Lucene search
K
MozillaMost viewed

1574 matches found

Mozilla
Mozilla
added 2024/03/19 12:0 a.m.63 views

Security Vulnerabilities fixed in Firefox 124 — Mozilla

An attacker could have leveraged the Windows Error Reporter to run arbitrary code on the system escaping the sandbox. Note: This issue only affected Windows operating systems. Other operating systems are unaffected. Passing invalid data could have led to invalid wasm values being created, such as...

8.4CVSS9.1AI score0.01107EPSS
Exploits6References12Affected Software1
Mozilla
Mozilla
added 2017/01/26 12:0 a.m.63 views

Security vulnerabilities fixed in Thunderbird 45.7 — Mozilla

JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. Use-after-free while manipulating XSL in XSLT documents Hashed codes of JavaScript objects are shared between pages. This allows for pointer leaks because an object’s address can...

9.8CVSS0.2AI score0.33199EPSS
Exploits15References10Affected Software1
Mozilla
Mozilla
added 2016/06/07 12:0 a.m.63 views

Addressbar spoofing though the SELECT element — Mozilla

Security researcher Jordi Chancel reported a method to spoof the contents of the addressbar. This uses a persistent menu within a element, which acts as a container for HTML content and can be placed in an arbitrary location. When placed over the addressbar, this can mask the true site URL,...

6.5CVSS1.6AI score0.02026EPSS
Exploits0References2Affected Software2
Mozilla
Mozilla
added 2015/08/27 12:0 a.m.63 views

Use-after-free when resizing canvas element during restyling — Mozilla

Mozilla community member Jean-Max Reymond discovered a use-after-free vulnerability with a element on a page. This occurs when a resize event is triggered in concert with style changes but the canvas references have been recreated in the meantime, destroying the originally referenced context. Thi...

10CVSS9.1AI score0.08007EPSS
Exploits0References3Affected Software3
Mozilla
Mozilla
added 2014/02/04 12:0 a.m.63 views

Miscellaneous memory safety hazards (rv:27.0 / rv:24.3) — Mozilla

Mozilla developers and community identified identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least...

10CVSS9.5AI score0.06779EPSS
Exploits3References6Affected Software4
Mozilla
Mozilla
added 2013/08/06 12:0 a.m.63 views

Crash during WAV audio file decoding — Mozilla

Security researcher Aki Helin from OUSPG used the Address Sanitizer tool to discover a crash during the decoding of WAV format audio files in some instances. This crash is not exploitable but could be used for a denial of service DOS attack by malicious parties...

4.3CVSS1AI score0.03178EPSS
Exploits0References2Affected Software2
Mozilla
Mozilla
added 2013/06/25 12:0 a.m.63 views

getUserMedia permission dialog incorrectly displays location — Mozilla

Mozilla engineer Matt Wobensmith discovered that when the getUserMedia permission dialog for an iframe appears in one domain, it will display its origin as that of the top-level document and not the calling framed page. This could lead to users incorrectly giving camera or microphone permissions...

4.3CVSS5.8AI score0.01486EPSS
Exploits0References2Affected Software1
Mozilla
Mozilla
added 2012/06/05 12:0 a.m.63 views

Buffer overflow and use-after-free issues found using Address Sanitizer — Mozilla

Security researcher Abhishek Arya of Google used the Address Sanitizer tool to uncover several issues: two heap buffer overflow bugs and a use-after-free problem. The first heap buffer overflow was found in conversion from unicode to native character sets when the function fails. The use-after-fr...

9.3CVSS1.5AI score0.04852EPSS
Exploits0References6Affected Software5
Mozilla
Mozilla
added 2009/04/21 12:0 a.m.63 views

Same-origin violations in XMLHttpRequest and XPCNativeWrapper.toString — Mozilla

Mozilla security researcher mozbugra4 reported that it is possible to create a document whose URI does not match the document's principal using XMLHttpRequest. This type of mismatch leads to incorrect results in principal-based security checks. An attacker could use this vulnerability to execute...

