Download
| Alert*
|
oval:org.secpod.oval:def:602536
firefox-esr is installed oval:org.secpod.oval:def:1800108 CVE-2017-5470: Memory safety bugs CVE-2017-5472: Use-after-free using destroyed node when regenerating trees CVE-2017-7749: Use-after-free during docshell reloading CVE-2017-7750: Use-after-free with track elements CVE-2017-7751: Use-after-free with content viewer listeners CVE-2017-7752: Use-after- ... oval:org.secpod.oval:def:62698 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:57438 A sandbox escape was found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code if combined with additional vulnerabilities. oval:org.secpod.oval:def:79853 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, spoofing or sandbox bypass. oval:org.secpod.oval:def:64150 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or a timing attack on cryptographic keys. oval:org.secpod.oval:def:606125 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, spoofing or sandbox bypass. oval:org.secpod.oval:def:62245 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:610168 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, CSP bypass or session fixation. Debian follows the extended support releases of Firefox. Support for the 91.x series has ended, so starting with this updat ... oval:org.secpod.oval:def:608620 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing. oval:org.secpod.oval:def:607888 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or spoofing. oval:org.secpod.oval:def:78147 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, denial of service or spoofing. oval:org.secpod.oval:def:14256 Mozilla Firefox ESR is installed on Mac OS. oval:org.secpod.oval:def:59822 Mozilla Firefox 71 and Mozilla Firefox ESR 68.3: When running, the updater service wrote status and log files to an unrestricted location; potentially allowing an unprivileged process to locate and exploit a vulnerability in file handling in the updater service. oval:org.secpod.oval:def:59819 Mozilla Firefox 71 and Mozilla Firefox ESR 68.3: When setting a thread name on Windows in WebRTC, an incorrect number of arguments could have been supplied, leading to stack corruption and a potentially exploitable crash. oval:org.secpod.oval:def:55005 Mozilla Firefox ESR 60.7 : Cross-origin images can be read in violation of the same-origin policy by exporting an image after using <code>createImageBitmap</code> to read the image and then rendering the resulting bitmap image within a <code>canvas</code> element. oval:org.secpod.oval:def:10674 The host is installed with Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5 or SeaMonkey before 2.17 and is prone to untrusted search path vulnerability. A flaw is present in the applications, which fail to handle a Trojan hor ... oval:org.secpod.oval:def:10682 The host is missing a security update according to Mozilla advisory, MFSA 2013-34. The update is required to fix untrusted search path vulnerability. A flaw is present in the applications, which fail to handle a Trojan horse DLL file in an unspecified directory. Successful exploitation allows local ... oval:org.secpod.oval:def:16246 Firefox user Sijie Xia reported that if a user explicitly removes the trust for extended validation (EV) capable root certificates in the certificate manager, the change is not properly used when validating EV certificates, causing the setting to be ignored. This removes the ability of users to exp ... oval:org.secpod.oval:def:16248 Mozilla developer Eric Faust reported that during JavaScript compilation GetElementIC typed array stubs can be generated outside observed typesets. This could lead to unpredictable behavior with a potential security impact. oval:org.secpod.oval:def:16250 Google notified Mozilla that an intermediate certificate, which chains up to a root included in Mozilla's root store, was loaded into a man-in-the-middle (MITM) traffic management device. This certificate was issued by Agence nationale de la scurit des systmesd' information (ANSSI), an agency of th ... oval:org.secpod.oval:def:16262 Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid ... oval:org.secpod.oval:def:16290 Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover a user-after-free when interacting with HTML document templates. This leads to a potentially exploitable crash. oval:org.secpod.oval:def:16292 Security researcher Jordi Chancel discovered a method to put arbitrary HTML content within lt;selectgt; elements and place it in arbitrary locations. This can be used to spoof the displayed addressbar, leading to clickjacking and other spoofing attacks. oval:org.secpod.oval:def:16295 Mozilla community member Ezra Pool reported a potentially exploitable crash on extremely large pages. This was caused when a cycle collected image object was released on the wrong thread during decoding, creating a race condition. oval:org.secpod.oval:def:16297 Security researcher Cody Crews discovered a method to append an iframe into an embedded PDF object rendered with the chrome privileged PDF.js . This can used to bypass security restrictions to load local or chrome privileged files and objects within the embedded PDF object. This can lead to informa ... oval:org.secpod.oval:def:16299 Unspecified vulnerability in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unkno ... oval:org.secpod.oval:def:16301 The SELECT element implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly restrict the nature or placement of HTML within a dropdown menu, which allows remote attackers to spoof the address bar or conduct clic ... oval:org.secpod.oval:def:16303 The cycle collection (CC) implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly determine the thread for release of an image object, which allows remote attackers to execute arbitrary code or cause a denial o ... oval:org.secpod.oval:def:16305 PDF.js in Mozilla Firefox before 25.0 and Firefox ESR 24.x before 24.1 does not properly handle the appending of an IFRAME element, which allows remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges by using this element within an embedded PDF object. oval:org.secpod.oval:def:16310 Use-after-free vulnerability in the nsContentUtils::ContentIsHostIncludingDescendantOf function in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory ... oval:org.secpod.oval:def:16329 Security researcher Seb Patane reported stack buffer overflows in both the Maintenance Service and the Mozilla Updater when unexpectedly long paths were encountered. A local attacker could pass these as command-line arguments to the Maintenance Service to crash either program and potentially lead t ... oval:org.secpod.oval:def:16334 Security researcher Ash reported an issue with the Mozilla Updater on Windows 7 and later versions of Windows. On vulnerable platforms, the Mozilla Updater can be made to load a specific malicious DLL file from the local system. This DLL file can run in a privileged context through the Mozilla Main ... oval:org.secpod.oval:def:16360 Stack-based buffer overflow in maintenanceservice.exe in the Mozilla Maintenance Service in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, and Thunderbird ESR 17.x before 17.0.8 allows local users to gain privileges via a long pathname on the command line. oval:org.secpod.oval:def:16361 Stack-based buffer overflow in Mozilla Updater in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, and Thunderbird ESR 17.x before 17.0.8 allows local users to gain privileges via a long pathname on the command line to the Mozilla Maintenance Service. oval:org.secpod.oval:def:16366 Multiple untrusted search path vulnerabilities in updater.exe in Mozilla Updater in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, and Thunderbird ESR 17.x before 17.0.8 on Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012 allow local user ... oval:org.secpod.oval:def:16378 Security researcher Seb Patane reported that the Mozilla Updater does not write-lock the MAR update file when it is in use by the Updater. This leaves open the possibility of altering the contents of the MAR file after the signature on the file has been verified as valid but before it has been used ... oval:org.secpod.oval:def:16396 Mozilla Updater in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 does not ensure exclusive access to a MAR file, which allows local users to gain privileges by creating a Trojan horse file after MAR ... oval:org.secpod.oval:def:16836 The host is missing a security update according to Mozilla advisory, MFSA 2013-103. The update is required to fix denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted X.509 certificate. Successful exploitation allows attackers to cause an application ... oval:org.secpod.oval:def:16837 Integer overflow in the PL_ArenaAllocate function in Mozilla Netscape Portable Runtime (NSPR) before 4.10.2, as used in Firefox before 25.0.1, Firefox ESR 17.x before 17.0.11 and 24.x before 24.1.1, and SeaMonkey before 2.22.1, allows remote attackers to cause a denial of service (application crash) ... oval:org.secpod.oval:def:17301 Security researcher Ash reported an issue where the extracted files for updates to existing files are not read only during the update process. This allows for the potential replacement or modification of these files during the update process if a malicious application is present on the local system ... oval:org.secpod.oval:def:17319 Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update. oval:org.secpod.oval:def:31620 The host is installed with Mozilla Firefox before 42.0 and is prone to a cross site scripting vulnerability. A flaw is present in the applications, which fail to properly handle inline JavaScript code. Successful exploitation could allow attackers to conduct cross-site scripting (XSS) attacks. oval:org.secpod.oval:def:31621 The host is missing a security update according to Mozilla advisory, MFSA2015-121. The update is required to fix a cross site scripting vulnerability. A flaw is present in the applications, which fail to properly handle inline JavaScript code. Successful exploitation could allow attackers to conduct ... oval:org.secpod.oval:def:32966 The host is installed with Mozilla Firefox before 43.0 or Firefox ESR 38.x before 38.6.1 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fail to handle a crafted graphite smart font. Successful exploitation allows remote attackers to obtain sensi ... oval:org.secpod.oval:def:32971 The host is missing an important security update according to Mozilla advisory, MFSA2016-13. The update is required to fix a same origin policy bypass vulnerability. A flaw is present in the application, which fail to handle a crafted web site. Successful exploitation allows remote attackers to bypa ... oval:org.secpod.oval:def:32972 The host is installed with Mozilla Firefox before 44.0.2 and is prone to a same origin policy bypass vulnerability. A flaw is present in the application, which fail to handle a crafted web site. Successful exploitation allows remote attackers to bypass the same origin policy. oval:org.secpod.oval:def:33490 The host is installed with Mozilla Firefox before 45.0 or Firefox ESR 38.x before 38.6.1 and is prone to a denial of service vulnerability. A flaw is present in the setAttr in Mozilla Firefox, which fails to handle unknown vectors. Successful exploitation allows remote attackers to cause a denial of ... oval:org.secpod.oval:def:33529 The host is missing an important security update according to Mozilla advisory, MFSA2016-38. The update is required to fix a denial of service vulnerability. A flaw is present in the applications, which fails to handle unknown vectors. Successful exploitation allows remote attackers to cause a denia ... oval:org.secpod.oval:def:35542 The host is missing a security update according to Mozilla advisory, MFSA2016-55. The update is required to fix a privilege escalation vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to use Mozilla Windows upd ... oval:org.secpod.oval:def:35543 The host is installed with Mozilla Firefox before 47.0 or Firefox ESR 48.x before 48.2 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to use Mozilla Windows updater and ... oval:org.secpod.oval:def:39471 Mozilla Firefox or Firefox ESR before 52.0.1 :- An integer overflow in createImageBitmap() was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the createImageBitmap API. This function runs in the content sandbox, requiring a second vulnera ... oval:org.secpod.oval:def:39472 The host is missing a critical security update according to Mozilla advisory, MFSA2017-08. The update is required to fix an integer overflow vulnerability. A flaw is present in createImageBitmap API, which fails to handle unknown vector. Successful exploitation allows remote attackers to cause integ ... oval:org.secpod.oval:def:40094 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- Mozilla developers and community members Christian Holler, Jon Coppeard, Marcia Knous, David Baron, Mats Palmgren, Ronald Crane, Bob Clary, and Chris Peterson reported memory safety bugs present in F ... oval:org.secpod.oval:def:40095 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- A use-after-free vulnerability occurs during certain text input selection resulting in a potentially exploitable crash. oval:org.secpod.oval:def:40096 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- A use-after-free vulnerability occurs when redirecting focus handling which results in a potentially exploitable crash. oval:org.secpod.oval:def:40097 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- A use-after-free vulnerability occurs during transaction processing in the editor during design mode interactions. This results in a potentially exploitable crash. oval:org.secpod.oval:def:40098 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as ... oval:org.secpod.oval:def:40099 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- Three vulnerabilities were reported in the Libevent library that allow for out-of-bounds reads and denial of service (DoS) attacks: CVE-2016-10195, CVE-2016-10196, and CVE-2016-10197. These were fixe ... oval:org.secpod.oval:def:40100 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- A use-after-free vulnerability during XSLT processing due to the result handler being held by a freed handler during handling. This results in a potentially exploitable crash. oval:org.secpod.oval:def:40101 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. This results in a potentially exploitable crash. oval:org.secpod.oval:def:40102 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions during matching while evaluating context, leading to objects being used when they no longer exist. ... oval:org.secpod.oval:def:40103 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- A use-after-free vulnerability when holding a selection during scroll events. This results in a potentially exploitable crash. oval:org.secpod.oval:def:40104 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- A use-after-free vulnerability during changes in style when manipulating DOM elements. This results in a potentially exploitable crash. oval:org.secpod.oval:def:40105 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- An out-of-bounds write vulnerability while decoding improperly formed BinHex format archives. oval:org.secpod.oval:def:40106 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- A buffer overflow vulnerability while parsing application/http-index-format format content when the header contains improperly formatted data. This allows for an out-of-bounds read of data from memor ... oval:org.secpod.oval:def:40107 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex. oval:org.secpod.oval:def:40108 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- A vulnerability while parsing application/http-index-format format content where uninitialized values are used to create an array. This could allow the reading of uninitialized memory into the arrays ... oval:org.secpod.oval:def:40109 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- An out-of-bounds read when an HTTP/2 connection to a servers sends DATA frames with incorrect data content. This leads to a potentially exploitable crash. oval:org.secpod.oval:def:40110 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- An out-of-bounds read during the processing of glyph widths during text layout. This results in a potentially exploitable crash and could allow an attacker to read otherwise inaccessible memory. oval:org.secpod.oval:def:40111 Mozilla Firefox before 53.0, Firefox ESR before 45.9 or 52.x before 52.1 :- An out-of-bounds write in ClearKeyDecryptor while decrypting some Clearkey-encrypted media content. The ClearKeyDecryptor code runs within the Gecko Media Plugin (GMP) sandbox. If a second mechanism is found to escape the sa ... oval:org.secpod.oval:def:40112 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- A buffer overflow in WebGL triggerable by web content, resulting in a potentially exploitable crash. oval:org.secpod.oval:def:40113 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- A use-after-free vulnerability in frame selection triggered by a combination of malicious script content and key presses by a user. This results in a potentially exploitable crash. oval:org.secpod.oval:def:40115 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bits over. oval:org.secpod.oval:def:40116 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- During DOM manipulations of the accessibility tree through script, the DOM tree can become out of sync with the accessibility tree, leading to memory corruption and a potentially exploitable crash. oval:org.secpod.oval:def:40117 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- An out-of-bounds read while processing SVG content in ConvolvePixel. This results in a crash and also allows for otherwise inaccessible memory being copied into SVG graphic content, which could then ... oval:org.secpod.oval:def:40118 Mozilla Firefox before 53.0, Thunderbird before 52.1 or Firefox ESR 52.x before 52.1 :- Mozilla developers and community members Christian Holler, Jon Coppeard, Milan Sreckovic, Tyson Smith, Ronald Crane, Randell Jesup, Philipp, Tooru Fujisawa, and Kan-Ru Chen reported memory safety bugs present in ... oval:org.secpod.oval:def:40119 Mozilla Firefox before 53.0, Thunderbird before 52.1 or Firefox ESR 52.x before 52.1 :- A use-after-free vulnerability in SMIL animation functions occurs when pointers to animation elements in an array are dropped from the animation controller while still in use. This results in a potentially exploi ... oval:org.secpod.oval:def:40120 Mozilla Firefox before 53.0, Thunderbird before 52.1 or Firefox ESR 52.x before 52.1 :- A possibly exploitable crash triggered during layout and manipulation of bidirectional unicode text in concert with CSS animations. oval:org.secpod.oval:def:40121 Mozilla Firefox before 53.0, Thunderbird before 52.1 or Firefox ESR 52.x before 52.1 :- A mechanism to spoof the addressbar through the user interaction on the addressbar and the onblur event. The event could be used by script to affect text display to make the loaded site appear to be different fro ... oval:org.secpod.oval:def:40122 Mozilla Firefox before 53.0, Thunderbird before 52.1 or Firefox ESR 52.x before 52.1 :- A mechanism to bypass file system access protections in the sandbox to use the file picker to access different files than those selected in the file picker through the use of relative paths. This allows for read ... oval:org.secpod.oval:def:40123 Mozilla Firefox before 53.0 and Firefox ESR 52.x before 52.1 :- The internal feed reader APIs that crossed the sandbox barrier allowed for a sandbox escape and escalation of privilege if combined with another vulnerability that resulted in remote code execution inside the sandboxed process. oval:org.secpod.oval:def:40124 Mozilla Firefox before 53.0 and Firefox ESR 52.x before 52.1 :- A mechanism to bypass file system access protections in the sandbox using the file system request constructor through an IPC message. This allows for read and write access to the local file system. oval:org.secpod.oval:def:40125 Mozilla Firefox before 53.0, Thunderbird before 52.1 or Firefox ESR 52.x before 52.1 :- If a page is loaded from an original site through a hyperlink and contains a redirect to a data:text/html URL, triggering a reload will run the reloaded data:text/html page with its origin set incorrectly. This a ... oval:org.secpod.oval:def:40126 Mozilla Firefox before 53.0, Thunderbird before 52.1 or Firefox ESR 52.x before 52.1 :- A potential memory corruption and crash when using Skia content when drawing content outside of the bounds of a clipping region. oval:org.secpod.oval:def:41112 Mozilla Firefox before 54.0, Firefox ESR before 52.2 or Thunderbird before 52.2 :- A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable c ... oval:org.secpod.oval:def:41113 Mozilla Firefox before 54.0, Firefox ESR before 52.2 or Thunderbird before 52.2 :- A use-after-free vulnerability when using an incorrect URL during the reloading of a docshell. This results in a potentially exploitable crash. oval:org.secpod.oval:def:41114 Mozilla Firefox before 54.0, Firefox ESR before 52.2 or Thunderbird before 52.2 :- A use-after-free vulnerability during video control operations when a 'track' element holds a reference to an older window if that window has been replaced in the DOM. This results in a potentially exploitable crash. oval:org.secpod.oval:def:41115 Mozilla Firefox before 54.0, Firefox ESR before 52.2 or Thunderbird before 52.2 :- A use-after-free vulnerability with content viewer listeners that results in a potentially exploitable crash. oval:org.secpod.oval:def:41116 Mozilla Firefox before 54.0, Firefox ESR before 52.2 or Thunderbird before 52.2 :- A use-after-free vulnerability during specific user interactions with the input method editor (IME) in some languages due to how events are handled. This results in a potentially exploitable crash but would require sp ... oval:org.secpod.oval:def:41117 Mozilla Firefox before 54.0, Firefox ESR before 52.2 or Thunderbird before 52.2 :- An out-of-bounds read in WebGL with a maliciously crafted ImageInfo object during WebGL operations. oval:org.secpod.oval:def:41118 Mozilla Firefox before 54.0, Firefox ESR before 52.2 or Thunderbird before 52.2 :- A use-after-free and use-after-scope vulnerability when logging errors from headers for XML HTTP Requests (XHR). This could result in a potentially exploitable crash. oval:org.secpod.oval:def:41119 Mozilla Firefox before 54.0, Firefox ESR before 52.2 or Thunderbird before 52.2 :- A use-after-free vulnerability in IndexedDB when one of its objects is destroyed in memory while a method on it is still being executed. This results in a potentially exploitable crash. oval:org.secpod.oval:def:41120 Mozilla Firefox before 54.0, Firefox ESR before 52.2 or Thunderbird before 52.2 :- A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. These issues were addressed in Graphite 2 version 1. ... oval:org.secpod.oval:def:41121 Mozilla Firefox before 54.0, Firefox ESR before 52.2 or Thunderbird before 52.2 :- An out-of-bounds read vulnerability with the Opus encoder when the number of channels in an audio stream changes while the encoder is in use. oval:org.secpod.oval:def:41123 Mozilla Firefox before 54.0, Firefox ESR before 52.2 or Thunderbird before 52.2 :- Characters from the "Canadian Syllabics" unicode block can be mixed with characters from other unicode blocks in the addressbar instead of being rendered as their raw "punycode" form, allowing for domain name spoofing ... oval:org.secpod.oval:def:41125 Mozilla Firefox before 54.0, Firefox ESR before 52.2 or Thunderbird before 52.2 :- Mozilla developers and community members Tyson Smith, Mats Palmgren, Philipp, Masayuki Nakano, Christian Holler, Andrew McCreight, Gary Kwong, Andre Bargull, Carsten Book, Jesse Schwartzentruber, Julian Hector, Marcia ... oval:org.secpod.oval:def:41126 Mozilla Firefox before 54.0, Firefox ESR before 52.2 or Thunderbird before 52.2 :- Default fonts on OS X display some Tibetan characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. oval:org.secpod.oval:def:41128 The host is missing a critical security update according to Mozilla advisory, MFSA2017-16. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code o ... oval:org.secpod.oval:def:41728 Mozilla Firefox before 55.0Firefox ESR before 52.3 or Thunderbird 52.3 :- An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data. oval:org.secpod.oval:def:41729 Mozilla Firefox before 55.0Firefox ESR before 52.3 or Thunderbird 52.3 :- Mozilla developers and community members Masayuki Nakano, Gary Kwong, Ronald Crane, Andrew McCreight, Tyson Smith, Bevis Tseng, Christian Holler, Bryce Van Dyk, Dragana Damjanovic, Kartikaya Gupta, Philipp, Tristan Bourvon, an ... oval:org.secpod.oval:def:41730 Mozilla Firefox before 55.0Firefox ESR before 52.3 or Thunderbird 52.3 :- A use-after-free vulnerability can occur when reading an image observer during frame reconstruction after the observer has been freed. This results in a potentially exploitable crash. oval:org.secpod.oval:def:41731 Mozilla Firefox before 55.0Firefox ESR before 52.3 or Thunderbird 52.3 :- A buffer overflow can occur when manipulating Accessible Rich Internet Applications (ARIA) attributes within the DOM. This results in a potentially exploitable crash. oval:org.secpod.oval:def:41732 Mozilla Firefox before 55.0Firefox ESR before 52.3 or Thunderbird 52.3 :- A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG elements. This results in a potentially exploitable crash. oval:org.secpod.oval:def:41733 Mozilla Firefox before 55.0Firefox ESR before 52.3 or Thunderbird 52.3 :- Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, allowing the iframes to access content on the top level page, leading to information disclosure. oval:org.secpod.oval:def:41734 Mozilla Firefox before 55.0Firefox ESR before 52.3 or Thunderbird 52.3 :- On pages containing an iframe, the data: protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert from the iframe content. oval:org.secpod.oval:def:41735 Mozilla Firefox before 55.0Firefox ESR before 52.3 or Thunderbird 52.3 :- A buffer overflow will occur when viewing a certificate in the certificate manager if the certificate has an extremely long object identifier (OID). This results in a potentially exploitable crash. oval:org.secpod.oval:def:41736 Mozilla Firefox before 55.0Firefox ESR before 52.3 or Thunderbird 52.3 :- A use-after-free vulnerability can occur when an editor DOM node is deleted prematurely during tree traversal while still bound to the document. This results in a potentially exploitable crash. oval:org.secpod.oval:def:41737 Mozilla Firefox before 55.0Firefox ESR before 52.3 or Thunderbird 52.3 :- A use-after-free vulnerability can occur in WebSockets when the object holding the connection is freed before the disconnection operation is finished. This results in an exploitable crash. oval:org.secpod.oval:def:41738 Mozilla Firefox before 55.0Firefox ESR before 52.3 or Thunderbird 52.3 :- A use-after-free vulnerability can occur while re-computing layout for a marquee element during window resizing where the updated style object is freed while still in use. This results in a potentially exploitable crash. oval:org.secpod.oval:def:41739 Mozilla Firefox before 55.0Firefox ESR before 52.3 or Thunderbird 52.3 :- A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur wh ... oval:org.secpod.oval:def:41740 Mozilla Firefox before 55.0Firefox ESR before 52.3 or Thunderbird 52.3 :- When a pages content security policy (CSP) header contains a sandbox directive, other directives are ignored. This results in the incorrect enforcement of CSP. oval:org.secpod.oval:def:41741 Mozilla Firefox before 55.0Firefox ESR before 52.3 or Thunderbird 52.3 :- A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. This has been addressed by requiring fallback files be inside the manifest directory. oval:org.secpod.oval:def:41742 Mozilla Firefox before 55.0 or Firefox ESR before 52.3 :- The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. In the worst case, this could allow arbitrary code execution when opening a malicious page with the style editor ... oval:org.secpod.oval:def:41753 The host is missing a critical security update according to Mozilla advisory, MFSA2017-19. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code o ... oval:org.secpod.oval:def:42278 Mozilla Firefox before 56.0, Firefox ESR before 52.4 or Thunderbird 52.4 :- A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. oval:org.secpod.oval:def:42279 Mozilla Firefox before 56.0, Firefox ESR before 52.4 or Thunderbird 52.4 :- During TLS 1.2 exchanges, handshake hashes are generated which point to a message buffer. This saved data is used for later messages but in some cases, the handshake transcript can exceed the space available in the current b ... oval:org.secpod.oval:def:42280 Mozilla Firefox before 56.0, Firefox ESR before 52.4 or Thunderbird 52.4 :- Mozilla developers and community members Christoph Diehl, Jan de Mooij, Jason Kratzer, Randell Jesup, Tom Ritter, Tyson Smith, and Sebastian Hengst reported memory safety bugs present in Firefox and Firefox ESR. Some of thes ... oval:org.secpod.oval:def:42281 Mozilla Firefox before 56.0, Firefox ESR before 52.4 or Thunderbird 52.4 :- File downloads encoded with blob: and data: URL elements bypassed normal file download checks though the Phishing and Malware Protection feature and its block lists of suspicious sites and files. This would allow malicious s ... oval:org.secpod.oval:def:42282 Mozilla Firefox before 56.0, Firefox ESR before 52.4 or Thunderbird 52.4 :- A use-after-free vulnerability can occur when manipulating arrays of Accessible Rich Internet Applications (ARIA) elements within containers through the DOM. This results in a potentially exploitable crash. oval:org.secpod.oval:def:42283 Mozilla Firefox before 56.0, Firefox ESR before 52.4 or Thunderbird 52.4 :- A use-after-free vulnerability can occur in design mode when image objects are resized if objects referenced during the resizing have been freed from memory. This results in a potentially exploitable crash. oval:org.secpod.oval:def:42284 Mozilla Firefox before 56.0, Firefox ESR before 52.4 or Thunderbird 52.4 :- The content security policy (CSP) sandbox directive did not create a unique origin for the document, causing it to behave as if the allow-same-origin keyword were always specified. This could allow a Cross-Site Scripting (XS ... oval:org.secpod.oval:def:42285 Mozilla Firefox before 56.0, Firefox ESR before 52.4 or Thunderbird 52.4 :- A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentia ... oval:org.secpod.oval:def:42286 Mozilla Firefox before 56.0, Firefox ESR before 52.4 or Thunderbird 52.4 :- Several fonts on OS X display some Tibetan and Arabic characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. oval:org.secpod.oval:def:42296 The host is missing a critical security update according to Mozilla advisory, MFSA2017-22. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code, ... oval:org.secpod.oval:def:42821 Mozilla Firefox before 57.0 or Firefox ESR before 52.5 :- A use-after-free vulnerability can occur when flushing and resizing layout because the PressShell object has been freed while still in use. This results in a potentially exploitable crash during these operations. oval:org.secpod.oval:def:42822 Mozilla Firefox before 57.0 or Firefox ESR before 52.5 :- The Resource Timing API incorrectly revealed navigations in cross-origin iframes. This is a same-origin policy violation and could allow for data theft of URLs loaded by users. oval:org.secpod.oval:def:42823 Mozilla Firefox before 57.0 or Firefox ESR before 52.5 :- Mozilla developers and community members Christian Holler, David Keeler, Jon Coppeard, Julien Cristau, Jan de Mooij, Jason Kratzer, Philipp, Nicholas Nethercote, Oriol Brufau, Andre Bargull, Bob Clary, Jet Villegas, Randell Jesup, Tyson Smith ... oval:org.secpod.oval:def:42837 The host is missing a critical security update according to Mozilla advisory, MFSA2017-25. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code, ... oval:org.secpod.oval:def:53207 It discovered that the Private Browsing mode in the Mozilla Firefox web browser allowed to fingerprint a user across multiple sessions via IndexedDB. oval:org.secpod.oval:def:603208 It discovered that the Private Browsing mode in the Mozilla Firefox web browser allowed to fingerprint a user across multiple sessions via IndexedDB. oval:org.secpod.oval:def:43640 Mozilla Firefox before 58.0 or Firefox ESR before 52.6 or Thunderbird before 52.6 :- Mozilla developers and community members reported memory safety bugs present in Firefox, Firefox ESR and Thunderbird. Some of these bugs showed evidence of memory corruption and we presume that with enough effort th ... oval:org.secpod.oval:def:43641 Mozilla Firefox before 58.0 or Firefox ESR before 52.6 :- A use-after-free vulnerability can occur during WebRTC connections when interacting with the DTMF timers. This results in a potentially exploitable crash. oval:org.secpod.oval:def:43642 Mozilla Firefox before 58.0 or Firefox ESR before 52.6 or Thunderbird before 52.6 :- An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 8 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially e ... oval:org.secpod.oval:def:43643 Mozilla Firefox before 58.0 or Firefox ESR before 52.6 or Thunderbird before 52.6 :- A use-after-free vulnerability can occur during XSL transformations when the source document for the transformation is manipulated by script content during the transformation. This results in a potentially exploitab ... oval:org.secpod.oval:def:43644 Mozilla Firefox before 58.0 or Firefox ESR before 52.6 or Thunderbird before 52.6 :- A use-after-free vulnerability can occur when form input elements, focus, and selections are manipulated by script content. This results in a potentially exploitable crash. oval:org.secpod.oval:def:43645 Mozilla Firefox before 58.0 or Firefox ESR before 52.6 or Thunderbird before 52.6 :- A use-after-free vulnerability can occur when the widget listener is holding strong references to browser objects that have previously been freed, resulting in a potentially exploitable crash when these references a ... oval:org.secpod.oval:def:43646 Mozilla Firefox before 58.0 or Firefox ESR before 52.6 or Thunderbird before 52.6 :- A use-after-free vulnerability can occur when manipulating HTML media elements with media streams, resulting in a potentially exploitable crash. oval:org.secpod.oval:def:43647 Mozilla Firefox before 58.0 or Firefox ESR before 52.6 or Thunderbird before 52.6 :- A use-after-free vulnerability can occur during mouse event handling due to issues with multiprocess support. This results in a potentially exploitable crash. oval:org.secpod.oval:def:43648 Mozilla Firefox before 58.0 or Firefox ESR before 52.6 or Thunderbird before 52.6 :- A use-after-free vulnerability can occur during font face manipulation when a font face is freed while still in use, resulting in a potentially exploitable crash. oval:org.secpod.oval:def:43649 Mozilla Firefox before 58.0 or Firefox ESR before 52.6 or Thunderbird before 52.6 :- If right-to-left text is used in the addressbar with left-to-right alignment, it is possible in some circumstances to scroll this text to spoof the displayed URL. This issue could result in the wrong URL being displ ... oval:org.secpod.oval:def:43650 Mozilla Firefox ESR before 52.6 or Thunderbird before 52.6 :- A use-after-free vulnerability can occur while editing events in form elements on a page, resulting in a potentially exploitable crash. oval:org.secpod.oval:def:43674 The host is missing a critical security update according to Mozilla advisory, MFSA2018-03. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code, ... oval:org.secpod.oval:def:47378 Mozilla Firefox 62, Mozilla Firefox ESR 60.2, Mozilla Thunderbird 60.2.1 : Browser proxy settings can be bypassed by using the automount feature with autofs to create a mount point on the local file system. Content can be loaded from this mounted file system directly using a file URI, bypassing conf ... oval:org.secpod.oval:def:47377 The host is missing a critical security update according to Mozilla advisory, MFSA2018-21. The update is required to fix multiple vulnerabilities. A flaw is present in the application, which fails to handle crafted data. Successful exploitation allows attackers to crash an application. oval:org.secpod.oval:def:47383 Mozilla Firefox 62, Mozilla Firefox ESR 60.2, Mozilla Thunderbird 60.2.1 : When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running the Mozilla Updater manuall ... oval:org.secpod.oval:def:48225 The host is missing a critical security update according to Mozilla advisory, MFSA2018-27. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:48227 Mozilla Firefox ESR 60.3 : Mozilla developers and community members Daniel Veditz and Philipp reported memory safety bugs present in Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary ... oval:org.secpod.oval:def:48228 Mozilla Firefox 63, Mozilla Firefox ESR 60.3 : Mozilla developers and community members Christian Holler, Bob Owen, Boris Zbarsky, Calixte Denizet, Jason Kratzer, Jed Davis, Taegeon Lee, Philipp, Ronald Crane, Raul Gurzau, Gary Kwong, Tyson Smith, Raymond Forbes, and Bogdan Tara reported memory safe ... oval:org.secpod.oval:def:48229 Mozilla Firefox 63, Mozilla Firefox ESR 60.3 : When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. oval:org.secpod.oval:def:48230 Mozilla Firefox 63, Mozilla Firefox ESR 60.3 : By rewriting the Host request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting. This would allow access to domains that share a host that are otherwise restricted. oval:org.secpod.oval:def:48231 Mozilla Firefox 63, Mozilla Firefox ESR 60.3 : A vulnerability where a WebExtension can run content scripts in disallowed contexts following navigation or other events. This allows for potential privilege escalation by the WebExtension on sites where content scripts should not be run. oval:org.secpod.oval:def:48232 Mozilla Firefox 63, Mozilla Firefox ESR 60.3 : A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all websites" being displayed to the user. This allows extensions to run content scripts in local pages without permission ... oval:org.secpod.oval:def:49888 The host is missing a critical security update according to Mozilla advisory, MFSA2018-30. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:49889 Mozilla Firefox 64, Mozilla Firefox ESR 60.4, Mozilla Thunderbird 60.4: Mozilla developers and community members Christian Holler, Diego Calleja, Andrew McCreight, Jon Coppeard, Jed Davis, Natalia Csoregi, Nicolas B. Pierron, and Tyson Smith reported memory safety bugs present in Firefox 63 and Fire ... oval:org.secpod.oval:def:49892 Mozilla Firefox 64, Mozilla Firefox ESR 60.4, Mozilla Thunderbird 60.4 : A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. This results in a potentially exploitable crash. oval:org.secpod.oval:def:49893 Mozilla Firefox 64, Mozilla Firefox ESR 60.4, Mozilla Thunderbird 60.4 : A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. This results in a potentially exploitable cr ... oval:org.secpod.oval:def:49894 Mozilla Firefox 64, Mozilla Firefox ESR 60.4, Mozilla Thunderbird 60.4 : A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries(). This is a same-origin policy viola ... oval:org.secpod.oval:def:49897 Mozilla Firefox 64, Mozilla Firefox ESR 60.4, Mozilla Thunderbird 60.4 : A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when a raw value is used instead of the checked value. This can lead to an out-of-bounds write. oval:org.secpod.oval:def:54995 Mozilla Firefox 67, Mozilla Firefox ESR 60.7 and Mozilla Thunderbird 60.7: A use-after-free vulnerability can occur when working with <code>XMLHttpRequest</code> (XHR) in an event loop, causing the XHR main thread to be called after it has been freed. This results in a potentially exploitable crash. oval:org.secpod.oval:def:54996 Mozilla Firefox 67, Mozilla Firefox ESR 60.7 and Mozilla Thunderbird 60.7: A use-after-free vulnerability can occur when listeners are removed from the event listener manager while still in use, resulting in a potentially exploitable crash. oval:org.secpod.oval:def:55000 Mozilla Firefox 67, Mozilla Firefox ESR 60.7 and Mozilla Thunderbird 60.7: If a crafted hyperlink is dragged and dropped to the bookmark bar or sidebar and the resulting bookmark is subsequently dragged and dropped into the web content area, an arbitrary query of a user's browser history can be run ... oval:org.secpod.oval:def:55006 Mozilla Firefox 67, Mozilla Firefox ESR 60.7 and Mozilla Thunderbird 60.7: Mozilla developers and community members Olli Pettay, Bogdan Tara, Jan de Mooij, Jason Kratzer, Jan Varga, Gary Kwong, Tim Guan-tin Chien, Tyson Smith, Ronald Crane, and Ted Campbell reported memory safety bugs present in Fir ... oval:org.secpod.oval:def:55008 Mozilla Firefox 67, Mozilla Firefox ESR 60.7 and Mozilla Thunderbird 60.7: If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in ... oval:org.secpod.oval:def:55009 Mozilla Firefox 67, Mozilla Firefox ESR 60.7 and Mozilla Thunderbird 60.7: A possible vulnerability exists where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the bypassing of security checks within these groups. oval:org.secpod.oval:def:55010 Mozilla Firefox 67, Mozilla Firefox ESR 60.7 and Mozilla Thunderbird 60.7: Images from a different domain can be read using a canvas object in some circumstances. This could be used to steal image data from a different site in violation of same-origin policy. oval:org.secpod.oval:def:55011 Mozilla Firefox 67, Mozilla Firefox ESR 60.7 and Mozilla Thunderbird 60.7: A vulnerability where a JavaScript compartment mismatch can occur while working with the <code>fetch</code> API, resulting in a potentially exploitable crash. oval:org.secpod.oval:def:55012 Mozilla Firefox 67, Mozilla Firefox ESR 60.7 and Mozilla Thunderbird 60.7: A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash. oval:org.secpod.oval:def:62295 Mozilla Firefox 74.0.1, Mozilla Firefox ESR 68.6.1 and Mozilla Thunderbird 68.7 : Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. oval:org.secpod.oval:def:62401 The host is missing a high severity security update according to Mozilla advisory, MFSA2020-13. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple vectors. Successful exploitation can cause multiple impacts. oval:org.secpod.oval:def:62403 Mozilla Firefox 75, Mozilla Firefox ESR 68.7 and Mozilla Thunderbird 68.7 : When reading from areas partially or fully outside the source resource with WebGL's <code>copyTexSubImage</code> method, the specification requires the returned values be zero. Previously, this memory was uninitialized, lead ... oval:org.secpod.oval:def:62404 Mozilla Firefox 75, Mozilla Firefox ESR 68.7 and Mozilla Thunderbird 68.7 : On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in <code>GMPDecodeData</code>. It is possible that with enough effort this could have been exploited to run arbitrary cod ... oval:org.secpod.oval:def:62407 Mozilla Firefox 75, Mozilla Firefox ESR 68.7 and Mozilla Thunderbird 68.7 : Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 74 and Firefox ESR 68.6. Some of these bugs showed evidence of memory corruption and we presume that wi ... oval:org.secpod.oval:def:65692 The host is missing a high severity security update according to Mozilla advisory, MFSA2020-43. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple vectors. Successful exploitation can cause multiple impacts. oval:org.secpod.oval:def:65693 Mozilla Firefox 81, Mozilla Firefox ESR 78.3, Mozilla Thunderbird 78.3 : Mozilla developer Jason Kratzer reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have bee ... oval:org.secpod.oval:def:65696 Mozilla Firefox 81, Mozilla Firefox ESR 78.3, Mozilla Thunderbird 78.3 : Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element. oval:org.secpod.oval:def:65697 Mozilla Firefox 81, Mozilla Firefox ESR 78.3, Mozilla Thunderbird 78.3 : By exploiting an Open Redirect vulnerability on a website, an attacker could have spoofed the site displayed in the download file dialog to show the original site (the one suffering from the open redirect) rather than the site ... oval:org.secpod.oval:def:65698 Mozilla Firefox 81, Mozilla Firefox ESR 78.3, Mozilla Thunderbird 78.3 : When recursing through graphical layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free. This occurs because the function <code>APZCTreeManager::ComputeClippedCompositionBounds</cod ... oval:org.secpod.oval:def:74579 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:605629 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:75233 Mozilla Firefox 93, Mozilla Firefox ESR 91.2 and Thunderbird 91.2 : Through use of code reportValidity()/code and code window.open()/code , a plain-text validation message could have been overlaid on another origin, leading to possible user confusion and spoofing attacks. oval:org.secpod.oval:def:75231 Mozilla Firefox 93, Mozilla Firefox ESR 91.2 and Thunderbird 91.2 : In the crossbeam crate, one or more tasks in the worker queue could have been be popped twice instead of other tasks that are forgotten and never popped. If tasks are allocated on the heap, this could have caused a double free and a ... oval:org.secpod.oval:def:75237 Mozilla Firefox 93, Mozilla Firefox ESR 91.2 and Thunderbird 91.2 : Mozilla developers and community members Kevin Brosnan, Mihai Alexandru Michis, and Christian Holler reported memory safety bugs present in Firefox 92 and Firefox ESR 91.2. Some of these bugs showed evidence of memory corruption and ... oval:org.secpod.oval:def:75234 Mozilla Firefox 93, Mozilla Firefox ESR 91.2 and Thunderbird 91.2 : During process shutdown, a document could have caused a use-after-free of a languages service object, leading to memory corruption and a potentially exploitable crash. oval:org.secpod.oval:def:75240 The host is missing a high severity security update according to the Mozilla advisory MFSA2021-45 and is prone to multiple vulnerabilities. The flas are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified impa ... oval:org.secpod.oval:def:75232 Mozilla Firefox 93, Mozilla Firefox ESR 78.15, Mozilla Firefox ESR 91.2, Thunderbird 78.15 and Thunderbird 91.2 : During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a potentially exploitable crash. oval:org.secpod.oval:def:75239 The host is missing a high severity security update according to the Mozilla advisory MFSA2021-44 and is prone to multiple vulnerabilities. The flas are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified impa ... oval:org.secpod.oval:def:75236 Mozilla Firefox 93, Mozilla Firefox ESR 78.15, Mozilla Firefox ESR 91.2, Thunderbird 78.15 and Thunderbird 91.2 : Mozilla developers and community members Andreas Pehrson and Christian Holler reported memory safety bugs present in Firefox 92 and Firefox ESR 91.2. Some of these bugs showed evidence o ... oval:org.secpod.oval:def:75779 Mozilla Firefox 94, Mozilla Firefox ESR 91.3 and Thunderbird 91.3 : By displaying a form validity message in the correct location at the same time as a permission prompt (such as for geolocation), the validity message could have obscured the prompt, resulting in the user potentially being tricked in ... oval:org.secpod.oval:def:75778 Mozilla Firefox 94, Mozilla Firefox ESR 91.3 and Thunderbird 91.3 : The Opportunistic Encryption feature of HTTP2 (RFC 8164) allows a connection to be transparently upgraded to TLS while retaining the visual properties of an HTTP connection, including being same-origin with unencrypted connections o ... oval:org.secpod.oval:def:75777 Mozilla Firefox 94, Mozilla Firefox ESR 91.3 and Thunderbird 91.3 : Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing. oval:org.secpod.oval:def:75776 Mozilla Firefox 94, Mozilla Firefox ESR 91.3 and Thunderbird 91.3 : When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-free could have resulted, leading to memory corruption and a potentially exploitable crash. oval:org.secpod.oval:def:75775 Mozilla Firefox 94, Mozilla Firefox ESR 91.3 and Thunderbird 91.3 : The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame. oval:org.secpod.oval:def:75783 The host is missing a high severity security update according to the Mozilla advisory MFSA2021-49 and is prone to multiple vulnerabilities. The flas are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified impa ... oval:org.secpod.oval:def:75781 Mozilla Firefox 94, Mozilla Firefox ESR 91.3 and Thunderbird 91.3 : The executable file warning was not presented when downloading .inetloc files, which can run commands on a user's computer. oval:org.secpod.oval:def:75780 Mozilla Firefox 94, Mozilla Firefox ESR 91.3 and Thunderbird 91.3 : Due to an unusual sequence of attacker-controlled events, a Javascript alert() dialog with arbitrary (although unstyled) contents could be displayed over top an uncontrolled webpage of the attacker's choosing. oval:org.secpod.oval:def:77712 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-05 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to cause unspecified im ... oval:org.secpod.oval:def:77715 Mozilla Firefox 97, Mozilla Firefox ESR 91.6 : If a user installed an extension of a particular type, the extension could have auto-updated itself and while doing so, bypass the prompt which grants the new version the new requested permissions. oval:org.secpod.oval:def:77717 Mozilla Firefox 97, Mozilla Firefox ESR 91.6 : If a user was convinced to drag and drop an image to their desktop or other folder, the resulting object could have been changed into an executable script which would have run arbitrary code after the user clicked on it. oval:org.secpod.oval:def:77718 Mozilla Firefox 97, Mozilla Firefox ESR 91.6 : If a document created a sandboxed iframe without allow-scripts, and subsequently appended an element to the iframe's document that e.g. had a JavaScript event handler - the event handler would have run despite the iframe's sandbox. oval:org.secpod.oval:def:605882 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or spoofing. oval:org.secpod.oval:def:77719 Mozilla Firefox 97, Mozilla Firefox ESR 91.6 : When importing resources using Web Workers, error messages would distinguish the difference between application responses and non-script responses. This could have been abused to learn information cross-origin. oval:org.secpod.oval:def:77720 Mozilla Firefox 97, Mozilla Firefox ESR 91.6 : Web-accessible extension pages (pages with a moz-extension:// scheme) were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension's Content Security Policy. oval:org.secpod.oval:def:77721 Mozilla Firefox 91.6 : When a worker is shutdown, it was possible to cause script to run late in the lifecycle, at a point after where it should not be possible. oval:org.secpod.oval:def:77722 Mozilla Firefox 97, Mozilla Firefox ESR 91.6 : Mozilla developers and community members Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96 and Firefox ESR 91.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some ... oval:org.secpod.oval:def:78127 Mozilla Firefox 98, Mozilla Firefox ESR 91.7.0 or Mozilla Thunderbird 91.7.0: An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash. oval:org.secpod.oval:def:78129 Mozilla Firefox 98, Mozilla Firefox ESR 91.7.0 or Mozilla Thunderbird 91.7.0: When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification. oval:org.secpod.oval:def:78130 Mozilla Firefox 98, Mozilla Firefox ESR 91.7.0 or Mozilla Thunderbird 91.7.0: If an attacker could control the contents of an iframe sandboxed with allow-popups but not allow-scripts, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. oval:org.secpod.oval:def:78132 Mozilla Firefox ESR 91.7.0 or Mozilla Thunderbird 91.7.0: Previously Firefox for macOS and Linux would download temporary files to a user-specific directory in /tmp, but this behavior was changed to download them to /tmp where they could be affected by other local users. This behavior was reverted t ... oval:org.secpod.oval:def:78133 Mozilla Firefox 98, Mozilla Firefox ESR 91.7.0 or Mozilla Thunderbird 91.7.0: When installing an add-on, Firefox verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Firefox would not have noticed. oval:org.secpod.oval:def:78135 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-11 and is prone to a multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to cause unspecified ... oval:org.secpod.oval:def:88343 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or spoofing. oval:org.secpod.oval:def:80397 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or spoofing. oval:org.secpod.oval:def:88370 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing. oval:org.secpod.oval:def:88383 Multiple security issues have been found in the Mozilla Firefox web browser, which could result in spoofing. oval:org.secpod.oval:def:83378 The host is missing a high severity security update according to Mozilla advisory, MFSA2022-35. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple vectors. Successful exploitation can cause multiple impacts. oval:org.secpod.oval:def:83379 The host is missing a high severity security update according to Mozilla advisory, MFSA2022-34. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple vectors. Successful exploitation can cause multiple impacts. oval:org.secpod.oval:def:83381 Mozilla Firefox 104.0, Mozilla Firefox ESR 91.13 or 102.2 and Mozilla Thunderbird 91.13 or 102.2: An attacker could have abused XSLT error handling to associate attacker-controlled content with another origin which was displayed in the address bar. This could have been used to fool the user into sub ... oval:org.secpod.oval:def:83382 Mozilla Firefox 104.0, Mozilla Firefox ESR 91.13 or 102.2 and Mozilla Thunderbird 91.13 or 102.2 : A cross-origin iframe referencing an XSLT document would inherit the parent domain's permissions (such as microphone or camera access). oval:org.secpod.oval:def:83384 Mozilla Firefox ESR 102.2 and Mozilla Thunderbird 102.2: A data race could occur in the PK11_ChangePW function, potentially leading to a use-after-free vulnerability. In Firefox, this lock protected the data when a user changed their master password. oval:org.secpod.oval:def:83385 Mozilla Firefox 104.0, Mozilla Firefox ESR 102.2 and Mozilla Thunderbird 102.2: Mozilla developer Nika Layzell and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103 and Firefox ESR 102.1. Some of these bugs showed evidence of memory corruption and we presume that with enoug ... oval:org.secpod.oval:def:83386 Mozilla Firefox 104.0, Mozilla Firefox ESR 91.13 or 102.2 and Mozilla Thunderbird 91.13 or 102.2 : Members the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103, Firefox ESR 102.1, and Firefox ESR 91.12. Some of these bugs showed evidence of memory corruption and we presume tha ... oval:org.secpod.oval:def:88395 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing. oval:org.secpod.oval:def:88407 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, CSP bypass or session fixation. Debian follows the extended support releases of Firefox. Support for the 91.x series has ended, so starting with this updat ... oval:org.secpod.oval:def:85590 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-48 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified imp ... oval:org.secpod.oval:def:85592 Mozilla Firefox 107, Mozilla Firefox ESR 102.5 or Mozilla Thunderbird 102.5: Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined with Range requests might have allowed them to determine the presence or le ... oval:org.secpod.oval:def:85593 Mozilla Firefox 107, Mozilla Firefox ESR 102.5 or Mozilla Thunderbird 102.5: Through a series of popup and codewindow.print()/code calls, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. oval:org.secpod.oval:def:85594 Mozilla Firefox 107, Mozilla Firefox ESR 102.5 or Mozilla Thunderbird 102.5: Freeing arbitrary codensIInputStream/code's on a different thread than creation could have led to a use-after-free and potentially exploitable crash. oval:org.secpod.oval:def:85595 Mozilla Firefox 107, Mozilla Firefox ESR 102.5 or Mozilla Thunderbird 102.5: If an out-of-memory condition occurred when creating a JavaScript global, a JavaScript realm may be deleted while references to it lived on in a BaseShape. This could lead to a use-after-free causing a potentially exploitab ... oval:org.secpod.oval:def:85597 Mozilla Firefox 107, Mozilla Firefox ESR 102.5 or Mozilla Thunderbird 102.5: Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. oval:org.secpod.oval:def:85598 Mozilla Firefox 107, Mozilla Firefox ESR 102.5 or Mozilla Thunderbird 102.5: The garbage collector could have been aborted in several states and zones and code GCRuntime::finishCollection /code may not have been called, leading to a use-after-free and potentially exploitable crash oval:org.secpod.oval:def:85599 Mozilla Firefox 107, Mozilla Firefox ESR 102.5 or Mozilla Thunderbird 102.5: When a ServiceWorker intercepted a request with code FetchEvent/code, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was a ... oval:org.secpod.oval:def:85600 Mozilla Firefox 107, Mozilla Firefox ESR 102.5 or Mozilla Thunderbird 102.5: Cross-Site Tracing occurs when a server will echo a request back via the Trace method, allowing an XSS attack to access to authorization headers and cookies inaccessible to JavaScript (such as cookies protected by HTTPOnly) ... oval:org.secpod.oval:def:85601 Mozilla Firefox 107, Mozilla Firefox ESR 102.5 or Mozilla Thunderbird 102.5: When resolving a symlink such as codefile:///proc/self/fd/1/code, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer. oval:org.secpod.oval:def:85603 Mozilla Firefox 107, Mozilla Firefox ESR 102.5 or Mozilla Thunderbird 102.5: Keyboard events reference strings like "KeyA" that were at fixed, known, and widely-spread addresses. Cache-based timing attacks such as Prime+Probe could have possibly figured out which keys were being pressed. oval:org.secpod.oval:def:85605 Mozilla Firefox 107, Mozilla Firefox ESR 102.5 or Mozilla Thunderbird 102.5: If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks. oval:org.secpod.oval:def:85607 Mozilla Firefox 107, Mozilla Firefox ESR 102.5 or Mozilla Thunderbird 102.5: Using tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks. oval:org.secpod.oval:def:85608 Mozilla Firefox 107, Mozilla Firefox ESR 102.5 or Mozilla Thunderbird 102.5: Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Firefox 106 and Firefox ESR 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effor ... oval:org.secpod.oval:def:9619 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to stack-based buffer overflow vulnerability. A flaw is present in the applications, which fail to handle an HTM ... oval:org.secpod.oval:def:9620 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1 or SeaMonkey before 2.15 and is prone to heap-based buffer overflow vulnerability. A flaw is present in the applications, which fail to handle a craft ... oval:org.secpod.oval:def:9625 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to remote code execution vulnerability. A flaw is present in the applications, which fail to ensure thread safet ... oval:org.secpod.oval:def:9626 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1 or SeaMonkey before 2.15 and is prone to use-after-free vulnerability. A flaw is present in the applications, which fail to handle vectors related to ... oval:org.secpod.oval:def:9628 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1 or SeaMonkey before 2.15 and is prone to use-after-free vulnerability. A flaw is present in the applications, which fail to handle some unspecified ve ... oval:org.secpod.oval:def:9632 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to arbitrary code execution vulnerability. A flaw is present in the applications, which fail to prevent modifica ... oval:org.secpod.oval:def:9633 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to use-after-free vulnerability. A flaw is present in the applications, which fail to handle a crafted web page ... oval:org.secpod.oval:def:9634 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to use-after-free vulnerability. A flaw is present in the applications, which fail to handle vectors related to ... oval:org.secpod.oval:def:9637 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to memory corruption vulnerability. A flaw is present in the applications, which fail to handle a crafted XBL fi ... oval:org.secpod.oval:def:9640 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1 or SeaMonkey before 2.15 and is prone to multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to handle some un ... oval:org.secpod.oval:def:9642 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to same-origin policy bypass vulnerability. A flaw is present in the applications, which fail to properly enforc ... oval:org.secpod.oval:def:9644 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to remote code executio vulnerability. A flaw is present in the applications, which fail to properly interact wi ... oval:org.secpod.oval:def:9648 The host is missing a critical security update according to Mozilla advisory, MFSA 2013-03. The update is required to fix stack-based buffer overflow vulnerability. A flaw is present in the applications, which fail to handle an HTML document that specifies invalid width and height values. Successfu ... oval:org.secpod.oval:def:9649 The host is missing a security update according to Mozilla advisory, MFSA 2013-07. The update is required to fix remote code execution vulnerability. A flaw is present in the applications, which fail to ensure thread safety for SSL sessions. Successful exploitation allows remote attackers to execute ... oval:org.secpod.oval:def:9652 The host is missing a security update according to Mozilla advisory, MFSA 2013-14. The update is required to fix arbitrary code execution vulnerability. A flaw is present in the applications, which fail to prevent modifications to the prototype of an object. Successful exploitation allows remote att ... oval:org.secpod.oval:def:9653 The host is missing a critical security update according to Mozilla advisory, MFSA 2013-19. The update is required to fix use-after-free vulnerability. A flaw is present in the applications, which fail to handle a crafted web page referencing JavaScript Proxy objects that are not properly handled du ... oval:org.secpod.oval:def:9654 The host is missing a critical security update according to Mozilla advisory, MFSA 2013-18. The update is required to fix use-after-free vulnerability. A flaw is present in the applications, which fail to handle vectors related to the domDoc pointer. Successful exploitation allows remote attackers t ... oval:org.secpod.oval:def:9657 The host is missing a security update according to Mozilla advisory, MFSA 2013-13. The update is required to fix memory corruption vulnerability. A flaw is present in the applications, which fail to handle a crafted XBL file with multiple bindings that have SVG content. Successful exploitation allow ... oval:org.secpod.oval:def:9661 The host is missing a critical security update according to Mozilla advisory, MFSA 2013-08. The update is required to fix remote code execution vulnerability. A flaw is present in the applications, which fail to properly interact with garbage collection. Successful exploitation allows remote attacke ... oval:org.secpod.oval:def:9663 The host is missing a security update according to Mozilla advisory, MFSA 2013-10. The update is required to fix same-origin policy bypass vulnerability. A flaw is present in the applications, which fail to properly enforce the Same Origin Policy. Successful exploitation allows remote attackers to c ... oval:org.secpod.oval:def:9932 The host is installed with Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3 and SeaMonkey before 2.16 and is prone to information disclosure vulnerability. A flaw is present in the applications, which fail to prevent JavaScrip ... oval:org.secpod.oval:def:9933 The host is installed with Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3 or SeaMonkey before 2.16 and is prone to information disclosure vulnerability. A flaw is present in the applications, which fail to prevent modificati ... oval:org.secpod.oval:def:9947 The host is missing a security update according to Mozilla advisory, MFSA 2013-24. The update is required to fix information disclosure vulnerability. A flaw is present in the applications, which fail to prevent modifications to a prototype. Successful exploitation allows remote attackers to obtain ... oval:org.secpod.oval:def:9948 The host is missing a security update according to Mozilla advisory, MFSA 2013-25. The update is required to fix information disclosure vulnerability. A flaw is present in the applications, which fail to prevent JavaScript workers from reading the browser-profile directory name. Successful exploitat ... oval:org.secpod.oval:def:16377 Mozilla community member Ms2ger found a mechanism where a new Javascript object with a compartment is uninitialized could be entered through web content. When the scope for this object is called, it leads to a potentially exploitable crash. oval:org.secpod.oval:def:9931 The host is installed with Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3 or SeaMonkey before 2.16 and is prone to use-after-free vulnerability. A flaw is present in the applications, which fail to handle the the nsImageLoad ... oval:org.secpod.oval:def:9930 The host is installed with Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3 and SeaMonkey before 2.16 and is prone to address spoofing vulnerability. A flaw is present in the applications, which fail to handle a proxy server t ... oval:org.secpod.oval:def:16370 Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly restrict local-filesystem access by Java applets, which allows user-assisted remote attackers to read arbitrary files by leveraging a ... oval:org.secpod.oval:def:16371 Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be explo ... oval:org.secpod.oval:def:16374 Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover a use-after-free problem in the Animation Manager during the cloning of stylesheets. This can lead to a potentially exploitable crash. oval:org.secpod.oval:def:9936 The host is installed with Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3 or SeaMonkey before 2.16 and is prone to heap-based buffer overflow vulnerability. A flaw is present in the applications, which fail to handle the nsS ... oval:org.secpod.oval:def:9938 The host is installed with Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3 or SeaMonkey before 2.16 and is prone to use-after-free vulnerability. A flaw is present in the applications, which fail to handle a crafted document ... oval:org.secpod.oval:def:9944 The host is missing a security update according to Mozilla advisory, MFSA 2013-28. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle certain functions. Successful exploitation allows remote attackers to execute arbitrary code or c ... oval:org.secpod.oval:def:9943 The host is missing a security update according to Mozilla advisory, MFSA 2013-21. The update is required to fix multiple memory safety vulnerabilities. The flaws are present in the applications, which fail to handle certain unspecified vectors. Successful exploitation allows remote attackers to cau ... oval:org.secpod.oval:def:16388 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allow remote attackers to cause a denial of service (memory corruption and application cra ... oval:org.secpod.oval:def:9941 The host is installed with Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3 or SeaMonkey before 2.16 and is prone to multiple memory safety vulnerabilities. The flaws are present in the applications, which fail to handle certa ... oval:org.secpod.oval:def:16385 Security researcher Nils reported two potentially exploitable memory corruption bugs involving scrolling. The first was a use-after-free condition due to scrolling an image document. The second was due to nodes in a range request being added as children of two different parents. oval:org.secpod.oval:def:16386 Mozilla developer Boris Zbarsky reported that user-defined getters on DOM proxies would incorrectly get the expando object as this . It is unlikely that this is directly exploitable but could lead to JavaScript client or add-on code making incorrect security sensitive decisions based on hacker supp ... oval:org.secpod.oval:def:16383 Security researcher Sachin Shinde reported that moving certain XBL-backed nodes from a document into the replacement document created by document.open() can cause a JavaScript compartment mismatch which can often lead to exploitable conditions. Starting with Firefox 20 this condition was turned ... oval:org.secpod.oval:def:16384 Security researcher Aki Helin reported that combining lists, floats, and multiple columns could trigger a potentially exploitable buffer overflow. oval:org.secpod.oval:def:9949 The host is missing a security update according to Mozilla advisory, MFSA 2013-26. The update is required to fix use-after-free vulnerability. A flaw is present in the applications, which fail to handle the the nsImageLoadingContent::OnStopContainer function. Successful exploitation allows remote at ... oval:org.secpod.oval:def:16356 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (memory corruption and application c ... oval:org.secpod.oval:def:16367 Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 use an incorrect URI within unspecified comparisons during enforcement of the Same Origin Policy, which allows remote attackers to conduct cross-site ... oval:org.secpod.oval:def:16363 Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly handle the interaction between FRAME elements and history, which allows remote attackers to conduct cross-site scripting (XSS) attacks ... oval:org.secpod.oval:def:16364 The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allows remote attackers to execute arbitrary JavaScript code or conduct cross-site scripting (XSS) attacks ... oval:org.secpod.oval:def:16392 Use-after-free vulnerability in the nsAnimationManager::BuildAnimations function in the Animation Manager in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrar ... oval:org.secpod.oval:def:16395 Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not ensure that initialization occurs for JavaScript objects with compartments, which allows remote attackers to execute arbitrary code by leveraging ... oval:org.secpod.oval:def:16335 Security researcher Cody Crews reported that some Javascript components will perform checks against the wrong uniform resource identifier (URI) before performing security sensitive actions. This will return an incorrect location for the originator of the call. This could be used to bypass same-orig ... oval:org.secpod.oval:def:16332 Mozilla security researcher moz_bug_r_a4 reported a mechanism to execute arbitrary code or a cross-site scripting (XSS) attack when Certificate Request Message Format (CRMF) request is generated in certain circumstances. oval:org.secpod.oval:def:16338 Security researcher Georgi Guninski reported an issue with Java applets where in some circumstances the applet could access files on the local system when loaded using the a file:/// URI and violate file origin policy due to interaction with the codebase parameter. This affects applets running on ... oval:org.secpod.oval:def:16339 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execu ... oval:org.secpod.oval:def:16336 Mozilla community member Federico Lanusse reported a mechanism where a web worker can violate same-origin policy and bypass cross-origin checks through XMLHttpRequest. This could allow for cross-site scripting (XSS) attacks by web workers. oval:org.secpod.oval:def:16331 Mozilla security researcher moz_bug_r_a4 reported that through an interaction of frames and browser history it was possible to make the browser believe attacker-supplied content came from the location of a previous page in browser history. This allows for cross-site scripting (XSS) attacks by loadi ... oval:org.secpod.oval:def:16346 Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possib ... oval:org.secpod.oval:def:16343 Use-after-free vulnerability in the mozilla::ResetDir function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via ... oval:org.secpod.oval:def:16344 The System Only Wrapper (SOW) and Chrome Object Wrapper (COW) implementations in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly restrict XBL user-defined functions, which allows remote attackers to execut ... oval:org.secpod.oval:def:16349 The PreserveWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly handle the lack of a wrapper, which allows remote attackers to cause a denial of service (application crash) or possi ... oval:org.secpod.oval:def:16347 Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not prevent the inclusion of body data in an XMLHttpRequest HEAD request, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks ... oval:org.secpod.oval:def:16341 Use-after-free vulnerability in the mozilla::dom::HTMLMediaElement::LookupMediaElementURITable function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denia ... oval:org.secpod.oval:def:16342 Use-after-free vulnerability in the nsIDocument::GetRootElement function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corru ... oval:org.secpod.oval:def:16312 Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be explo ... oval:org.secpod.oval:def:16313 Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover a series of use-after-free problems rated critical as security issues in shipped software. Some of these issues are potentially exploitable, allowing for remote code execution. ... oval:org.secpod.oval:def:16316 Security researcher Nils reported that specially crafted web content using the onreadystatechange event and reloading of pages could sometimes cause a crash when unmapped memory is executed. This crash is potentially exploitable. oval:org.secpod.oval:def:16317 Security researcher Johnathan Kuskos reported that Firefox is sending data in the body of XMLHttpRequest (XHR) HEAD requests, which goes against the XHR specification. This can potentially be used for Cross-Site Request Forgery (CSRF) attacks against sites which do not distinguish between HEAD and ... oval:org.secpod.oval:def:9950 The host is missing a security update according to Mozilla advisory, MFSA 2013-27. The update is required to fix address spoofing vulnerability. A flaw is present in the applications, which fail to handle a proxy server that provides a 407 HTTP status code accompanied by web script. Successful explo ... oval:org.secpod.oval:def:16314 Security researcher Mariusz Mlynski reported that it is possible to compile a user-defined function in the XBL scope of a specific element and then trigger an event within this scope to run code. In some circumstances, when this code is run, it can access content protected by System Only Wrappers ( ... oval:org.secpod.oval:def:16322 Mozilla security researcher moz_bug_r_a4 reported that XrayWrappers can be bypassed to call content-defined toString and valueOf methods through DefaultValue . This can lead to unexpected behavior when privileged code acts on the incorrect values. oval:org.secpod.oval:def:16326 Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be explo ... oval:org.secpod.oval:def:16318 Security researcher Paul Stone of Context Information Security discovered that timing differences in the processing of SVG format images with filters could allow for pixel values to be read. This could potentially allow for text values to be read across domains, leading to information disclosure. oval:org.secpod.oval:def:16319 Mozilla developer Boris Zbarsky found that when PreserveWrapper was used in cases where a wrapper is not set, the preserved-wrapper flag on the wrapper cache is cleared. This could potentially lead to an exploitable crash. oval:org.secpod.oval:def:10673 The host is installed with Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5 or SeaMonkey before 2.17 and is prone to integer signedness error vulnerability. A flaw is present in the applications, which fail to handle crafted v ... oval:org.secpod.oval:def:10680 The host is installed with Mozilla Firefox before 20.0 or SeaMonkey before 2.17 and is prone to multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to properly handle vectors related to the nsContentUtils::HoldJSObjects function and the nsAutoPtr class, and ot ... oval:org.secpod.oval:def:10681 The host is installed with Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5 or SeaMonkey before 2.17 and is prone to multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to properly handl ... oval:org.secpod.oval:def:10683 The host is missing a security update according to Mozilla advisory, MFSA 2013-36. The update is required to fix security bypass vulnerability. A flaw is present in the applications, which fail to prevent use of the cloneNode method for cloning a protected node. Successful exploitation allows remote ... oval:org.secpod.oval:def:10684 The host is missing a security update according to Mozilla advisory, MFSA 2013-37. The update is required to fix information disclosure vulnerability. A flaw is present in the applications, which fail to prevent origin spoofing of tab-modal dialogs. Successful exploitation allows remote attackers to ... oval:org.secpod.oval:def:10685 The host is missing a security update according to Mozilla advisory, MFSA 2013-38. The update is required to fix cross site scripting vulnerability. A flaw is present in the applications, which fail to ensure the correctness of the address bar during history navigation. Successful exploitation allow ... oval:org.secpod.oval:def:10675 The host is installed with Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5 or SeaMonkey before 2.17 and is prone to security bypass vulnerability. A flaw is present in the applications, which fail to prevent use of the cloneN ... oval:org.secpod.oval:def:10677 The host is installed with Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5 or SeaMonkey before 2.17 and is prone to cross site scripting vulnerability. A flaw is present in the applications, which fail to ensure the correctne ... oval:org.secpod.oval:def:10679 The host is installed with Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5 or SeaMonkey before 2.17 and is prone to out of bounds memory corruption vulnerability. A flaw is present in the applications, which fail to handle a ... oval:org.secpod.oval:def:10686 The host is missing a security update according to Mozilla advisory, MFSA 2013-39. The update is required to fix memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle color profiles during PNG rendering. Successful exploitation allows remote attackers ... oval:org.secpod.oval:def:10687 The host is missing a security update according to Mozilla advisory, MFSA 2013-40. The update is required to fix out of bounds memory corruption vulnerability. A flaw is present in the applications, which fail to handle a crafted certificate. Successful exploitation allows remote attackers to cause ... oval:org.secpod.oval:def:10688 The host is missing a security update according to Mozilla advisory, MFSA 2013-30. The update is required to fix multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to properly handle vectors related to the nsContentUtils::HoldJSObjects function and the nsAuto ... oval:org.secpod.oval:def:10689 The host is missing a security update according to Mozilla advisory, MFSA 2013-31. The update is required to fix integer signedness error vulnerability. A flaw is present in the applications, which fail to handle crafted values that trigger attempted use of a negative box boundary or negative box si ... oval:org.secpod.oval:def:9659 The host is missing a critical security update according to Mozilla advisory, MFSA 2013-12. The update is required to fix Integer overflow vulnerability. A flaw is present in the applications, which fail to handle a crafted string concatenation, leading to improper memory allocation. Successful expl ... oval:org.secpod.oval:def:9656 The host is missing a critical security update according to Mozilla advisory, MFSA 2013-16. The update is required to fix use-after-free vulnerability. A flaw is present in the applications, which fail to handle crafted web content. Successful exploitation allows remote attackers to execute arbitrar ... oval:org.secpod.oval:def:9655 The host is missing a critical security update according to Mozilla advisory, MFSA 2013-17. The update is required to fix use-after-free vulnerability. A flaw is present in the applications, which fail to handle vectors that involve the triggering of garbage collection after memory allocation for li ... oval:org.secpod.oval:def:9650 The host is missing a security update according to Mozilla advisory, MFSA 2013-04. The update is required to fix URL spoofing vulnerability. A flaw is present in the applications, which fail to handle vectors involving authentication information in the userinfo field of a URL. Successful exploitatio ... oval:org.secpod.oval:def:9651 The host is missing a critical security update according to Mozilla advisory, MFSA 2013-15. The update is required to fix privilege escalation vulnerability. A flaw is present in the applications, which fail to handle improper interaction between plugin objects and SVG elements. Successful exploitat ... oval:org.secpod.oval:def:9664 The host is missing a security update according to Mozilla advisory, MFSA 2013-11. The update is required to fix information disclosure vulnerability. A flaw is present in the applications, which fail to prevent calling the toString function of an XBL object. Successful exploitation allows remote at ... oval:org.secpod.oval:def:9660 The host is missing a critical security update according to Mozilla advisory, MFSA 2013-05. The update is required to fix use-after-free vulnerability. A flaw is present in the applications, which fail to handle an HTML document with a table containing many columns and column groups. Successful expl ... oval:org.secpod.oval:def:9662 The host is missing a security update according to Mozilla advisory, MFSA 2013-09. The update is required to fix denial of service vulnerability. A flaw is present in the applications, which fail to properly implement quickstubs that use the jsval data type for their return values. Successful exploi ... oval:org.secpod.oval:def:9636 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to use-after-free vulnerability. A flaw is present in the applic ... oval:org.secpod.oval:def:9635 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to use-after-free vulnerability. A flaw is present in the applic ... oval:org.secpod.oval:def:9631 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to privilege escalation vulnerability. A flaw is present in the ... oval:org.secpod.oval:def:9639 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to Integer overflow vulnerability. A flaw is present in the appl ... oval:org.secpod.oval:def:9630 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to URL spoofing vulnerability. A flaw is present in the applicat ... oval:org.secpod.oval:def:16400 Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly handle movement of XBL-backed nodes between documents, which allows remote attackers to execute arbitrary code or cause a denial of serv ... oval:org.secpod.oval:def:9647 The host is missing a critical security update according to Mozilla advisory, MFSA 2013-01. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle certain vectors and memory. Successful exploitation allows attackers to execute arbitra ... oval:org.secpod.oval:def:9646 The host is missing a critical security update according to Mozilla advisory, MFSA 2013-02. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle certain vectors and memory. Successful exploitation allows attackers to execute arbitrar ... oval:org.secpod.oval:def:16404 The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vect ... oval:org.secpod.oval:def:9643 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to denial of service vulnerability. A flaw is present in the app ... oval:org.secpod.oval:def:16405 Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly identify the "this" object during use of user-defined getter methods on DOM proxies, which might allow remote attackers to bypass intend ... oval:org.secpod.oval:def:16402 Buffer overflow in the nsFloatManager::GetFlowArea function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code via crafted use of lists and floats wit ... oval:org.secpod.oval:def:9645 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to use-after-free vulnerability. A flaw is present in the applic ... oval:org.secpod.oval:def:16403 Use-after-free vulnerability in the mozilla::layout::ScrollbarActivity function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code via vectors related ... oval:org.secpod.oval:def:9641 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to information disclosure vulnerability. A flaw is present in th ... oval:org.secpod.oval:def:9624 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1 or SeaMonkey before 2.15 and is prone to use-after-free vulnerability. A flaw is present in the applic ... oval:org.secpod.oval:def:9627 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1 or SeaMonkey before 2.15 and is prone to use-after-free vulnerability. A flaw is present in the applic ... oval:org.secpod.oval:def:9623 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1 or SeaMonkey before 2.15 and is prone to denial of service vulnerability. A flaw is present in the app ... oval:org.secpod.oval:def:9622 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1 or SeaMonkey before 2.15 and is prone to multiple unspecified vulnerabilities. The flaws are present i ... oval:org.secpod.oval:def:10396 The host is installed with Mozilla Firefox before 19.0.2, Firefox ESR 17.x before 17.0.4, Thunderbird before 17.0.4, Thunderbird ESR 17.x before 17.0.4 or SeaMonkey before 2.16.1 and is prone to use-after-free vulnerability. A flaw is present in the applications, which fail to handle vectors involvi ... oval:org.secpod.oval:def:10397 The host is missing a security update according to Mozilla advisory, MFSA 2013-29. The update is required to fix use-after-free vulnerability. A flaw is present in the applications, which fail to handle vectors involving an execCommand call. Successful exploitation allows remote attackers to execute ... oval:org.secpod.oval:def:11220 The host is installed with Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6 or Thunderbird ESR 17.x before 17.0.6 and is prone to use-after-free vulnerability. A flaw is present in the applications, which fail to handle vectors involving an onresize event during ... oval:org.secpod.oval:def:11221 The host is missing a security update according to Mozilla advisory, MFSA 2013-46. The update is required to fix use-after-free vulnerability. A flaw is present in the applications, which fail to handle vectors involving an onresize event during the playing of a video. Successful exploitation allows ... oval:org.secpod.oval:def:11224 The host is installed with Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6 or Thunderbird ESR 17.x before 17.0.6 and is prone to cross-site scripting (XSS) vulnerability. A flaw is present in the applications, which fail to prevent acquisition of chrome privile ... oval:org.secpod.oval:def:11214 The host is installed with Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6 or Thunderbird ESR 17.x before 17.0.6 and is prone to invalid write operation vulnerability. A flaw is present in the applications, which fail to handle certain vectors related to memory ... oval:org.secpod.oval:def:11215 The host is installed with Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6 or Thunderbird ESR 17.x before 17.0.6 and is prone to out of Bounds Read vulnerability. A flaw is present in the applications, which fail to handle certain vectors related to memory. Suc ... oval:org.secpod.oval:def:11216 The host is installed with Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6 or Thunderbird ESR 17.x before 17.0.6 and is prone to out of bounds read vulnerability. A flaw is present in the applications, which fail to handle certain vectors related to memory. Suc ... oval:org.secpod.oval:def:11217 The host is missing a security update according to Mozilla advisory, MFSA 2013-48. