Lucene search
K
MozillaMost viewed

1574 matches found

Mozilla
Mozilla
added 2012/04/24 12:0 a.m.38 views

Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues — Mozilla

Security researcher Masato Kinugawa found that during the decoding of ISO-2022-KR and ISO-2022-CN character sets, characters near 1024 bytes are treated incorrectly, either doubling or deleting bytes. On certain pages it might be possible for an attacker to pad the output of the page such that...

4.3CVSS2.2AI score0.02033EPSS
Exploits0References2Affected Software5
Mozilla
Mozilla
added 2011/12/20 12:0 a.m.38 views

Potentially exploitable crash in the YARR regular expression library — Mozilla

Security researcher Aki Helin reported a crash in the YARR regular expression library that could be triggered by javascript in web content...

7.5CVSS1.1AI score0.03732EPSS
Exploits0References3Affected Software3
Mozilla
Mozilla
added 2011/03/01 12:0 a.m.38 views

Use-after-free error using Web Workers — Mozilla

Daniel Kozlowski reported that a JavaScript Worker could be used to keep a reference to an object that could be freed during garbage collection. Subsequent calls through this deleted reference could cause attacker-controlled memory to be executed on a victim's computer...

10CVSS4.6AI score0.0472EPSS
Exploits0References2Affected Software2
Mozilla
Mozilla
added 2010/12/09 12:0 a.m.38 views

Location bar SSL spoofing using network error page — Mozilla

Google security researcher Michal Zalewski reported that when a window was opened to a site resulting in a network or certificate error page, the opening site could access the document inside the opened window and inject arbitrary content. An attacker could use this bug to spoof the location bar...

4.3CVSS2.1AI score0.01635EPSS
Exploits0References2Affected Software2
Mozilla
Mozilla
added 2010/09/07 12:0 a.m.38 views

Information leak via XMLHttpRequest statusText — Mozilla

Matt Haggard reported that the statusText property of an XMLHttpRequest object is readable by the requester even when the request is made across origins. This status information reveals the presence of a web server and could be used to gather information about servers on internal private networks...

4.3CVSS9.1AI score0.02001EPSS
Exploits0References2Affected Software3
Mozilla
Mozilla
added 2010/09/07 12:0 a.m.38 views

Miscellaneous memory safety hazards (rv:1.9.2.9/ 1.9.1.12) — Mozilla

Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be...

9.3CVSS3.1AI score0.03726EPSS
Exploits0References2Affected Software3
Mozilla
Mozilla
added 2010/06/22 12:0 a.m.38 views

Use-after-free error in nsCycleCollector::MarkRoots() — Mozilla

Security researcher wushi of team509 reported that the frame construction process for certain types of menus could result in a menu containing a pointer to a previously freed menu item. During the cycle collection process, this freed item could be accessed, resulting in the execution of a section...

9.3CVSS2.3AI score0.03952EPSS
Exploits0References2Affected Software2
Mozilla
Mozilla
added 2009/08/03 12:0 a.m.38 views

Location bar and SSL indicator spoofing via window.open() on invalid URL — Mozilla

Security researcher Juan Pablo Lopez Yacubian reported that an attacker could call window.open on an invalid URL which looks similar to a legitimate URL and then use document.write to place content within the new document, appearing to have come from the spoofed location. Additionally, if the...

5.8CVSS1.8AI score0.04745EPSS
Exploits1References2Affected Software1
Mozilla
Mozilla
added 2009/08/03 12:0 a.m.38 views

Crashes with evidence of memory corruption (rv:1.9.1.2/1.9.0.13) — Mozilla

Mozilla developers and community members identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some ...

10CVSS2.6AI score0.04939EPSS
Exploits0References6Affected Software1
Mozilla
Mozilla
added 2008/07/16 12:0 a.m.38 views

Crash with malformed GIF file on Mac OS X — Mozilla

Drew Yao of Apple Product Security reported a vulnerability in Mozilla graphics code which handles GIF rendering in Mac OS X. He demonstrated that a GIF file could be specially crafted to cause the browser to free an uninitialized pointer. An attacker could use this vulnerability to crash the...