4.3CVSS2AI score0.01351EPSS
Exploits0References2Affected Software1
Mozilla
Mozilla
added 2021/09/07 12:0 a.m.62 views

Security Vulnerabilities fixed in Firefox ESR 78.14 — Mozilla

When delegating navigations to the operating system, Firefox would accept the mk scheme which might allow attackers to launch pages and execute scripts in Internet Explorer in unprivileged mode. This bug only affects Firefox for Windows. Other operating systems are unaffected. Mozilla developers...

8.8CVSS3.1AI score0.01205EPSS
Exploits1References2Affected Software1
Mozilla
Mozilla
added 2020/07/06 12:0 a.m.62 views

Security Vulnerabilities fixed in Firefox for Android 68.10.1 — Mozilla

A Content Provider in Firefox for Android allowed local files accessible by the browser to be read by a remote webpage, leading to sensitive data disclosure, including cookies for other origins...

7.4CVSS2.9AI score0.01091EPSS
Exploits0References1Affected Software1
Mozilla
Mozilla
added 2018/12/21 12:0 a.m.62 views

Security vulnerabilities fixed in Thunderbird 60.4 — Mozilla

A buffer overflow and out-of-bounds read can occur in TextureStorage11 within the ANGLE graphics library, used for WebGL content. This results in a potentially exploitable crash. A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select...

9.8CVSS0.7AI score0.09646EPSS
Exploits0References6Affected Software1
Mozilla
Mozilla
added 2015/07/02 12:0 a.m.62 views

Vulnerabilities found through code inspection — Mozilla

Security researcher Ronald Crane reported seven vulnerabilities affecting released code that he found through code inspection. These included three uses of uninitialized memory, one poor validation leading to an exploitable crash, one read of unowned memory in zip files, and two buffer overflows...

10CVSS5.7AI score0.0555EPSS
Exploits0References14Affected Software5
Mozilla
Mozilla
added 2014/09/02 12:0 a.m.62 views

Uninitialized memory use during GIF rendering — Mozilla

Google security researcher Michal Zalewski discovered that when a malformated GIF image is rendered in certain circumstances, memory is not properly initialized before use. The resulting image then uses this memory during rendering. This could allow for the a script in web content to access this...

4.3CVSS7.7AI score0.05465EPSS
Exploits1References2Affected Software4
Mozilla
Mozilla
added 2012/08/28 12:0 a.m.62 views

Location object security checks bypassed by chrome code — Mozilla

Mozilla security researcher mozbugra4 reported that certain security checks in the location object can be bypassed if chrome code is called content in a specific manner. This allowed for the loading of restricted content. This can be combined with other issues to become potentially exploitable...

6.8CVSS2.7AI score0.02298EPSS
Exploits0References2Affected Software5
Mozilla
Mozilla
added 2012/02/16 12:0 a.m.62 views

libpng integer overflow — Mozilla

An integer overflow in the libpng library can lead to a heap-buffer overflow when decompressing certain PNG images. This leads to a crash, which may be potentially exploitable...

6.8CVSS4.5AI score0.73347EPSS
Exploits1References2Affected Software5
Mozilla
Mozilla
added 2011/12/20 12:0 a.m.62 views

Crash scaling <video> to extreme sizes — Mozilla

sczimmer reported a crash when scaling an OGG element to extreme sizes...

7.5CVSS9.2AI score0.02629EPSS
Exploits0References2Affected Software3
Mozilla
Mozilla
added 2010/03/16 12:0 a.m.62 views

Fixes for potentially exploitable crashes ported to the legacy branch — Mozilla

Mozilla developers took fixes from previously fixed memory safety bugs in newer Mozilla-based products and ported them to the Mozilla 1.8.1 branch so they can be utilized by Thunderbird 2 and SeaMonkey 1.1...

10CVSS5.2AI score0.06433EPSS
Exploits3References10Affected Software2
Mozilla
Mozilla
added 2024/05/14 12:0 a.m.61 views

Security Vulnerabilities fixed in Firefox ESR 115.11 — Mozilla

A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. If the browser.privatebrowsing.autostart preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by...

8.8CVSS7.8AI score0.72648EPSS
Exploits18References6Affected Software1
Mozilla
Mozilla
added 2022/11/15 12:0 a.m.61 views

Security Vulnerabilities fixed in Firefox ESR 102.5 — Mozilla

Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined with Range requests might have allowed them to determine the presence or length of a media file. Through a series of popup and window.print calls, an...