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle certain vectors related to memory. Successful exploitation allows attackers to execute arbitrary ... oval:org.secpod.oval:def:11218 The host is installed with Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6 or Thunderbird ESR 17.x before 17.0.6 and is prone to information disclosure vulnerability. A flaw is present in the applications, which fail to properly initialize data structures for t ... oval:org.secpod.oval:def:11219 The host is missing a security update according to Mozilla advisory, MFSA 2013-47. The update is required to fix information disclosure vulnerability. A flaw is present in the applications, which fail to properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEv ... oval:org.secpod.oval:def:11225 The host is missing a security update according to Mozilla advisory, MFSA 2013-42. The update is required to fix cross-site scripting (XSS) vulnerability. A flaw is present in the applications, which fail to prevent acquisition of chrome privileges during calls to content level constructors. Success ... oval:org.secpod.oval:def:11227 The host is missing a security update according to Mozilla advisory, MFSA 2013-41. The update is required to fix multiple unspecified vulnerabilities. The flaws are present in the application, which fails to properly handle certain unknown vectors. Successful exploitation allows attackers to cause a ... oval:org.secpod.oval:def:11228 The host is installed with Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6 or Thunderbird ESR 17.x before 17.0.6 and is prone to multiple unspecified vulnerabilities. The flaws are present in the applications, which oval:org.secpod.oval:def:11211 The host is installed with Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6 or Thunderbird ESR 17.x before 17.0.6 and is prone to use-after-free vulnerability. A flaw is present in the applications, which fail to handle certain vectors related to memory. Success ... oval:org.secpod.oval:def:11212 The host is installed with Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6 or Thunderbird ESR 17.x before 17.0.6 and is prone to use-after-free vulnerability. A flaw is present in the applications, which fail to handle certain vectors related to memory. Success ... oval:org.secpod.oval:def:11213 The host is installed with Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6 or Thunderbird ESR 17.x before 17.0.6 and is prone to use-after-free vulnerability. A flaw is present in the applications, which fail to handle certain vectors related to memory. Success ... oval:org.secpod.oval:def:20632 The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data during function execution, which allows remote attackers to execute arbitrary code by triggering prolong ... oval:org.secpod.oval:def:20630 Use-after-free vulnerability in the nsDocLoader::OnProgress function in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allows remote attackers to execute arbitrary code via vectors that trigger a FireOnStateChange event. oval:org.secpod.oval:def:20631 Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to execute arbitrary code via crafted WebGL content constructed with the Cesium JavaScript library. oval:org.secpod.oval:def:20625 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. oval:org.secpod.oval:def:20621 Mozilla community member John reported a crash in the Skia library when scaling high quality images if the scaling operation takes too long. This is caused by the image data being discarded while still in use by the scaling operation. This crash is potentially exploitable on some systems. oval:org.secpod.oval:def:20614 Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these ... oval:org.secpod.oval:def:20618 Security researcher Jethro Beekman of the University of California, Berkeley reported a crash when the FireOnStateChange event is triggered in some circumstances. This leads to a use-after-free and a potentially exploitable crash when it occurs. oval:org.secpod.oval:def:20619 Developer Patrick Cozzi reported a crash in some circumstances when using the Cesium JavaScript library to generate WebGL content. Mozilla developers determined that this crash is potentially exploitable. oval:org.secpod.oval:def:16302 The JavaScript engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly allocate memory for unspecified functions, which allows remote attackers to conduct bu ... oval:org.secpod.oval:def:16306 Use-after-free vulnerability in the nsIPresShell::GetPresContext function in the PresShell (aka presentation shell) implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before ... oval:org.secpod.oval:def:16304 Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code ... oval:org.secpod.oval:def:17841 Security researcher Nils discovered a use-after-free error in which the imgLoader object is freed while an image is being resized. This results in a potentially exploitable crash. oval:org.secpod.oval:def:17840 Mozilla security researcher moz_bug_r_a4 reported a method to use browser navigations through history to load a website with that page"s baseURI property pointing to that of another site instead of the seemingly loaded one. The user will continue to see the incorrect site in the addressbar of the b ... oval:org.secpod.oval:def:17845 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code ... oval:org.secpod.oval:def:17843 Security researchers Tyson Smith and Jesse Schwartzentruber of the BlackBerry Security Automated Analysis Team used the Address Sanitizer tool while fuzzing to discover a use-after-free during host resolution in some circumstances. This leads to a potentially exploitable crash. oval:org.secpod.oval:def:17839 Security researcher Mariusz Mlynski discovered an issue where sites that have been given notification permissions by a user can bypass security checks on source components for the Web Notification API. This allows for script to be run in a privileged context through notifications, leading to arbitr ... oval:org.secpod.oval:def:17836 Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover a buffer overflow when a script uses a non-XBL object as an XBL object because the XBL status of the object is not properly validated. The resulting memory corruption is potent ... oval:org.secpod.oval:def:17853 The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page for ... oval:org.secpod.oval:def:17856 Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap m ... oval:org.secpod.oval:def:17855 Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corru ... oval:org.secpod.oval:def:17854 The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-site scripting (XSS) attacks, via a crafted web site ... oval:org.secpod.oval:def:17849 The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects, which allows remote attackers to execute arbitrary code or cause a denial of se ... oval:org.secpod.oval:def:17848 Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image. oval:org.secpod.oval:def:16311 The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly initialize data, which allows remote attacke ... oval:org.secpod.oval:def:16309 The Worker::SetEventListener function in the Web workers implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or c ... oval:org.secpod.oval:def:16307 Use-after-free vulnerability in the nsIOService::NewChannelFromURIWithProxyFlags function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute a ... oval:org.secpod.oval:def:16308 Use-after-free vulnerability in the nsEventListenerManager::SetEventHandler function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitr ... oval:org.secpod.oval:def:23569 The host is installed with Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4 or SeaMonkey before 2.32 and is prone to a security bypass vulnerability. A flaw is present in the applications, which fail to handle a crafted web site. Successful exploitation allows attac ... oval:org.secpod.oval:def:23576 The host is missing a security update according to Mozilla advisory, MFSA 2015-06. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fail to handle a crafted track data. Successful exploitation allows attackers to execute arbitrary code. oval:org.secpod.oval:def:23575 The host is installed with Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4 or SeaMonkey before 2.32 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to handle a crafted track data. Successful exploitation allows attackers to execute arbitra ... oval:org.secpod.oval:def:23572 The host is missing a security update according to Mozilla advisory, MFSA 2015-04. The update is required to fix a session-fixation vulnerability. A flaw is present in the applications, which do not properly interpret Set-Cookie headers within responses that have a 407 (aka Proxy Authentication Requ ... oval:org.secpod.oval:def:23571 The host is installed with Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4 or SeaMonkey before 2.32 and is prone to a session-fixation vulnerability. A flaw is present in the applications, which do not properly interpret Set-Cookie headers within responses that hav ... oval:org.secpod.oval:def:23570 The host is missing a security update according to Mozilla advisory, MFSA 2015-03. The update is required to fix a security bypass vulnerability. A flaw is present in the applications, which fail to handle a crafted web site. Successful exploitation allows attackers to bypass intended CORS access-co ... oval:org.secpod.oval:def:23564 The host is missing a security update according to Mozilla advisory, MFSA 2015-01. The update is required to fix to multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation allows attackers to cause a denial of ser ... oval:org.secpod.oval:def:23562 The host is installed with Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4 or SeaMonkey before 2.32 and is prone to multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation allows ... oval:org.secpod.oval:def:23989 The host is installed with Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 and is prone to a security bypass vulnerability. A flaw is present in the applications, which fail to handle a crafted web site. Successful exploitation could allow attackers to bypass i ... oval:org.secpod.oval:def:23988 The host is missing a critical security update according to Mozilla advisory, MSFA-2015-40. The update is required to fix a security bypass vulnerability. A flaw is present in the applications, which fail to handle vectors involving anchor navigation. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:23987 The host is installed with Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 and is prone to a security bypass vulnerability. A flaw is present in the applications, which fail to handle vectors involving anchor navigation. Successful exploitation could allow atta ... oval:org.secpod.oval:def:23995 The host is missing a critical security update according to Mozilla advisory, MSFA-2015-30. The update is required to fix multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation could allow attackers to cause a de ... oval:org.secpod.oval:def:23993 The host is installed with Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 and is prone to multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation could allow attackers to ca ... oval:org.secpod.oval:def:20000 Use-after-free vulnerability in the RefreshDriverTimer::TickDriver function in the SMIL Animation Controller in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruptio ... oval:org.secpod.oval:def:23992 The host is missing a critical security update according to Mozilla advisory, MSFA-2015-33. The update is required to fix a security bypass vulnerability. A flaw is present in the applications, which do not properly restrict resource: URLs. Successful exploitation could allow attackers to execute ar ... oval:org.secpod.oval:def:23991 The host is installed with Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 and is prone to a security bypass vulnerability. A flaw is present in the applications, which do not properly restrict resource: URLs. Successful exploitation could allow attackers to ex ... oval:org.secpod.oval:def:23990 The host is missing a critical security update according to Mozilla advisory, MSFA-2015-37. The update is required to fix a security bypass vulnerability. A flaw is present in the applications, which fail to handle a crafted web site. Successful exploitation could allow attackers to bypass intended ... oval:org.secpod.oval:def:23973 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-28. The update is required to fix a security bypass vulnerability. A flaw is present in the applications, which do not properly handle vectors involving SVG hash navigation. Successful exploitation could allow at ... oval:org.secpod.oval:def:23972 The host is installed with Mozilla Firefox before 36.0.4, Firefox ESR 31.x before 31.5.3 or SeaMonkey before 2.33.1 and is prone to a security bypass vulnerability. A flaw is present in the applications, which do not properly handle vectors involving SVG hash navigation. Successful exploitation coul ... oval:org.secpod.oval:def:23971 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-29. The update is required to fix an arbitrary code execution vulnerability. A flaw is present in the applications, which do not properly determine the cases in which bounds checking may be safely skipped during ... oval:org.secpod.oval:def:23970 The host is installed with Mozilla Firefox before 36.0.3, Firefox ESR 31.x before 31.5.2 or SeaMonkey before 2.33.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the applications, which do not properly determine the cases in which bounds checking may be safely skipp ... oval:org.secpod.oval:def:21358 Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31.x before 31.1.2, Mozilla SeaMonkey before 2.29.1 ... oval:org.secpod.oval:def:21356 Antoine Delignat-Lavaud , security researcher at Inria Paris in team Prosecco, reported an issue in Network Security Services (NSS) libraries affecting all versions. He discovered that NSS is vulnerable to a variant of a signature forgery attack previously published by Daniel Bleichenbacher. This is ... oval:org.secpod.oval:def:16258 Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corrupt ... oval:org.secpod.oval:def:16255 Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via ... oval:org.secpod.oval:def:16259 Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by trig ... oval:org.secpod.oval:def:16251 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code ... oval:org.secpod.oval:def:16261 The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements. oval:org.secpod.oval:def:17329 The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash ... oval:org.secpod.oval:def:17327 The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a different d ... oval:org.secpod.oval:def:19986 Mozilla developers and community identified identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least som ... oval:org.secpod.oval:def:16238 Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be explo ... oval:org.secpod.oval:def:19987 Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team discovered a number of use-after-free and out of bounds read issues using the Address Sanitizer tool. These issues are potentially exploitable, allowing for remote code execution. oval:org.secpod.oval:def:17320 The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and appli ... oval:org.secpod.oval:def:16247 Security researchers Tyson Smith and JesseSchwartzentruber of the BlackBerry Security Automated Analysis Team used the Address Sanitizer tool while fuzzing to discover a user-after-free in the functions for synthetic mouse movement handling. Security researcher Atte Kettunen from OUSPG also repor ... oval:org.secpod.oval:def:17335 vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:17334 TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to execute arbitrary code or cause a denial of service (h ... oval:org.secpod.oval:def:16245 Security researchers Tyson Smith and JesseSchwartzentruber of the BlackBerry Security Automated Analysis Team used the Address Sanitizer tool while fuzzing to discover a mechanism where inserting an ordered list into a document through script could lead to a potentially exploitable crash that can ... oval:org.secpod.oval:def:17333 Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering extensive memory consumption while garbage co ... oval:org.secpod.oval:def:19997 Use-after-free vulnerability in the nsTextEditRules::CreateMozBR function in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. oval:org.secpod.oval:def:19993 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. oval:org.secpod.oval:def:16242 Security researchers Tyson Smith and JesseSchwartzentruber of the BlackBerry Security Automated Analysis Team used the Address Sanitizer tool while fuzzing to discover a user-after-free when interacting with event listeners from the mListeners array. This leads to a potentially exploitable crash. oval:org.secpod.oval:def:17332 Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors. oval:org.secpod.oval:def:16243 Security researcher Nils used the Address Sanitizer tool while fuzzing to discover a use-after-free problem in the table editing user interface of the editor during garbage collection. This leads to a potentially exploitable crash. oval:org.secpod.oval:def:17331 The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call. oval:org.secpod.oval:def:17330 Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF docu ... oval:org.secpod.oval:def:19990 Security researcher Nils used the Address Sanitizer to discover a use-after-free problem with the SMIL Animation Controller when interacting with and rendering improperly formed web content. This causes a potentially exploitable crash. oval:org.secpod.oval:def:16293 Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover an access violation due to uninitialized data during Extensible Stylesheet Language Transformation (XSLT) processing. This leads to a potentially exploitable crash. oval:org.secpod.oval:def:16294 Compiler Engineer Dan Gohman of Google discovered a flaw in the JavaScript engine where memory was being incorrectly allocated for some functions and the calls for allocations were not always properly checked for overflow, leading to potential buffer overflows. When combined with other vulnerabilit ... oval:org.secpod.oval:def:16291 Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be explo ... oval:org.secpod.oval:def:16298 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allow remote attackers to cause a denial of service (memory corrupt ... oval:org.secpod.oval:def:16296 Security researcher Byoungyoung Lee of Georgia Tech Information Security Center (GTISC) used the Address Sanitizer tool to discover a use-after-free during state change events while updating the offline cache. This leads to a potentially exploitable crash. oval:org.secpod.oval:def:16288 Security researcher Nils used the Address Sanitizer tool while fuzzing to discover missing strong references in browsing engine leading to use-after-frees. This can lead to a potentially exploitable crash. oval:org.secpod.oval:def:16289 Security researcher Nils used the Address Sanitizer tool while fuzzing to discover a memory corruption issue with the JavaScript engine when using workers with direct proxies. This results in a potentially exploitable crash. oval:org.secpod.oval:def:17302 Security researcher Atte Kettunen from OUSPG reported an out of bounds read during the decoding of WAV format audio files for playback. This could allow web content access to heap data as well as causing a crash. oval:org.secpod.oval:def:17300 Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these ... oval:org.secpod.oval:def:17314 Security research firm VUPEN , via TippingPoint"s Pwn2Own contest, reported that memory pressure during Garbage Collection could lead to memory corruption of TypeObjects in the JS engine, resulting in an exploitable use-after-free condition. oval:org.secpod.oval:def:17313 Security researcher Mariusz Mlynski , via TippingPoint"s Pwn2Own contest, reported that it is possible for untrusted web content to load a chrome-privileged page by getting JavaScript-implemented WebIDL to call window.open() . A second bug allowed the bypassing of the popup-blocker without user inte ... oval:org.secpod.oval:def:17312 Mozilla developer Robert O"Callahan reported a mechanism for timing attacks involving SVG filters and displacements input to feDisplacementMap . This allows displacements to potentially be correlated with values derived from content. This is similar to the previously reported techniques used for SV ... oval:org.secpod.oval:def:17311 Security researcher John Thomson discovered a memory corruption in the Cairo graphics library during font rendering of a PDF file for display. This memory corruption leads to a potentially exploitable crash and to a denial of service (DOS). This issues is not able to be triggered in a default confi ... oval:org.secpod.oval:def:17317 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code ... oval:org.secpod.oval:def:17316 Security researcher George Hotz , via TippingPoint"s Pwn2Own contest, discovered an issue where values are copied from an array into a second, neutered array. This allows for an out-of-bounds write into memory, causing an exploitable crash leading to arbitrary code execution. oval:org.secpod.oval:def:17315 Security researcher Juri Aedla , via TippingPoint"s Pwn2Own contest, reported that TypedArrayObject does not handle the case where ArrayBuffer objects are neutered, setting their length to zero while still in use. This leads to out-of-bounds reads and writes into the JavaScript heap, allowing for ... oval:org.secpod.oval:def:17310 Security researcher Tyson Smith and Jesse Schwartzentruber of the BlackBerry Security Automated Analysis Team used the Address Sanitizer tool while fuzzing to discover an out-of-bounds read during polygon rendering in MathML. This can allow web content to potentially read protected memory addresse ... oval:org.secpod.oval:def:21048 Security researcher Holger Fuhrmannek discovered an out-of-bounds read during the creation of an audio timeline in Web Audio. This results in a crash and could allow for the reading of random memory values. oval:org.secpod.oval:def:21049 Security researcher regenrecht reported, via TippingPoint"s Zero Day Initiative, a use-after-free during text layout when interacting with the setting of text direction. This results in a use-after-free which can lead to arbitrary code execution. oval:org.secpod.oval:def:21038 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vecto ... oval:org.secpod.oval:def:21046 Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover a use-after-free during cycle collection. This was found in interactions with the SVG content through the document object model (DOM) with animating SVG content. This leads to ... oval:org.secpod.oval:def:21047 Google security researcher Michal Zalewski discovered that when a malformated GIF image is rendered in certain circumstances, memory is not properly initialized before use. The resulting image then uses this memory during rendering. This could allow for the a script in web content to access this uni ... oval:org.secpod.oval:def:21044 Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote attackers to execute arbitrary code via text that is improperly handled during the interactio ... oval:org.secpod.oval:def:21045 Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these ... oval:org.secpod.oval:def:21042 Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 do not properly initialize memory for GIF rendering, which allows remote attackers to obtain sensitive information from process memory via crafted web script that interacts with a CANVAS element associated wi ... oval:org.secpod.oval:def:21043 The mozilla::dom::AudioEventTimeline function in the Web Audio API implementation in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 does not properly create audio timelines, which allows remote attackers to obtain sensitive information from process memory ... oval:org.secpod.oval:def:21040 Unspecified vulnerability in the browser engine in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute ... oval:org.secpod.oval:def:21041 Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG animation w ... oval:org.secpod.oval:def:23686 The host is missing an important security update according to Mozilla advisory, MFSA-2015-24. The update is required to fix an information disclosure vulnerability. A flaw is present in the applications, which fails to properly handle crafted JavaScript code. Successful exploitation could allow atta ... oval:org.secpod.oval:def:23685 The host is installed with Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fails to properly handle crafted JavaScript code. Successful exploitation could allo ... oval:org.secpod.oval:def:17835 Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover a fixed offset out of bounds read issue while decoding specifically formatted JPG format images. This causes a non-exploitable crash. oval:org.secpod.oval:def:17833 Mozilla developers and community identified identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least som ... oval:org.secpod.oval:def:21439 The WebRTC video-sharing feature in dom/media/MediaManager.