8.8CVSS3.3AI score0.03592EPSS
Exploits2References2Affected Software1
Mozilla
Mozilla
added 2008/03/25 12:0 a.m.38 views

Privacy issue with SSL Client Authentication — Mozilla

Peter Brodersen and Alexander Klink independently reported that the default setting for SSL Client Authentication, automatically selecting a client certificate on behalf of the user, creates a potential privacy issue for users by allowing tracking through client certificates. For users who alread...

5CVSS1.8AI score0.01272EPSS
Exploits1References2Affected Software2
Mozilla
Mozilla
added 2007/11/26 12:0 a.m.38 views

jar: URI scheme XSS hazard — Mozilla

The jar: URI scheme was introduced as a mechanism to support digitally signed web pages, enabling web sites to load pages packaged in zip archives containing signatures in java-archive format...

4.3CVSS0.1AI score0.02712EPSS
Exploits0References3Affected Software2
Mozilla
Mozilla
added 2007/10/18 12:0 a.m.38 views

File input focus stealing vulnerability — Mozilla

A user on the Sla.ckers.org forums named hong reported that a file upload control could be filled programmatically by switching page focus to the label before a file upload form control for selected keyboard events. An attacker could use this trick to steal files from the users' computer if the...

4.3CVSS0.8AI score0.09825EPSS
Exploits2References4Affected Software2
Mozilla
Mozilla
added 2007/02/23 12:0 a.m.38 views

Spoofing using custom cursor and CSS3 hotspot — Mozilla

David Eckel reported that browser UI elements--such as the host name and security indicators--could be spoofed by using a large, mostly transparent, custom cursor and adjusting the CSS3 hotspot property so that the visible part of the cursor floated outside the browser content area...

6.4CVSS3.7AI score0.01548EPSS
Exploits0References2Affected Software2
Mozilla
Mozilla
added 2006/04/13 12:0 a.m.38 views

Privilege escalation using crypto.generateCRMFRequest — Mozilla

shutdown demonstrated that the crypto.generateCRMFRequest method can be used to run arbitrary code with the privilege of the user, which could enable an attacker to install malware...

9.3CVSS4.7AI score0.09488EPSS
Exploits0References1Affected Software4
Mozilla
Mozilla
added 2006/04/13 12:0 a.m.38 views

Downloading executables with "Save Image As..." — Mozilla

By layering a transparent image link to an executable on top of a visible and presumably desirable image a malicious site might be able to convince some visitors to right-click and choose "Save image as..." from the context menu and fool them by giving them the executable instead. When the users...

2.6CVSS5.6AI score0.02438EPSS
Exploits0References1Affected Software3
Mozilla
Mozilla
added 2006/04/13 12:0 a.m.38 views

Crashes with evidence of memory corruption (rv:1.8.0.2) — Mozilla

As part of the Firefox 1.5.0.2 release we fixed several crash bugs to improve the stability of the product, with a particular focus on finding crashes caused by DHTML. Some of these crashes showed evidence of memory corruption that we presume could be exploited to run arbitrary code with enough...

7.5CVSS1.5AI score0.0689EPSS
Exploits0References7Affected Software3
Mozilla
Mozilla
added 2006/02/01 12:0 a.m.38 views

Long document title causes startup denial of service — Mozilla

Web pages with extremely long titles--the public demonstration had a title 2.5 million characters long--cause subsequent launches of the browser to appear to "hang" for up to a few minutes, or even crash if the computer has insufficient memory...

5CVSS3.3AI score0.12589EPSS
Exploits0References1Affected Software3
Mozilla
Mozilla
added 2006/02/01 12:0 a.m.38 views

JavaScript garbage-collection hazards — Mozilla

Garbage collection hazards have been found in the JavaScript engine where some routines used temporary variables that were not properly protected rooted. Specially crafted objects could contain a user-defined method that would be called during the lifetime of these temporaries. If this method...

7.5CVSS0.9AI score0.04472EPSS
Exploits0References2Affected Software4
Mozilla
Mozilla
added 2025/04/29 12:0 a.m.37 views

Security Vulnerabilities fixed in Firefox 138 — Mozilla

Mozilla Firefox's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the user-privileged process, an attacker could bypass intended access controls, allowing SYSTEM-level file...