9.8CVSS8.2AI score0.01061EPSS
Exploits0References13Affected Software1
Mozilla
Mozilla
added 2020/05/05 12:0 a.m.61 views

Security Vulnerabilities fixed in Firefox ESR 68.8 — Mozilla

A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash. The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape.Note: this issue only affects Firef...

10CVSS9.6AI score0.05803EPSS
Exploits0References7Affected Software1
Mozilla
Mozilla
added 2016/03/08 12:0 a.m.61 views

Use-after-free in HTML5 string parser — Mozilla

Security researcher ca0nguyen, working with HP's Zero Day Initiative, reported a use-after-free issue in the HTML5 string parser when parsing a particular set of table-related tags in a foreign fragment context such as SVG. This results in a potentially exploitable crash...

8.8CVSS2.5AI score0.30946EPSS
Exploits8References2Affected Software3
Mozilla
Mozilla
added 2015/02/24 12:0 a.m.61 views

UI Tour whitelisted sites in background tab can spoof foreground tabs — Mozilla

Mozilla developer Matthew Noorenberghe reported that whitelisted Mozilla domains could make UITour API calls while the UI Tour pages for Firefox are present in background tabs. If one of these Mozilla domains was compromised and open in another tab, an attacker could then use that tab to engage i...

4.3CVSS8.9AI score0.0208EPSS
Exploits0References2Affected Software1
Mozilla
Mozilla
added 2014/02/04 12:0 a.m.61 views

Use-after-free with imgRequestProxy and image processing — Mozilla

Security researcher Arthur Gerkis, via TippingPoint's Zero Day Initiative, reported a use-after-free during image processing from sites with specific content types in concert with the imgRequestProxy function. This causes a potentially exploitable crash...

10CVSS8AI score0.07072EPSS
Exploits1References2Affected Software4
Mozilla
Mozilla
added 2013/09/17 12:0 a.m.61 views

Miscellaneous memory safety hazards (rv:24.0 / rv:17.0.9) — Mozilla

Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be...

10CVSS3.1AI score0.05437EPSS
Exploits0References4Affected Software5
Mozilla
Mozilla
added 2013/04/02 12:0 a.m.61 views

Miscellaneous memory safety hazards (rv:20.0 / rv:17.0.5) — Mozilla

Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be...

10CVSS3.1AI score0.04615EPSS
Exploits0References6Affected Software5
Mozilla
Mozilla
added 2013/01/08 12:0 a.m.61 views

Use-after-free when displaying table with many columns and column groups — Mozilla

Using the Address Sanitizer tool, security researcher Atte Kettunen from OUSPG discovered that the combination of large numbers of columns and column groups in a table could cause the array containing the columns during rendering to overwrite itself. This can lead to a user-after-free causing a...

9.3CVSS2.7AI score0.06147EPSS
Exploits0References2Affected Software5
Mozilla
Mozilla
added 2012/11/20 12:0 a.m.61 views

Buffer overflow while rendering GIF images — Mozilla

Security researcher Atte Kettunen from OUSPG used the Address Sanitizer tool to discover a buffer overflow while rendering GIF format images. This issue is potentially exploitable and could lead to arbitrary code execution...

9.3CVSS4.6AI score0.11079EPSS
Exploits0References2Affected Software5
Mozilla
Mozilla
added 2012/06/05 12:0 a.m.61 views

Miscellaneous memory safety hazards (rv:13.0/ rv:10.0.5) — Mozilla

Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be...

9.3CVSS3.1AI score0.04899EPSS
Exploits1References8Affected Software5
Mozilla
Mozilla
added 2011/06/21 12:0 a.m.61 views

Use-after-free vulnerability when viewing XUL document with script disabled — Mozilla

Security researcher Martin Barbella reported that under certain conditions, viewing a XUL document while JavaScript was disabled caused deleted memory to be accessed. This flaw could potentially be used by an attacker to crash a victim's browser and run arbitrary code on their computer...

7.6CVSS3AI score0.0496EPSS
Exploits0References2Affected Software3
Mozilla
Mozilla
added 2024/03/19 12:0 a.m.60 views

Security Vulnerabilities fixed in Thunderbird 115.9 — Mozilla

An unchecked return value in TLS handshake code could have caused a potentially exploitable crash. An attacker could have leveraged the Windows Error Reporter to run arbitrary code on the system escaping the sandbox. Note: This issue only affected Windows operating systems. Other operating system...