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 does not properly recognize Stop Sharing actions for videos in IFRAME elements, which allows remote attackers to obtain sensitive information ... oval:org.secpod.oval:def:21437 The Alarm API in Mozilla Firefox before 33.0 and Firefox ESR 31.x before 31.2 does not properly restrict toJSON calls, which allows remote attackers to bypass the Same Origin Policy via crafted API calls that access sensitive information within the JSON data of an alarm. oval:org.secpod.oval:def:21435 Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between directionality resolution and la ... oval:org.secpod.oval:def:21433 The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bo ... oval:org.secpod.oval:def:21434 The get_tile function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly execute arbitrary code via WebM frames with invalid tile sizes that are im ... oval:org.secpod.oval:def:21440 content/base/src/nsDocument.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 does not consider whether WebRTC video sharing is occurring, which allows remote attackers to obtain sensitive information from the local camera in certain IFRAME situations ... oval:org.secpod.oval:def:21428 Mozilla developer Boris Zbarsky reported that a malicious app could use the AlarmAPI to read the values of cross-origin references, such as an iframe"s location object, as part of an alarm"s JSON data. This allows a malicious app to bypass same-origin policy. oval:org.secpod.oval:def:21427 Mozilla developers Eric Shepherd and Jan-Ivar Bruaroey reported issues with privacy and video sharing using WebRTC. Once video sharing has started within a WebRTC session running within an iframe , video will continue to be shared even if the user selects the Stop Sharing button in the controls. T ... oval:org.secpod.oval:def:21424 Using the Address Sanitizer tool, security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team found an out-of-bounds write when buffering WebM format video containing frames with invalid tile sizes. This can lead to a potentially exploitable crash during WebM video playback. oval:org.secpod.oval:def:21425 Security researcher regenrecht reported, via TippingPoint"s Zero Day Initiative, a use-after-free during text layout when interacting with text direction. This results in a crash which can lead to arbitrary code execution. oval:org.secpod.oval:def:21422 Using the Address Sanitizer tool, security researcher Atte Kettunen from OUSPG discovered a buffer overflow when making capitalization style changes during CSS parsing. This can cause a crash that is potentially exploitable. oval:org.secpod.oval:def:21423 Security researcher Holger Fuhrmannek used the used the Address Sanitizer tool to discover an out-of-bounds read issue with Web Audio when interacting with custom waveforms with invalid values. This results in a crash and could allow for the reading of random memory which may contain sensitive data ... oval:org.secpod.oval:def:21432 Heap-based buffer overflow in the nsTransformedTextRun function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via Cascading Style Sheets (CSS) token sequences that trigger changes to capitalization sty ... oval:org.secpod.oval:def:21430 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vecto ... oval:org.secpod.oval:def:21421 Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these ... oval:org.secpod.oval:def:23669 The host is installed with Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fails to properly handle crafted content during IndexedDB index creation. Successful exploit ... oval:org.secpod.oval:def:23676 The host is missing a security update according to Mozilla advisory, MFSA-2015-19. The update is required to fix a heap-based buffer overflow vulnerability. A flaw is present in the applications, which fails to properly handle a malformed SVG graphic. Successful exploitation could allow attackers di ... oval:org.secpod.oval:def:23675 The host is installed with Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the applications, which fails to properly handle a malformed SVG graphic. Successful exploitation could a ... oval:org.secpod.oval:def:23670 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-16. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fails to properly handle crafted content during IndexedDB index creation. Successful exploitation co ... oval:org.secpod.oval:def:23662 The host is missing a critical security update according to Mozilla advisory, MFSA2015-11. The update is required to fix multiple unspecified vulnerabilities. The flaws are present in the application, which fails to handle unknown vectors. Successful exploitation could allow attackers to execute arb ... oval:org.secpod.oval:def:23660 The host is installed with Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 and is prone to multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation could allow attackers to ex ... oval:org.secpod.oval:def:38138 The host is installed with Mozilla Firefox before 50.0.2, Firefox ESR before 45.5.1 or Thunderbird 45.x before 45.5.1 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:38139 The host is missing a critical security update according to Mozilla advisory, MFSA2016-92. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Successful exploitation could allow attackers to execute remote code. oval:org.secpod.oval:def:33501 The host is installed with Mozilla Firefox before 45.0 or Firefox ESR 38.x before 38.7 and is prone to a spoofing vulnerability. A flaw is present in the browser/base/content/browser.js in Mozilla Firefox, which fails to handle a javascript: URL. Successful exploitation allows remote attackers to sp ... oval:org.secpod.oval:def:35546 The host is missing an important security update according to Mozilla advisory, MFSA2016-53. The update is required to fix an out-of-bounds write vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to cause out-of ... oval:org.secpod.oval:def:35547 The host is installed with Mozilla Firefox before 47.0 or Firefox ESR 48.x before 48.2 and is prone to an out-of-bounds write vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to cause out-of-bounds write or cra ... oval:org.secpod.oval:def:25576 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8, 38.x before 38.1, Thunderbird before 31.8 or 38.x before 38.1 and is prone to a security bypass vulnerability. A flaw is present in the applications, which do not properly determine state transitions for the TLS st ... oval:org.secpod.oval:def:25577 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-71. The update is required to fix a security bypass vulnerability. A flaw is present in the applications, which do not properly determine state transitions for the TLS state machine. Successful exploitation could ... oval:org.secpod.oval:def:25578 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8, 38.x before 38.1, Thunderbird before 31.8 or 38.x before 38.1 and is prone to multiple vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation could ... oval:org.secpod.oval:def:25579 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-59. The update is required to fix multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation could allow attackers to cause deni ... oval:org.secpod.oval:def:38870 The host is missing a critical security update according to Mozilla advisory, MFSA2017-02. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code, ... oval:org.secpod.oval:def:38615 The host is installed with Mozilla Firefox from 48.0 before 50.1 or Firefox ESR from 45.3 before 45.6 and is prone to a security bypass vulnerability. A flaw is present in the applications, which fail to properly handle external resources that should be blocked when loaded by SVG images. Successful ... oval:org.secpod.oval:def:38850 Mozilla Firefox before 51.0, Firefox ESR before 45.7 or Thunderbird 45.x before 45.7 :- Use-after-free while manipulating XSL in XSLT documents oval:org.secpod.oval:def:38851 Mozilla Firefox before 51.0, Firefox ESR before 45.7 or Thunderbird 45.x before 45.7 :- Hashed codes of JavaScript objects are shared between pages. This allows for pointer leaks because an object's address can be discovered through hash codes, and also allows for data leakage of an object's content ... oval:org.secpod.oval:def:38852 Mozilla Firefox before 51.0, Firefox ESR before 45.7 or Thunderbird 45.x before 45.7 :- A potential use-after-free found through fuzzing during DOM manipulation of SVG content. oval:org.secpod.oval:def:38853 Mozilla Firefox before 51.0, Firefox ESR before 45.7 or Thunderbird 45.x before 45.7 :- URLs containing certain unicode glyphs for alternative hyphens and quotes do not properly trigger punycode display, allowing for domain name spoofing attacks in the location bar. oval:org.secpod.oval:def:38854 Mozilla Firefox before 51.0 or Firefox ESR before 45.7 :- WebExtension scripts can use the data: protocol to affect pages loaded by other web extensions using this protocol, leading to potential data disclosure or privilege escalation in affected extensions. oval:org.secpod.oval:def:38855 Mozilla Firefox before 51.0, Firefox ESR before 45.7 or Thunderbird 45.x before 45.7 :- The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. oval:org.secpod.oval:def:38856 Mozilla Firefox before 51.0, Firefox ESR before 45.7 or Thunderbird 45.x before 45.7 :- A use-after-free vulnerability in the Media Decoder when working with media files when some events are fired after the media elements are freed from memory. oval:org.secpod.oval:def:38848 Mozilla Firefox before 51.0, Firefox ESR before 45.7 or Thunderbird 45.x before 45.7 :- Mozilla developers and community members reported memory safety bugs present in Firefox and Firefox ESR. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of ... oval:org.secpod.oval:def:38849 Mozilla Firefox before 51.0, Firefox ESR before 45.7 or Thunderbird 45.x before 45.7 :- JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. oval:org.secpod.oval:def:32465 The host is missing an important security update according to Mozilla advisory, MFSA2015-147. The update is required to fix an arbitrary code execution vulnerability. A flaw is present in the applications, which fail to handle MP4 video file with crafted covr metadata that triggers a buffer overflow ... oval:org.secpod.oval:def:32458 The host is missing a security update according to Mozilla advisory, MFSA2015-138. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fail to handle data channel that has been closed by a WebRTC function. Successful exploitation allows remote ... oval:org.secpod.oval:def:33520 The host is missing an important security update according to Mozilla advisory, MFSA2016-28. The update is required to fix an unspecified vulnerability. A flaw is present in the applications, which fails to handle a crafted NPAPI plugin. Successful exploitation allows remote attackers to spoof the a ... oval:org.secpod.oval:def:33517 The host is missing an important security update according to Mozilla advisory, MFSA2016-25. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fails to handle WebRTC data-channel connections. Successful exploitation allows remote attackers to ... oval:org.secpod.oval:def:33513 The host is missing an important security update according to Mozilla advisory, MFSA2016-21. The update is required to fix an unspecified vulnerability. A flaw is present in the applications, which fails to handle a javascript: URL. Successful exploitation allows remote attackers to spoof the addres ... oval:org.secpod.oval:def:32478 The host is installed with Mozilla Firefox before 43.0 or Firefox ESR 38.x before 38.5 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to handle data channel that has been closed by a WebRTC function. Successful exploitation allows remote attackers ... oval:org.secpod.oval:def:32468 The host is installed with Mozilla Firefox before 43.0 or Firefox ESR 38.x before 38.5 and is prone to an arbitrary code execution vulnerability. A flaw is present in the applications, which fail to handle MP4 video file with crafted covr metadata that triggers a buffer overflow. Successful exploita ... oval:org.secpod.oval:def:40131 The host is missing a critical security update according to Mozilla advisory, MFSA2017-11. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code o ... oval:org.secpod.oval:def:40132 The host is missing a critical security update according to Mozilla advisory, MFSA2017-12. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code o ... oval:org.secpod.oval:def:32968 The host is installed with Mozilla Firefox before 43.0, Mozilla Thunderbird 38.x before 38.6 or Firefox ESR 38.x before 38.6.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the applications, which fail to handle a crafted graphite smart font. Successful exploitation ... oval:org.secpod.oval:def:32967 The host is installed with Mozilla Firefox before 43.0, Mozilla Thunderbird 38.x before 38.6 or Firefox ESR 38.x before 38.6.1 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fail to handle a crafted graphite smart font. Successful exploitation a ... oval:org.secpod.oval:def:39171 Mozilla Firefox before 52.0, Firefox ESR before 45.8 or Thunderbird before 45.x before 45.8 :- Certain response codes in FTP connections can result in the use of uninitialized values for ports in FTP operations. oval:org.secpod.oval:def:39172 Mozilla Firefox before 52.0, Firefox ESR before 45.8 or Thunderbird before 45.x before 45.8 :- Mozilla developers and community members reported memory safety bugs present in Firefox, Firefox ESR and Thunderbird. Some of these bugs showed evidence of memory corruption and we presume that with enough ... oval:org.secpod.oval:def:39170 Mozilla Firefox before 52.0, Firefox ESR before 45.8 or Thunderbird before 45.x before 45.8 :- Video files loaded video captions cross-origin without checking for the presence of CORS headers permitting such cross-origin use, leading to potential information disclosure for video captions. oval:org.secpod.oval:def:39168 Mozilla Firefox before 52.0, Firefox ESR before 45.8 or Thunderbird before 45.x before 45.8 :- Using SVG filters that don't use the fixed point math implementation on a target iframe, a malicious page can extract pixel values from a targeted user. This can be used to extract history information and ... oval:org.secpod.oval:def:39169 Mozilla Firefox before 52.0, Firefox ESR before 45.8 or Thunderbird before 45.x before 45.8 :- Memory corruption resulting in a potentially exploitable crash during garbage collection of JavaScript due errors in how incremental sweeping is managed for memory cleanup. oval:org.secpod.oval:def:39164 Mozilla Firefox before 52.0, Firefox ESR before 45.8 or Thunderbird before 45.x before 45.8 :- JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. oval:org.secpod.oval:def:39165 Mozilla Firefox before 52.0, Firefox ESR before 45.8 or Thunderbird before 45.x before 45.8 :- A crash triggerable by web content in which an ErrorResult references unassigned memory due to a logic error. The resulting crash may be exploitable. oval:org.secpod.oval:def:39166 Mozilla Firefox before 52.0, Firefox ESR before 45.8 or Thunderbird before 45.x before 45.8 :- A use-after-free can occur when events are fired for a FontFace object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash. oval:org.secpod.oval:def:39167 Mozilla Firefox before 52.0, Firefox ESR before 45.8 or Thunderbird before 45.x before 45.8 :- A use-after-free error can occur when manipulating ranges in selections with one node inside a native anonymous tree and one node outside of it. This results in a potentially exploitable crash. oval:org.secpod.oval:def:40114 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- An out-of-bounds write during Base64 decoding operation in the Network Security Services (NSS) library due to insufficient memory being allocated to the buffer. This results in a potentially exploita ... oval:org.secpod.oval:def:26463 The host is missing an important security update according to Mozilla advisory, MFSA2015-82. The update is required to fix a same origin policy bypass vulnerability. A flaw is present in the applications, which fail to properly impose certain ECMAScript 6 requirements on JavaScript object properties ... oval:org.secpod.oval:def:26466 The host is installed with Mozilla Firefox before 40.0 or Firefox ESR 38.x before 38.2 and is prone to an out-of-bounds read vulnerability. A flaw is present in the applications, which fail to properly handle inconsistent sample formats within MP3 audio data. Successful exploitation allows remote at ... oval:org.secpod.oval:def:26467 The host is missing an important security update according to Mozilla advisory, MFSA2015-80. The update is required to fix an out-of-bounds read vulnerability. A flaw is present in the applications, which fail to properly handle inconsistent sample formats within MP3 audio data. Successful exploitat ... oval:org.secpod.oval:def:26460 The host is installed with Mozilla Firefox before 40.0 or Firefox ESR 38.x before 38.2 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fail to properly handle crafted MPEG-4 video data with H.264 encoding. Successful exploitation allows remote attacker ... oval:org.secpod.oval:def:26462 The host is installed with Mozilla Firefox before 40.0 or Firefox ESR 38.x before 38.2 and is prone to a same origin policy bypass vulnerability. A flaw is present in the applications, which fail to properly impose certain ECMAScript 6 requirements on JavaScript object properties. Successful exploit ... oval:org.secpod.oval:def:26461 The host is installed with Mozilla Firefox before 40.0 or Firefox ESR 38.x before 38.2 and is prone to multiple integer overflows vulnerability. The flaws are present in the applications, which fail to properly handle a crafted saio chunk in MPEG-4 video data. Successful exploitation allows remote a ... oval:org.secpod.oval:def:38431 The host is missing a critical security update according to Mozilla advisory, MFSA2016-95. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code o ... oval:org.secpod.oval:def:26449 The host is installed with Mozilla Firefox before 40.0 or Firefox ESR 38.x before 38.2 and is prone to an out-of-bounds read vulnerability. A flaw is present in the applications, which fail to properly handle malformed WebM video data. Successful exploitation could allow attackers to execute arbitra ... oval:org.secpod.oval:def:26453 The host is missing a security update according to Mozilla advisory, MFSA2015-87. The update is required to fix a denial of service vulnerability. A flaw is present in the applications, which fail to properly handle the use of shared memory and accessing (1) an Atomics object or (2) a SharedArrayBuf ... oval:org.secpod.oval:def:26452 The host is installed with Mozilla Firefox before 40.0 or Firefox ESR 38.x before 38.2 and is prone to a denial of service vulnerability. A flaw is present in the applications, which fail to properly handle the use of shared memory and accessing (1) an Atomics object or (2) a SharedArrayBuffer objec ... oval:org.secpod.oval:def:38429 The host is installed with Mozilla Firefox ESR before 45.6 or Thunderbird before 45.