9.1CVSS7.9AI score0.00534EPSS
Exploits0References11Affected Software1
Mozilla
Mozilla
added 2016/08/02 12:0 a.m.37 views

Use-after-free when using alt key and toplevel menus — Mozilla

Security researcher Abhishek Arya Inferno of the Google Chrome Security Team reported a use-after-free vulnerability when the alt key is used in conjunction with toplevel menu items in Firefox. This results in a potentially exploitable crash when triggered. This vulnerability is mitigated by not...

9.8CVSS1.7AI score0.02953EPSS
Exploits0References2Affected Software2
Mozilla
Mozilla
added 2016/06/07 12:0 a.m.37 views

Out-of-bounds write with WebGL shader — Mozilla

Security researcher Aral reported an out-of-bounds write when using the ANGLE graphics library, which is used for WebGL content on Windows systems. This crash occurs due to improper size checking while writing to an array during some WebGL shader operations...

8.8CVSS8.6AI score0.0172EPSS
Exploits0References2Affected Software2
Mozilla
Mozilla
added 2016/03/08 12:0 a.m.37 views

CSP reports fail to strip location information for embedded iframe pages — Mozilla

Security researcher Muneaki Nishimura nishimunea of Recruit Technologies Co.,Ltd. reported that Content Security Policy CSP violation reports contained full path information for cross-origin iframe navigations in violation of the CSP specification. This could result in information disclosure...

4.3CVSS6.8AI score0.02035EPSS
Exploits0References2Affected Software2
Mozilla
Mozilla
added 2016/03/08 12:0 a.m.37 views

WebRTC and LibVPX vulnerabilities found through code inspection — Mozilla

Security researcher Ronald Crane reported five "moderate" rated vulnerabilities affecting released code that were found through code inspection. These included the following issues in WebRTC: an integer underflow, a missing status check, race condition, and a use of deleted pointers to create new...

8.8CVSS7.3AI score0.01906EPSS
Exploits0References10Affected Software1
Mozilla
Mozilla
added 2015/12/15 12:0 a.m.37 views

Miscellaneous memory safety hazards (rv:43.0 / rv:38.5) — Mozilla

Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of the...

10CVSS8AI score0.0602EPSS
Exploits0References4Affected Software4
Mozilla
Mozilla
added 2015/11/03 12:0 a.m.37 views

Memory corruption in libjar through zip files — Mozilla

Security researcher Gustavo Grieco reported a buffer underflow in libjar triggered through a maliciously crafted ZIP format file. This results in a potentially exploitable crash...

7.5CVSS9AI score0.04229EPSS
Exploits0References2Affected Software3
Mozilla
Mozilla
added 2015/11/03 12:0 a.m.37 views

CSP bypass due to permissive Reader mode whitelist — Mozilla

Security researcher Mario Heiderich reported an issue where the security protections of Reader mode in Firefox can be bypassed, allowing scripts to be run. Mozilla developer Frederik Braun independently discovered and reported this same issue as well. This issue happens even though Reader View...

4.3CVSS8.4AI score0.02282EPSS
Exploits0References3Affected Software1
Mozilla
Mozilla
added 2015/09/22 12:0 a.m.37 views

Out of bounds read in QCMS library with ICC V4 profile attributes — Mozilla

Security researcher Felix Gröbert of Google discovered an out of bounds read in the QCMS color management library while manipulating an image with specific attributes in its ICC V4 profile. This causes a crash and could lead to information disclosure...

6.4CVSS5.7AI score0.03493EPSS
Exploits0References2Affected Software2
Mozilla
Mozilla
added 2015/08/11 12:0 a.m.37 views

Redefinition of non-configurable JavaScript object properties — Mozilla

Security researcher André Bargull reported non-configurable properties on JavaScript objects can be redefined while parsing JSON in violation of the ECMAScript 6 standard. This allows malicious web content to bypass same-origin policy by editing these properties to arbitrary values...

5CVSS7.3AI score0.03366EPSS
Exploits0References2Affected Software3
Mozilla
Mozilla
added 2013/08/06 12:0 a.m.37 views

Bypass of XrayWrappers using XBL Scopes — Mozilla

Mozilla Developer Bobby Holley and Mozilla security researcher mozbugra4 discovered a mechanism where XBL scopes can be be used to circumvent XrayWrappers from within the Chrome on unprivileged objects. This allows web content to potentially confuse privileged code and weaken invariants and can...