8.4CVSS9.2AI score0.01285EPSS
Exploits3References10Affected Software1
Mozilla
Mozilla
added 2020/07/30 12:0 a.m.60 views

Security Vulnerabilities fixed in Thunderbird 68.11 — Mozilla

By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. WebRTC used the memory address of a class instance as a connection identifier. Unfortunately, this value is...

9.3CVSS2.9AI score0.0779EPSS
Exploits6References4Affected Software1
Mozilla
Mozilla
added 2016/08/02 12:0 a.m.60 views

Out-of-bounds read during XML parsing in Expat library — Mozilla

Security researcher Gustavo Grieco reported a potential out-of-bounds read parsing malformed XML data during character conversion. This is due to a bug in the Expat library, which is used in Firefox. This could allow an attacker to read other inaccessible memory...

9.8CVSS4.6AI score0.13802EPSS
Exploits3References2Affected Software1
Mozilla
Mozilla
added 2016/03/08 12:0 a.m.60 views

Buffer overflow during ASN.1 decoding in NSS — Mozilla

Security researcher Francis Gabriel of Quarkslab reported a heap-based buffer overflow in the way the Network Security Services NSS libraries parsed certain ASN.1 structures. An attacker could create a specially-crafted certificate which, when parsed by NSS, would cause it to crash or execute...

8.8CVSS6AI score0.04192EPSS
Exploits0References2Affected Software4
Mozilla
Mozilla
added 2015/11/03 12:0 a.m.60 views

Mixed content WebSocket policy bypass through workers — Mozilla

Mozilla developer Ehsan Akhgari reported a mechanism through which a web worker could be used to bypass secure requirements for WebSockets when workers are used to create WebSockets. This allows for the bypassing of mixed content WebSocket policy...

5CVSS9AI score0.02535EPSS
Exploits0References3Affected Software3
Mozilla
Mozilla
added 2015/09/22 12:0 a.m.60 views

Buffer overflow in libvpx while parsing vp9 format video — Mozilla

Security researcher Khalil Zhani reported that a maliciously crafted vp9 format video could be used to trigger a buffer overflow while parsing the file. This leads to a potentially exploitable crash due to a flaw in the libvpx library...

6.8CVSS9.2AI score0.04925EPSS
Exploits0References2Affected Software4
Mozilla
Mozilla
added 2015/09/22 12:0 a.m.60 views

Memory leak in mozTCPSocket to servers — Mozilla

Security researcher David Chan reported that Mozilla's mozTCPSocket implementation could leak data past the end of an array, allowing for the potential exposure of memory or private data to malicious servers...

5CVSS6.2AI score0.01563EPSS
Exploits0References2Affected Software2
Mozilla
Mozilla
added 2015/05/12 12:0 a.m.60 views

Mozilla Windows updater can be run outside of application directory — Mozilla

Security researcher Holger Fuhrmannek previously reported CVE-2015-0833, which was fixed in MFSA2015-12. That flaw allowed for the updater to load binary DLL format files from the local working directory or from the Windows temporary directories. During the fixing of CVE-2015-0833, the need to...

6.9CVSS8.8AI score0.00328EPSS
Exploits0References5Affected Software3
Mozilla
Mozilla
added 2015/05/12 12:0 a.m.60 views

Buffer overflow parsing H.264 video with Linux Gstreamer — Mozilla

Security researcher Aki Helin used the Address Sanitizer tool to find a buffer overflow during video playback on Linux systems. This was due to a problem in older versions of the Gstreamer plugin during the parsing of H.264 formatted video. This issue could be used to induce a possibly exploitabl...

6.8CVSS7.6AI score0.0544EPSS
Exploits0References2Affected Software4
Mozilla
Mozilla
added 2014/07/22 12:0 a.m.60 views

Miscellaneous memory safety hazards (rv:31.0 / rv:24.7) — Mozilla

Mozilla developers and community identified identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least...

