.03985EPSS
Exploits0References2Affected Software5
Mozilla
Mozilla
added 2015/03/20 12:0 a.m.45 views

Privilege escalation through SVG navigation — Mozilla

Security researcher Mariusz Mlynski reported, through HP Zero Day Initiative's Pwn2Own contest, a method to run arbitrary scripts in a privileged context. This bypassed the same-origin policy protections by using a flaw in the processing of SVG format content navigation...

7.5CVSS8.9AI score0.03126EPSS
Exploits0References2Affected Software3
Mozilla
Mozilla
added 2015/02/24 12:0 a.m.45 views

Miscellaneous memory safety hazards (rv:36.0 / rv:31.5) — Mozilla

Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of the...

7.5CVSS9.9AI score0.04359EPSS
Exploits0References4Affected Software5
Mozilla
Mozilla
added 2015/02/24 12:0 a.m.45 views

TLS TURN and STUN connections silently fail to simple TCP connections — Mozilla

Security researcher Alexander Kolesnik reported while the Mozilla platform does not yet support TLS connections to TURN and STUN servers, the WebRTC implementation would accept turns: and stuns: URIs and then attempt plaintext connections to the servers when these were used. This can lead to...

4.3CVSS8.9AI score0.01259EPSS
Exploits0References2Affected Software2
Mozilla
Mozilla
added 2014/12/02 12:0 a.m.45 views

Bad casting from the BasicThebesLayer to BasicContainerLayer — Mozilla

Security researchers Byoungyoung Lee, Chengyu Song, and Taesoo Kim at the Georgia Tech Information Security Center GTISC reported a bad casting from the BasicThebesLayer to BasicContainerLayer, resulting in undefined behavior. This behavior is potentially exploitable with some compilers but no...

6.8CVSS5.8AI score0.03406EPSS
Exploits0References2Affected Software5
Mozilla
Mozilla
added 2014/10/14 12:0 a.m.45 views

Web Audio memory corruption issues with custom waveforms — Mozilla

Security researcher Holger Fuhrmannek used the used the Address Sanitizer tool to discover an out-of-bounds read issue with Web Audio when interacting with custom waveforms with invalid values. This results in a crash and could allow for the reading of random memory which may contain sensitive...

6.4CVSS8.8AI score0.02841EPSS
Exploits0References2Affected Software5
Mozilla
Mozilla
added 2014/04/29 12:0 a.m.45 views

Web Audio memory corruption issues — Mozilla

Security researcher Ash reported an out of bounds read issue with Web Audio. This issue could allow for web content to trigger crashes that are potentially exploitable...

9.3CVSS8.8AI score0.05423EPSS
Exploits1References2Affected Software2
Mozilla
Mozilla
added 2014/04/29 12:0 a.m.45 views

Use-after-free in the Text Track Manager for HTML video — Mozilla

Using the Address Sanitizer tool, security researcher Abhishek Arya Inferno of the Google Chrome Security Team found a use-after-free in the Text Track Manager while processing HTML video. This was caused by inconsistent garbage collection of Text Track Manager variables and results in a...

9.3CVSS8.8AI score0.04414EPSS
Exploits0References2Affected Software2
Mozilla
Mozilla
added 2014/03/18 12:0 a.m.45 views

Firefox OS DeviceStorageFile object vulnerable to relative path escape — Mozilla

Mozlla developer Ben Turner discovered that the protection against Directory Traversal through the DeviceStorage API was implemented in the wrong process on Firefox OS. If a Firefox OS application with any device-storage permissions were compromised an attacker could escape the media sandbox and...

9.3CVSS8.8AI score0.01105EPSS
Exploits0References2Affected Software1
Mozilla
Mozilla
added 2013/10/29 12:0 a.m.45 views

Security bypass of PDF.js checks using iframes — Mozilla

Security researcher Cody Crews discovered a method to append an iframe into an embedded PDF object rendered with the chrome privileged PDF.js. This can used to bypass security restrictions to load local or chrome privileged files and objects within the embedded PDF object. This can lead to...

8.3CVSS8.6AI score0.02937EPSS
Exploits0References2Affected Software2
Mozilla
Mozilla
added 2013/09/17 12:0 a.m.45 views

User-defined properties on DOM proxies get the wrong "this" object — Mozilla

Mozilla developer Boris Zbarsky reported that user-defined getters on DOM proxies would incorrectly get the expando object as this. It is unlikely that this is directly exploitable but could lead to JavaScript client or add-on code making incorrect security sensitive decisions based on hacker...

5CVSS6.2AI score0.02932EPSS
Exploits0References2Affected Software5
Mozilla
Mozilla
added 2013/08/06 12:0 a.m.45 views

Buffer overflow in Mozilla Maintenance Service and Mozilla Updater — Mozilla

Security researcher Seb Patane reported stack buffer overflows in both the Maintenance Service and the Mozilla Updater when unexpectedly long paths were encountered. A local attacker could pass these as command-line arguments to the Maintenance Service to crash either program and potentially lead...

7.2CVSS4AI score0.00329EPSS
Exploits0References4Affected Software5
Mozilla
Mozilla
added 2013/08/06 12:0 a.m.45 views

Firefox full and stub installer DLL hijacking — Mozilla

Security researcher Robert Kugler reported in 2012 that when a specifically named DLL file on a Windows computer is placed in the default downloads directory with the Firefox installer, the Firefox installer will load this DLL file when it is launched. Mozilla developers Brian Bondy and Robert...

6.9CVSS5.9AI score0.00414EPSS
Exploits1References5Affected Software2
Mozilla
Mozilla
added 2013/06/25 12:0 a.m.45 views

Homograph domain spoofing in .com, .net and .name — Mozilla

Security researcher 3ric Johanson reported in discussions with Richard Newman and Holt Sorenson that Verisign's prevention measures for homograph attacks using Internationalized Domain Names IDN were insufficiently rigorous, and this led to a limited possibility for domain spoofing in Firefox...

5CVSS0.7AI score0.0208EPSS
Exploits0References3Affected Software2
Total number of security vulnerabilities1574