4.3CVSS3.9AI score0.02158EPSS
Exploits0References2Affected Software2
Mozilla
Mozilla
added 2013/02/19 12:0 a.m.37 views

Web content bypass of COW and SOW security wrappers — Mozilla

Mozilla developer Bobby Holley discovered that it was possible to bypass some protections in Chrome Object Wrappers COW and System Only Wrappers SOW, making their prototypes mutable by web content. This could be used leak information from chrome objects and possibly allow for arbitrary code...

9.3CVSS4.3AI score0.02361EPSS
Exploits0References2Affected Software5
Mozilla
Mozilla
added 2011/12/20 12:0 a.m.37 views

Miscellaneous memory safety hazards (rv:9.0) — Mozilla

Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be...

10CVSS3.1AI score0.04392EPSS
Exploits0References2Affected Software3
Mozilla
Mozilla
added 2011/06/21 12:0 a.m.37 views

Stealing of cross-domain images using WebGL textures — Mozilla

Security research firm Context IS discovered that an image from a different domain could be loaded into a WebGL texture, and then each pixel could be rendered into a canvas element with a shader program, creating an approximation of the image in a form that was readable by the creator of the WebG...

4.3CVSS5.8AI score0.01423EPSS
Exploits2References2Affected Software2
Mozilla
Mozilla
added 2009/12/15 12:0 a.m.37 views

GeckoActiveXObject exception messages can be used to enumerate installed COM objects — Mozilla

Security researcher Gregory Fleischer reported that the exception messages generated by Mozilla's GeckoActiveXObject differ based on whether or not the requested COM object's ProgID is present in the system registry. A malicious site could use this vulnerability to enumerate a list of COM objects...

7.8CVSS9AI score0.01616EPSS
Exploits1References2Affected Software2
Mozilla
Mozilla
added 2008/11/12 12:0 a.m.37 views

-moz-binding property bypasses security checks on codebase principals — Mozilla

Security researcher Collin Jackson reported that the -moz-binding CSS property can be used to bypass security checks which validate codebase principals. Similar to the issue reported in MFSA 2008-23, Jackson demonstrated that an attacker can replace a stylesheet in a signed JAR which uses relativ...

7.5CVSS1.8AI score0.03261EPSS
Exploits0References3Affected Software2
Mozilla
Mozilla
added 2008/11/12 12:0 a.m.37 views

Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18) — Mozilla

Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be...

10CVSS2.8AI score0.03839EPSS
Exploits0References7Affected Software3
Mozilla
Mozilla
added 2008/09/23 12:0 a.m.37 views

resource: traversal vulnerabilities — Mozilla

Mozilla developer Boris Zbarsky reported that the resource: protocol allowed directory traversal on Linux when using URL-encoded slashes...

7.8CVSS3.4AI score0.04438EPSS
Exploits2References3Affected Software3
Mozilla
Mozilla
added 2008/07/01 12:0 a.m.37 views

Remote site run as local file via Windows URL shortcut — Mozilla

Mozilla community member Geoff reported that URL shortcut files on Windows for example, saved IE favorites could be interpreted as if they were in the local file context when opened by Firefox, although the referenced remote content would be downloaded and displayed. Scripts loaded from the remot...

6.8CVSS1.5AI score0.01101EPSS
Exploits1References2Affected Software2
Mozilla
Mozilla
added 2008/02/26 12:0 a.m.37 views

Heap buffer overflow in external MIME bodies — Mozilla

Security research firm iDefense reported that researcher regenrecht discovered a heap-based buffer overflow vulnerability in Mozilla mail code which could potentially allow an attacker to run arbitrary code. The vulnerability is caused by allocating a buffer that can be three bytes too small in...

7.5CVSS1.5AI score0.06049EPSS
Exploits1References3Affected Software2
Mozilla
Mozilla
added 2008/02/07 12:0 a.m.37 views

Web browsing history and forward navigation stealing — Mozilla

Mozilla contributor David Bloom reported a vulnerability in the way images are treated by the browser when a user leaves a page which utilizes designMode frames. The reported issue can be used to steal a user's navigation history, forward navigation information, and crash the user's browser. The...

9.3CVSS0.2AI score0.03796EPSS
Exploits1References2Affected Software2
Mozilla
Mozilla
added 2008/02/07 12:0 a.m.37 views

File action dialog tampering — Mozilla

Security researcher Michal Zalewski demonstrated that timer-enabled security dialogs can be subverted by attackers using JavaScript to change the window focus. Zalewski showed that a user could be tricked into confirming a security dialog of this type by bringing the dialog back into focus right...

