2 matches found
CVE-2012-0958
CVE-2012-0958 affects the unity-firefox-extension (Firefox extension) version 2.4.1. The issue in content/unity-api.js exposes the toDataURL function, allowing a crafted page to bypass the Same Origin Policy and potentially obtain sensitive information from the user. The vulnerability is document...
CVE-2012-0960
CVE-2012-0960 affects the Unity integration extension (unity-firefox-extension) for Firefox, before version 2.4.1. The root cause is improper handling of callbacks, which can allow a remote attacker to crash Firefox (DoS) and potentially execute arbitrary code via a crafted request. Public disclo...