10CVSS9.9AI score0.05811EPSS
Exploits0References4Affected Software3
Mozilla
Mozilla
added 2014/03/18 12:0 a.m.60 views

Out-of-bounds write through TypedArrayObject after neutering — Mozilla

Security researcher George Hotz, via TippingPoint's Pwn2Own contest, discovered an issue where values are copied from an array into a second, neutered array. This allows for an out-of-bounds write into memory, causing an exploitable crash leading to arbitrary code execution...

9.8CVSS9.5AI score0.06087EPSS
Exploits1References2Affected Software4
Mozilla
Mozilla
added 2013/01/08 12:0 a.m.60 views

Compartment mismatch with quickstubs returned values — Mozilla

Mozilla developer Boris Zbarsky reported reported a problem where jsval-returning quickstubs fail to wrap their return values, causing a compartment mismatch. This mismatch can cause garbage collection to occur incorrectly and lead to a potentially exploitable crash...

9.3CVSS3.5AI score0.04485EPSS
Exploits0References2Affected Software5
Mozilla
Mozilla
added 2012/10/09 12:0 a.m.60 views

Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer — Mozilla

Security researcher Abhishek Arya Inferno of the Google Chrome Security Team discovered a series of use-after-free, buffer overflow, and out of bounds read issues using the Address Sanitizer tool in shipped software. These issues are potentially exploitable, allowing for remote code execution. We...

9.3CVSS2.1AI score0.09274EPSS
Exploits0References12Affected Software5
Mozilla
Mozilla
added 2012/04/24 12:0 a.m.60 views

Invalid frees causes heap corruption in gfxImageSurface — Mozilla

Using the Address Sanitizer tool, security researcher Atte Kettunen from OUSPG found a heap corruption in gfxImageSurface which allows for invalid frees and possible remote code execution. This happens due to float error, resulting from graphics values being passed through different number system...

10CVSS1.7AI score0.10288EPSS
Exploits0References2Affected Software5
Mozilla
Mozilla
added 2009/04/21 12:0 a.m.60 views

Crashes with evidence of memory corruption (rv:1.9.0.9) — Mozilla

Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be...

5CVSS2.8AI score0.029EPSS
Exploits3References8Affected Software3
Mozilla
Mozilla
added 2023/06/06 12:0 a.m.59 views

Security Vulnerabilities fixed in Firefox ESR 102.12 — Mozilla

The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from attacks that exploit human response time delays. If a malicious page elicited user clicks in precise locations immediately before navigating to a sit...

9.8CVSS7.7AI score0.0093EPSS
Exploits0References2Affected Software1
Mozilla
Mozilla
added 2021/02/23 12:0 a.m.59 views

Security Vulnerabilities fixed in Firefox ESR 78.8 — Mozilla

As specified in the W3C Content Security Policy draft, when creating a violation report, "User agents need to ensure that the source file is the URL requested by the page, pre-redirects. If that’s not possible, user agents need to strip the URL down to an origin to avoid unintentional leakage."...

8.8CVSS0.8AI score0.0153EPSS
Exploits0References4Affected Software1
Mozilla
Mozilla
added 2016/12/28 12:0 a.m.59 views

Security vulnerabilities fixed in Thunderbird 45.6 — Mozilla

Use-after-free while manipulating DOM events and removing audio elements due to errors in the handling of node adoption. Event handlers on marquee elements were executed despite a strict Content Security Policy CSP that disallowed inline JavaScript. Memory corruption resulting in a potentially...

9.8CVSS0.2AI score0.21401EPSS
Exploits11References8Affected Software1
Mozilla
Mozilla
added 2016/11/28 12:0 a.m.59 views

Security vulnerabilities fixed in Firefox 50.0.1 — Mozilla

Redirection from an HTTP connection to a data: URL assigns the referring site's origin to the data: URL in some circumstances. This can result in same-origin violations against a domain if it loads resources from malicious sites. Cross-origin setting of cookies has been demonstrated without the...

8.8CVSS0.7AI score0.01884EPSS
Exploits2References1Affected Software1
Mozilla
Mozilla
added 2016/08/02 12:0 a.m.59 views

Miscellaneous memory safety hazards (rv:48.0 / rv:45.3) — Mozilla

Mozilla developers and community members reported several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these...

8.8CVSS2.4AI score0.0289EPSS
Exploits0References4Affected Software3
Total number of security vulnerabilities1574