4.3CVSS2.5AI score0.03849EPSS
Exploits2References2Affected Software1
Mozilla
Mozilla
added 2007/03/05 12:0 a.m.37 views

Privilege escalation by setting img.src to javascript: URI — Mozilla

mozbugra4 reports that the fix for MFSA 2006-72 in Firefox 1.5.0.9 and Firefox 2.0.0.1 introduced a regression that allows scripts from web content to execute arbitrary code by setting the src attribute of an IMG tag to a specially crafted javascript: URI...

6.8CVSS3AI score0.03209EPSS
Exploits1References4Affected Software2
Mozilla
Mozilla
added 2006/06/01 12:0 a.m.37 views

EvalInSandbox escape (Proxy Autoconfig, Greasemonkey) — Mozilla

Mozilla researcher mozbugra4 demonstrated that javascript run via EvalInSandbox can escape the sandbox and gain elevated privilege by calling valueOf on objects created outside the sandbox and inserted into it. Malicious scripts could use these privileges to compromise your computer or data...

9.3CVSS4.5AI score0.02753EPSS
Exploits0References5Affected Software3
Mozilla
Mozilla
added 2006/06/01 12:0 a.m.37 views

Fixes for crashes with potential memory corruption (rv:1.8.0.4) — Mozilla

Mozilla team members discovered several crashes during testing of the browser engine showing evidence of memory corruption that we presume is exploitable...

9.3CVSS5.1AI score0.07251EPSS
Exploits0References12Affected Software3
Mozilla
Mozilla
added 2006/04/13 12:0 a.m.37 views

Cross-site scripting using .valueOf.call() — Mozilla

mozbugra4 discovered that .valueOf.call and .valueOf.apply when called with no arguments were returning the Object class prototype rather than the caller's global window object. When called on a reachable property of another window this provides a hook to get around the same-origin protection,...

4.3CVSS2AI score0.0178EPSS
Exploits0References2Affected Software4
Mozilla
Mozilla
added 2024/07/11 12:0 a.m.36 views

Security Vulnerabilities fixed in Thunderbird 128 — Mozilla

An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. Clipboard code failed to check the index on an array access. This could have led to an out-of-bounds read. It was possibl...

8.8CVSS9AI score0.00656EPSS
Exploits1References17Affected Software1
Mozilla
Mozilla
added 2024/01/22 12:0 a.m.36 views

Security Vulnerabilities fixed in Focus for iOS 122 — Mozilla

Using a javascript: URI with a setTimeout race condition, an attacker can execute unauthorized scripts on top origin sites in urlbar. This bypasses security measures, potentially leading to arbitrary code execution or unauthorized actions within the user's loaded webpage. An attacker could execut...

7.5CVSS7.7AI score0.00387EPSS
Exploits0References2Affected Software1
Mozilla
Mozilla
added 2022/06/29 12:0 a.m.36 views

Security Vulnerabilities fixed in Firefox for iOS 102 — Mozilla

Internal URLs are protected by a secret UUID key, which could have been leaked to web page through the Referrer header...

6.5CVSS1.5AI score0.00412EPSS
Exploits0References1Affected Software1
Mozilla
Mozilla
added 2015/11/03 12:0 a.m.36 views

JavaScript garbage collection crash with Java applet — Mozilla

Mozilla community member Vytautas Staraitis reported an issue with the interaction of Java applets and JavaScript. The Java plugin can deallocate a JavaScript wrapper when it is still in use, which leads to a JavaScript garbage collection crash. This crash is potentially exploitable...

6.8CVSS8.9AI score0.03661EPSS
Exploits0References2Affected Software2
Mozilla
Mozilla
added 2015/08/11 12:0 a.m.36 views

Out-of-bounds read with malformed MP3 file — Mozilla

Security researcher Aki Helin used the Address Sanitizer tool to discover an out-of-bounds read during playback of a malformed MP3 format audio file which switches sample formats. This could trigger a potentially exploitable crash or the reading of out-of-bounds memory content in some circumstanc...

7.5CVSS6.9AI score0.04769EPSS
Exploits0References2Affected Software4
Total number of security vulnerabilities1574