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle add or remove of sub-documents. Successful exploitation allows remote attackers to crash the s ... oval:org.secpod.oval:def:26451 The host is installed with Mozilla Firefox before 40.0 or Firefox ESR 38.x before 38.2 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the applications, which fail to properly handle malformed WebM video data. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:26450 The host is missing a critical security update according to Mozilla advisory, MFSA2015-89. The update is required to fix buffer overflow vulnerabilities. The flaws are present in the applications, which fail to properly handle malformed WebM video data. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:38420 The host is installed with Mozilla Firefox before 50.1, Firefox ESR before 45.6 or Mozilla Thunderbird before 45.6 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle a vector constructor with a varying array within libGLES. Success ... oval:org.secpod.oval:def:38421 The host is installed with Mozilla Firefox before 50.1, Firefox ESR before 45.6 or Thunderbird before 45.6 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to properly handle manipulation of DOM subtrees in the Editor. Successful exploitation allows ... oval:org.secpod.oval:def:38422 The host is installed with Mozilla Firefox before 50.1, Firefox ESR before 45.6 or Thunderbird before 45.6 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to properly handle manipulation of DOM events and removing audio elements. Successful exploita ... oval:org.secpod.oval:def:38423 The host is installed with Mozilla Firefox before 50.1, Firefox ESR before 45.6 or Thunderbird before 45.6 and is prone to a security bypass vulnerability. A flaw is present in the applications, which fail to properly handle external resources that should be blocked when loaded by SVG images. Succes ... oval:org.secpod.oval:def:38424 The host is installed with Mozilla Firefox before 50.1 or Firefox ESR before 45.6 and is prone to a security bypass vulnerability. A flaw is present in the applications, which fail to sanitize HTML tags received from the Pocket server and any JavaScript code executed will be run in the about:pocket- ... oval:org.secpod.oval:def:38425 The host is installed with Mozilla Firefox before 50.1, Firefox ESR before 45.6 or Thunderbird before 45.6 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fail to determine whether an atom is used by another compartment/zone in specific contexts. ... oval:org.secpod.oval:def:26439 The host is installed with Mozilla Firefox before 40.0 or Firefox ESR 38.x before 38.2 and is prone to heap-based buffer overflow vulnerability. A flaw is present in the applications, which fail to properly handle an invalid size field in an esds chunk in MPEG-4 video data. Successful exploitation c ... oval:org.secpod.oval:def:25594 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 or 38.x before 38.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the applications, which misinterpret an unspecified IDBDatabase field as a pointer. Successful exploitation could a ... oval:org.secpod.oval:def:26442 The host is missing an important security update according to Mozilla advisory, MFSA2015-92. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fail to properly handle a SharedWorker object that makes recursive calls to the open method of an X ... oval:org.secpod.oval:def:25595 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-61. The update is required to fix an arbitrary code execution vulnerability. A flaw is present in the applications, which misinterpret an unspecified IDBDatabase field as a pointer. Successful exploitation could ... oval:org.secpod.oval:def:26441 The host is installed with Mozilla Firefox before 40.0 or Firefox ESR 38.x before 38.2 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to properly handle a SharedWorker object that makes recursive calls to the open method of an XMLHttpRequest object ... oval:org.secpod.oval:def:25596 The host is installed with Mozilla Firefox before 39.0 or Firefox ESR 38.x before 38.1 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which do not properly calculate an oscillator rendering range. Successful exploitation could allow attackers to obtai ... oval:org.secpod.oval:def:25597 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-62. The update is required to fix an information disclosure vulnerability. A flaw is present in the applications, which do not properly calculate an oscillator rendering range. Successful exploitation could allow ... oval:org.secpod.oval:def:25598 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 or 38.x before 38.1 and is prone to an ECDSA signatures spoofing vulnerability. A flaw is present in the applications, which do not properly perform Elliptical Curve Cryptography (ECC) multiplications. Successful ex ... oval:org.secpod.oval:def:25599 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-64. The update is required to fix an ECDSA signatures spoofing vulnerability. A flaw is present in the applications, which do not properly perform Elliptical Curve Cryptography (ECC) multiplications. Successful e ... oval:org.secpod.oval:def:38418 The host is installed with Mozilla Firefox before 50.1, Firefox ESR before 45.6 or Thunderbird before 45.6 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle unknown vectors. Successful exploitation allows remote attackers to run a ... oval:org.secpod.oval:def:38419 The host is installed with Mozilla Firefox before 50.1, Firefox ESR before 45.6 or Thunderbird before 45.6 and is prone to a content security policy (CSP) bypass vulnerability. A flaw is present in the applications, which fail to properly handle event handlers on marquee tag. Successful exploitation ... oval:org.secpod.oval:def:25590 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, Thunderbird before 31.8 or 38.x before 38.1 and is prone to multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation could allow ... oval:org.secpod.oval:def:25592 The host is installed with Mozilla Firefox before 39.0 or Firefox ESR 38.x before 38.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the applications, which fail to handle a crafted web site that is accessed with unspecified mouse and keyboard actions. Successful ex ... oval:org.secpod.oval:def:26440 The host is missing a critical security update according to Mozilla advisory, MFSA2015-83. The update is required to fix multiple overflow vulnerabilities. The flaws are present in the applications, which fail to properly handle an invalid size field in an esds chunk in MPEG-4 video data. Successful ... oval:org.secpod.oval:def:25593 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-60. The update is required to fix an arbitrary code execution vulnerability. A flaw is present in the applications, which fail to handle a crafted web site that is accessed with unspecified mouse and keyboard act ... oval:org.secpod.oval:def:25583 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8, 38.x before 38.1, Thunderbird before 31.8 or 38.x before 38.1 and is prone to an unspecified vulnerability. A flaw is present in the applications, which access unintended memory locations. Successful exploitation c ... oval:org.secpod.oval:def:25584 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8, 38.x before 38.1, Thunderbird before 31.8 or 38.x before 38.1 and is prone to an unspecified vulnerability. A flaw is present in the applications, which read data from uninitialized memory locations. Successful exp ... oval:org.secpod.oval:def:25585 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8, 38.x before 38.1, Thunderbird before 31.8 or 38.x before 38.1 and is prone to an unspecified vulnerability. A flaw is present in the applications, which read data from uninitialized memory locations. Successful exp ... oval:org.secpod.oval:def:25586 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8, 38.x before 38.1, Thunderbird before 31.8 or 38.x before 38.1 and is prone to an unspecified vulnerability. A flaw is present in the applications, which access unintended memory locations. Successful exploitation c ... oval:org.secpod.oval:def:25587 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8, 38.x before 38.1, Thunderbird before 31.8 or 38.x before 38.1 and is prone to a buffer overflow vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Successful exploitation co ... oval:org.secpod.oval:def:25588 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 or 38.x before 38.1 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to handle vectors involving attachment of an XMLHttpRequest object to a shared worker. Successfu ... oval:org.secpod.oval:def:25589 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-65. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fail to handle vectors involving attachment of an XMLHttpRequest object to a shared worker. Successf ... oval:org.secpod.oval:def:25580 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8, 38.x before 38.1, Thunderbird before 31.8 or 38.x before 38.1 and is prone to an unspecified vulnerability. A flaw is present in the applications, which read data from uninitialized memory locations. Successful exp ... oval:org.secpod.oval:def:25581 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-66. The update is required to fix unspecified vulnerabilities. The flaws are present in the applications, which read data from uninitialized memory locations. Successful exploitation could allow attackers to caus ... oval:org.secpod.oval:def:25582 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8, 38.x before 38.1, Thunderbird before 31.8 or 38.x before 38.1 and is prone to an unspecified vulnerability. A flaw is present in the applications, which access unintended memory locations. Successful exploitation c ... oval:org.secpod.oval:def:31609 The host is missing an important security update according to Mozilla advisory, MFSA2015-130. The update is required to fix a denial of service vulnerability. A flaw is present in the applications, which fail to properly handle a crafted Java applet. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:31608 The host is installed with Mozilla Firefox before 42.0 or Firefox ESR 38.x before 38.4 and is prone to a denial of service vulnerability. A flaw is present in the applications, which fail to properly handle a crafted Java applet. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:30743 The host is missing an important security update according to Mozilla advisory, MFSA2015-95. The update is required to fix a security bypass vulnerability. A flaw is present in the applications, which fail to handle a crafted data: URL. Successful exploitation could allow attackers to bypass an inte ... oval:org.secpod.oval:def:30740 The host is installed with Mozilla Firefox before 40.0.3 or Firefox ESR 38.x before 38.2.1 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Successful exploitation could allow attackers to execute arbitrary code by leveragi ... oval:org.secpod.oval:def:30741 The host is missing an important security update according to Mozilla advisory, MFSA2015-94. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:30742 The host is installed with Mozilla Firefox before 40.0.3 or Firefox ESR 38.x before 38.2.1 and is prone to a security bypass vulnerability. A flaw is present in the applications, which fail to handle a crafted data: URL. Successful exploitation could allow attackers to bypass an intended user-confir ... oval:org.secpod.oval:def:30738 The host is installed with Mozilla Firefox before 39.0.3 or Firefox ESR 38.x before 38.1.1 and is prone to a same origin policy bypass vulnerability. A flaw is present in the applications, which fail to handle vectors involving crafted JavaScript code and a native setter. Successful exploitation cou ... oval:org.secpod.oval:def:30739 The host is missing an important security update according to Mozilla advisory, MFSA2015-78. The update is required to fix a same origin policy bypass vulnerability. A flaw is present in the applications, which fail to handle vectors involving crafted JavaScript code and a native setter. Successful ... oval:org.secpod.oval:def:33497 The host is installed with Mozilla Firefox before 45.0 or Firefox ESR 38.x before 38.7 and is prone to an use-after-free vulnerability. A flaw is present in the mozilla::DataChannelConnection::Close function in Mozilla Firefox, which fails to handle WebRTC data-channel connections. Successful exploi ... oval:org.secpod.oval:def:33494 The host is installed with Mozilla Firefox before 45.0 or Firefox ESR 38.x before 38.7 and is prone to a spoofing vulnerability. A flaw is present in the applications, which fails to a navigation sequence that returns to the original page. Successful exploitation allows remote attackers to spoof the ... oval:org.secpod.oval:def:24715 The host is installed with Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7 or Thunderbird before 31.7 and is prone to a buffer overflow vulnerability. A flaw is present in the applications, which fail to handle a large amount of compressed XML data. Successful exploitation could allow atta ... oval:org.secpod.oval:def:24716 The host is installed with Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7 or Thunderbird before 31.7 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the applications, which fail to handle a crafted SVG graphics data in conjunction with a crafted Cascading ... oval:org.secpod.oval:def:24717 The host is installed with Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7 or Thunderbird before 31.7 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to handle a document containing crafted text in conjunction with a Cascading Style Sheets ... oval:org.secpod.oval:def:24718 The host is installed with Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7 or Thunderbird before 31.7 and is prone to multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation could allow attackers to caus ... oval:org.secpod.oval:def:1800216 CVE-2017-5373: Memory safety bugs fixed in Firefox 51 and Firefox ESR 45.7 CVE-2017-5375: Excessive JIT code allocation allows bypass of ASLR and DEP CVE-2017-5376: Use-after-free in XSL CVE-2017-5378: Pointer and frame data leakage of Javascript objects CVE-2017-5380: Potential use-after-free durin ... oval:org.secpod.oval:def:39190 The host is missing a critical security update according to Mozilla advisory, MFSA2017-06. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code, ... oval:org.secpod.oval:def:25602 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 or 38.x before 38.1 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to handle vectors involving attachment of an XMLHttpRequest object to a dedicated worker. Succes ... oval:org.secpod.oval:def:25603 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, Thunderbird before 31.8 or 38.x before 38.1 and is prone to a security bypass vulnerability. A flaw is present in the applications, which do not enforce key pinning upon encountering an X.509 certificate problem th ... oval:org.secpod.oval:def:25604 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-67. The update is required to fix a security bypass vulnerability. A flaw is present in the applications, which do not enforce key pinning upon encountering an X.509 certificate problem that generates a user dial ... oval:org.secpod.oval:def:25605 The host is installed with Mozilla Firefox before 39.0 or Firefox ESR 31.x before 31.8 or 38.x before 38.1 and is prone to a security bypass vulnerability. A flaw is present in the applications, which enable excessive privileges for internal Workers. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:25606 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-69. The update is required to fix a security bypass vulnerability. A flaw is present in the applications, which enable excessive privileges for internal Workers. Successful exploitation could allow attackers to e ... oval:org.secpod.oval:def:25600 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, Thunderbird before 31.8 or 38.x before 38.1 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to handle client-side JavaScript that triggers removal of a DOM object ... oval:org.secpod.oval:def:25601 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-63. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fail to handle client-side JavaScript that triggers removal of a DOM object on the basis of a Conten ... oval:org.secpod.oval:def:24725 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-46. The update is required to fix multiple unspecified vulnerabilities. The flaws are present in the application, which fails to handle unknown vectors. Successful exploitation could allow attackers to cause a de ... oval:org.secpod.oval:def:24726 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-48. The update is required to fix a heap-based buffer overflow vulnerability. A flaw is present in the applications, which fail to handle a crafted SVG graphics data in conjunction with a crafted Cascading Style ... oval:org.secpod.oval:def:24729 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-51. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fail to handle a document containing crafted text in conjunction with a Cascading Style Sheets (CSS) ... oval:org.secpod.oval:def:24731 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-54. The update is required to fix a buffer overflow vulnerability. A flaw is present in the applications, which fail to handle a large amount of compressed XML data. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:34240 The host is missing an important security update according to Mozilla advisory, MFSA2016-47. The update is required to fix an arbitrary code execution vulnerability. A flaw is present in the JavaScript .watch() method, which can be used to overflow the 32-bit generation count of the underlying HashM ... oval:org.secpod.oval:def:34239 The host is installed with Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8 or 45.x before 45.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the JavaScript .watch() method, which can be used to overflow the 32-bit generation count of the underlying HashMap ... oval:org.secpod.oval:def:34233 The host is installed with Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8 or 45.x before 45.1 and is prone to a heap buffer overflow vulnerability. A flaw is present in the libstagefright library, which fails to handle CENC offsets and the sizes table. Successful exploitation allows remot ... oval:org.secpod.oval:def:34234 The host is missing an important security update according to Mozilla advisory, MFSA2016-44. The update is required to fix a heap buffer overflow vulnerability. A flaw is present in the libstagefright library, which fails to handle CENC offsets and the sizes table. Successful exploitation allows rem ... oval:org.secpod.oval:def:37295 The host is installed with Mozilla Firefox before 49.0, Firefox ESR before 45.4 or Thunderbird 45.x before 45.4 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to properly manipulate SVG format content through script. Successful exploitation allows ... oval:org.secpod.oval:def:37294 The host is installed with Mozilla Firefox before 49.0, Firefox ESR before 45.4 or Thunderbird 45.x before 45.4 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to properly manage changing text direction. Successful exploitation allows remote attacke ... oval:org.secpod.oval:def:37292 The host is installed with Mozilla Firefox before 49.0, Firefox ESR before 45.4 or Thunderbird 45.x before 45.4 and is prone to a heap-buffer-overflow vulnerability. A flaw is present in the applications, which fail to properly encode image frames to images. Successful exploitation allows remote att ... oval:org.secpod.oval:def:37291 The host is installed with Mozilla Firefox before 49.0, Firefox ESR before 45.4 or Thunderbird 45.x before 45.4 and is prone to a heap-use-after-free vulnerability. A flaw is present in the applications, which fail to properly handle web animations when destroying a timeline. Successful exploitation ... oval:org.secpod.oval:def:37290 The host is installed with Mozilla Firefox before 49.0, Firefox ESR before 45.4 or Thunderbird 45.x before 45.4 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to properly handle web animations. Successful exploitation allows remote attackers to exe ... oval:org.secpod.oval:def:37298 The host is installed with Mozilla Firefox before 49.0, Firefox ESR before 45.4 or Thunderbird 45.x before 45.4 and is prone to a malicious add-on injection vulnerability. A flaw is present in the applications, which fail to properly handle mis-issued certificate for a Mozilla web site. Successful e ... oval:org.secpod.oval:def:37285 The host is installed with Mozilla Firefox before 49.0, Firefox ESR before 45.4 or Thunderbird 45.x before 45.4 and is prone to a heap based buffer overflow vulnerability. A flaw is present in the applications, which fail to properly handle text conversion with some unicode characters. Successful ex ... oval:org.secpod.oval:def:37289 The host is installed with Mozilla Firefox before 49.0, Firefox ESR before 45.4 or Thunderbird 45.x before 45.4 and is prone to a heap-use-after-free vulnerability. A flaw is present in the applications, which fail to properly handle an attribute. Successful exploitation allows remote attackers to e ... oval:org.secpod.oval:def:37287 The host is installed with Mozilla Firefox before 49.0, Firefox ESR before 45.4 or Thunderbird 45.x before 45.4 and is prone to a denial of service vulnerability. A flaw is present in the applications, which fail to cast layout with input elements. Successful exploitation allows remote attackers to ... oval:org.secpod.oval:def:602753 Multiple security issues have been found in the Mozilla Firefox web browser: Memory safety errors, use-after-frees and other implementation errors may lead to the execution of arbitrary code, information disclosure or privilege escalation. oval:org.secpod.oval:def:602696 Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows and other implementation errors may lead to the execution of arbitrary code or information leaks. oval:org.secpod.oval:def:602687 A use-after-free vulnerability in the SVG Animation was discovered in the Mozilla Firefox web browser, allowing a remote attacker to cause a denial of service or execute arbitrary code, if a user is tricked into opening a specially crafted website. oval:org.secpod.oval:def:35553 The host is installed with Mozilla Firefox before 47.0 or Firefox ESR 48.x before 48.2 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to crash service. oval:org.secpod.oval:def:35551 The host is installed with Mozilla Firefox before 47.0 or Firefox ESR 48.x before 48.2 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to crash service. oval:org.secpod.oval:def:35552 The host is missing a critical security update according to Mozilla advisory, MFSA2016-50. The update is required to fix a buffer overflow vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to crash service. oval:org.secpod.oval:def:36640 The host is missing an important security update according to Mozilla advisory, MFSA2016-80. The update is required to fix a same-origin policy bypass vulnerability. A flaw is present in the applications, which fail to a handle local HTML file and saved shortcut file. Successful exploitation allows ... oval:org.secpod.oval:def:35550 The host is missing an important security update according to Mozilla advisory, MFSA2016-51. The update is required to fix an use-after-free vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to crash service. oval:org.secpod.oval:def:36639 The host is installed with Mozilla Firefox before 48.0 or Firefox ESR before 45.3 and is prone to a same-origin policy bypass vulnerability. A flaw is present in the applications, which fail to a handle local HTML file and saved shortcut file. Successful exploitation allows remote attackers to bypas ... oval:org.secpod.oval:def:35548 The host is missing an important security update according to Mozilla advisory, MFSA2016-52. The update is required to fix an addressbar spoofing vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to mask the tru ... oval:org.secpod.oval:def:36638 The host is missing an important security update according to Mozilla advisory, MFSA2016-79. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Successful exploitation allows remote attackers to crash the servic ... oval:org.secpod.oval:def:35549 The host is installed with Mozilla Firefox before 47.0 or Firefox ESR 48.x before 48.2 and is prone to an addressbar spoofing vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to mask the true site URL, allowing ... oval:org.secpod.oval:def:36637 The host is installed with Mozilla Firefox before 48.0 or Firefox ESR before 45.3 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:36636 The host is missing an important security update according to Mozilla advisory, MFSA2016-78. The update is required to fix a type confusion vulnerability. A flaw is present in the applications, which fail to properly check bounds. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:36635 The host is installed with Mozilla Firefox before 48.0 or Firefox ESR before 45.3 and is prone to a type confusion vulnerability. A flaw is present in the applications, which fail to properly check bounds. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:36634 The host is missing an important security update according to Mozilla advisory, MFSA2016-77. The update is required to fix a buffer overflow vulnerability. A flaw is present in the applications, which fail to handle malformed video file due to incorrect error handling. Successful exploitation allows ... oval:org.secpod.oval:def:36633 The host is installed with Mozilla Firefox before 48.0 or Firefox ESR before 45.3 and is prone to a buffer overflow vulnerability. A flaw is present in the applications, which fail to handle malformed video file due to incorrect error handling. Successful exploitation allows remote attackers to exec ... oval:org.secpod.oval:def:36632 The host is missing an important security update according to Mozilla advisory, MFSA2016-76. The update is required to fix a cross-site scripting vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Successful exploitation allows remote attackers to execute scr ... oval:org.secpod.oval:def:36631 The host is installed with Mozilla Firefox before 48.0 or Firefox ESR before 45.3 and is prone to a cross-site scripting vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Successful exploitation allows remote attackers to execute scripts on marquee tag in sa ... oval:org.secpod.oval:def:35540 The host is missing an important security update according to Mozilla advisory, MFSA2016-56. The update is required to fix an use-after-free vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to cause potentially ... oval:org.secpod.oval:def:35541 The host is installed with Mozilla Firefox before 47.0 or Firefox ESR 48.x before 48.2 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to cause potentially exploitable crash w ... oval:org.secpod.oval:def:35537 The host is installed with Mozilla Firefox before 47.0 or Firefox ESR 48.x before 48.2 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to escalate permissions, spoofing a ... oval:org.secpod.oval:def:36626 The host is missing an important security update according to Mozilla advisory, MFSA2016-73. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fail to handle a nested sync event. Successful exploitation allows remote attackers to crash the se ... oval:org.secpod.oval:def:36625 The host is installed with Mozilla Firefox before 48.0 or Firefox ESR before 45.3 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to handle a nested sync event. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:35536 The host is missing an important security update according to Mozilla advisory, MFSA2016-58. The update is required to fix a privilege escalation vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to escalate per ... oval:org.secpod.oval:def:36624 The host is missing an important security update according to Mozilla advisory, MFSA2016-72. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fail to handle DTLS objects in memory that are freed while still actively in use during WebRTC sess ... oval:org.secpod.oval:def:37305 The host is missing a critical security update according to Mozilla advisory, MFSA2016-86. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code o ... oval:org.secpod.oval:def:37303 The host is installed with Mozilla Firefox ESR before 45.4 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to properly handle an error in WebSockets during data buffering on incoming packets. Successful exploitation allows remote attackers to exec ... oval:org.secpod.oval:def:37302 The host is installed with Mozilla Firefox ESR before 45.4 or Thunderbird 45.x before 45.4 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle URLs of resources loaded after a navigation started. Successful exploitation allows ... oval:org.secpod.oval:def:37301 The host is installed with Mozilla Firefox before 49.0, Firefox ESR before 45.4 or Thunderbird 45.x before 45.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle crafted data. Successful exploitation allows remote attackers to exe ... oval:org.secpod.oval:def:36623 The host is installed with Mozilla Firefox before 48.0 or Firefox ESR before 45.3 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to handle DTLS objects in memory that are freed while still actively in use during WebRTC session shutdown. Successful ... oval:org.secpod.oval:def:36620 The host is missing an important security update according to Mozilla advisory, MFSA2016-70. The update is required to fix an use-after-free vulnerability. A flaw is present in the application, which fails to handle alt key used in conjunction with toplevel menu items. Successful exploitation allows ... oval:org.secpod.oval:def:36619 The host is installed with Mozilla Firefox before 48.0 or Firefox ESR before 45.3 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to handle alt key used in conjunction with toplevel menu items. Successful exploitation allows remote attackers to cras ... oval:org.secpod.oval:def:36616 The host is missing an important security update according to Mozilla advisory, MFSA2016-67. The update is required to fix a stack underflow vulnerability. A flaw is present in the application, which improperly calculates clipping regions in 2D graphics. Successful exploitation allows remote attacke ... oval:org.secpod.oval:def:36615 The host is installed with Mozilla Firefox before 48.0 or Firefox ESR before 45.3 and is prone to a stack underflow vulnerability. A flaw is present in the applications, which improperly calculate clipping regions in 2D graphics. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:36612 The host is missing an important security update according to Mozilla advisory, MFSA2016-64. The update is required to fix a buffer overflow vulnerability. A flaw is present in the applications, which improperly render SVG format graphics with directional content. Successful exploitation allows remo ... oval:org.secpod.oval:def:36611 The host is installed with Mozilla Firefox before 48.0 or Firefox ESR before 45.3 and is prone to a buffer overflow vulnerability. A flaw is present in the applications, which improperly render SVG format graphics with directional content. Successful exploitation allows remote attackers to crash the ... oval:org.secpod.oval:def:36610 The host is missing an important security update according to Mozilla advisory, MFSA2016-63. The update is required to fix an information disclosure vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Successful exploitation allows remote attackers to disclose ... oval:org.secpod.oval:def:36609 The host is installed with Mozilla Firefox before 48.0 or Firefox ESR before 45.3 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Successful exploitation allows remote attackers to disclose information, such as tra ... oval:org.secpod.oval:def:602813 Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees and other implementation errors may lead to the execution of arbitrary code, ASLR bypass, information disclosure or denial of service. oval:org.secpod.oval:def:38081 The host is installed with Mozilla Firefox before 50.0, Firefox ESR before 45.5 or Thunderbird 45.x before 45.5 and is prone to a memory corruption vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation allows remote attackers to run ... oval:org.secpod.oval:def:38080 The host is installed with Mozilla Firefox before 50.0, Firefox ESR before 45.5 or Thunderbird 45.x before 45.5 and is prone to a unspecified vulnerability. A flaw is present in the applications, which is due to an existing mitigation of timing side-channel attacks is insufficient in some circumstan ... oval:org.secpod.oval:def:38078 The host is installed with Mozilla Firefox before 50.0, Firefox ESR before 45.5 or Thunderbird 45.x before 45.5 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fail to handle large amounts of incoming data. Successful exploitation allows remote attacke ... oval:org.secpod.oval:def:38077 The host is installed with Mozilla Firefox before 50.0 or Firefox ESR before 45.5 and is prone to a man-in-the-middle attack vulnerability. A flaw is present in the applications, which fail to verify that the add-on ID inside the signed package matched the ID of the add-on being updated. Successful ... oval:org.secpod.oval:def:38076 The host is installed with Mozilla Firefox before 50.0, Firefox ESR before 45.5 or Thunderbird 45.x before 45.5 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fail to handle argument length checking in JavaScript. Successful exploitation allows remote ... oval:org.secpod.oval:def:38075 The host is installed with Mozilla Firefox before 50.0, Firefox ESR before 45.5 or Thunderbird 45.x before 45.5 and is prone to a heap-buffer-overflow vulnerability. A flaw is present in the applications, which fail to properly process SVG content. Successful exploitation allows remote attackers to ... oval:org.secpod.oval:def:38079 The host is installed with Mozilla Firefox before 50.0, Firefox ESR before 45.5 or Thunderbird 45.x before 45.5 and is prone to a same-origin policy bypass vulnerability. A flaw is present in the applications, which fail to handle local HTML file and saved shortcut file. Successful exploitation allo ... oval:org.secpod.oval:def:602622 Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows and other implementation errors may lead to the execution of arbitrary code or information disclosure. oval:org.secpod.oval:def:602673 Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows and other implementation errors may lead to the execution of arbitrary code or bypass of the same-origin policy. Also, a man-in-the-middle attack in the addon update mechanism ... oval:org.secpod.oval:def:38094 The host is missing a critical security update according to Mozilla advisory, MFSA2016-90. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code o ... oval:org.secpod.oval:def:53110 Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, buffer overflows and other implementation errors may lead to the execution of arbitrary code, denial of service, bypass of the same-origin policy or incorrect enforcement of CS ... oval:org.secpod.oval:def:602935 Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, buffer overflows and other implementation errors may lead to the execution of arbitrary code, denial of service or domain spoofing. Debian follows the extended support releases ... oval:org.secpod.oval:def:603119 Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, buffer overflows and other implementation errors may lead to the execution of arbitrary code, denial of service, cross-site scripting or bypass of the phishing and malware prot ... oval:org.secpod.oval:def:53186 Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees and other implementation errors may lead to the execution of arbitrary code, denial of service or bypass of the same origin policy. oval:org.secpod.oval:def:1800541 CVE-2017-7753: Out-of-bounds read with cached style data and pseudo-elements CVE-2017-7779: Memory safety bugs CVE-2017-7784: Use-after-free with image observers CVE-2017-7785: Buffer overflow manipulating ARIA attributes in DOM CVE-2017-7786: Buffer overflow while painting non-displayable SVG CVE-2 ... oval:org.secpod.oval:def:603174 Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees and other implementation errors may lead to the execution of arbitrary code, denial of service or bypass of the same origin policy. oval:org.secpod.oval:def:1800537 CVE-2017-7793: Use-after-free with Fetch API CVE-2017-7818: Use-after-free during ARIA array manipulation CVE-2017-7819: Use-after-free while resizing images in design mode CVE-2017-7824: Buffer overflow when drawing and validating elements with ANGLE CVE-2017-7805: Use-after-free in TLS 1.2 generat ... oval:org.secpod.oval:def:53148 Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, buffer overflows and other implementation errors may lead to the execution of arbitrary code, denial of service, cross-site scripting or bypass of the phishing and malware prot ... oval:org.secpod.oval:def:602854 Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, buffer overflows and other implementation errors may lead to the execution of arbitrary code, information disclosure or denial of service. oval:org.secpod.oval:def:603248 Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, integer overflows and other implementation errors may lead to the execution of arbitrary code, denial of service or URL spoofing. oval:org.secpod.oval:def:603043 Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, buffer overflows and other implementation errors may lead to the execution of arbitrary code, denial of service, bypass of the same-origin policy or incorrect enforcement of CS ... oval:org.secpod.oval:def:53235 Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, integer overflows and other implementation errors may lead to the execution of arbitrary code, denial of service or URL spoofing. oval:org.secpod.oval:def:45957 The host is installed with Google Chrome before 67.0.3396.62, Mozilla Firefox before 60.0.2, Firefox-esr before 52.8.1 or 60.0.x before 60.0.2 and is prone to a heap buffer overflow vulnerability. A flaw is present in the application, which failes to properly handle SVG file with anti-aliasing turne ... oval:org.secpod.oval:def:45958 The host is missing a critical security update according to Mozilla advisory, MFSA2018-14. The update is required to fix heap buffer overflow vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation allows attackers to crash an application. oval:org.secpod.oval:def:53347 Ivan Fratric discovered a buffer overflow in the Skia graphics library used by Firefox, which could result in the execution of arbitrary code. oval:org.secpod.oval:def:603317 Richard Zhu and Huzaifa Sidhpurwala discovered that an out-of-bounds memory write when playing Vorbis media files could result in the execution of arbitrary code. oval:org.secpod.oval:def:603312 Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors and other implementation errors may lead to the execution of arbitrary code, denial of service or information disclosure. oval:org.secpod.oval:def:603333 It was discovered that a use-after-free in the compositor of Firefox can result in the execution of arbitrary code. oval:org.secpod.oval:def:53360 Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors and other implementation errors may lead to the execution of arbitrary code, denial of service, cross-site request forgery or information disclosure. oval:org.secpod.oval:def:45516 Mozilla Firefox before 60.0 or Firefox ESR before 52.8 : Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party w ... oval:org.secpod.oval:def:45517 Mozilla Firefox before 60.0 or Firefox ESR before 52.8 : The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. oval:org.secpod.oval:def:44721 Mozilla Firefox ESR before 52.7 or Thunderbird before 52.7 : An integer overflow can occur during conversion of text to some Unicode character sets due to an unchecked length parameter. oval:org.secpod.oval:def:44722 Mozilla Firefox ESR before 52.7 or Thunderbird before 52.7 : Mozilla developers reported memory safety bugs present in Firefox ESR. These bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. oval:org.secpod.oval:def:44733 The host is missing a critical security update according to Mozilla advisory, MFSA2018-07. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code, ... oval:org.secpod.oval:def:44714 Mozilla Firefox before 59.0, Firefox ESR before 52.7 or Thunderbird before 52.7 : Mozilla developers and community members reported memory safety bugs present in Firefox and Firefox ESR. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these ... oval:org.secpod.oval:def:44715 Mozilla Firefox before 59.0, Firefox ESR before 52.7 or Thunderbird before 52.7 : A buffer overflow can occur when manipulating the SVG animatedPathSegList through script. This results in a potentially exploitable crash. oval:org.secpod.oval:def:44716 Mozilla Firefox before 59.0, Firefox ESR before 52.7 or Thunderbird before 52.7 : A lack of parameter validation on IPC messages results in a potential out-of-bounds write through malformed IPC messages. This can potentially allow for sandbox escape through memory corruption in the parent process. oval:org.secpod.oval:def:44717 Mozilla Firefox before 59.0 or Firefox ESR before 52.7 : When packets with a mismatched RTP payload type are sent in WebRTC connections, in some circumstances a potentially exploitable crash is triggered. oval:org.secpod.oval:def:44718 Mozilla Firefox before 59.0 or Firefox ESR before 52.7 : Under certain circumstances the fetch() API can return transient local copies of resources that were sent with a no-store or no-cache cache header instead of downloading a copy from the network as it should. This can result in previously store ... oval:org.secpod.oval:def:603421 Ivan Fratric discovered a buffer overflow in the Skia graphics library used by Firefox, which could result in the execution of arbitrary code. oval:org.secpod.oval:def:46130 The host is missing a critical security update according to Mozilla advisory, MFSA2018-16. The update is required to fix multiple vulnerabilities. A flaw is present in the application, which fails to handle crafted data. Successful exploitation allows attackers to crash an application. oval:org.secpod.oval:def:46136 Mozilla Firefox 61, Mozilla Thunderbird 60.0, Mozilla Firefox ESR 52.9 and 60.1: An integer overflow can occur during graphics operations done by the Supplemental Streaming SIMD Extensions 3 (SSSE3) scaler, resulting in a potentially exploitable crash. oval:org.secpod.oval:def:46135 Mozilla Firefox 61, Mozilla Thunderbird 60.0, Mozilla Firefox ESR 60.1: An integer overflow can occur in the SwizzleData while calculating buffer sizes. The overflowed value is used for subsequent graphics computations when their inputs are not sanitized which results in a potentially exploitable cr ... oval:org.secpod.oval:def:46138 Mozilla Firefox 61, Mozilla Thunderbird 60.0, Mozilla Firefox ESR 52.9 and 60.1: NPAPI plugins, such as Adobe Flash, can send non-simple cross-origin requests, bypassing CORS by making a same-origin POST that does a 307 redirect to the target site. This allows for a malicious site to engage in cross ... oval:org.secpod.oval:def:603440 Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors and other implementation errors may lead to the execution of arbitrary code, denial of service, cross-site request forgery or information disclosure. oval:org.secpod.oval:def:46137 Mozilla Firefox 61, Mozilla Thunderbird 60.0, Mozilla Firefox ESR 52.9 and 60.1: A use-after-free vulnerability can occur when script uses mutation events to move DOM nodes between documents, resulting in the old document that held the node being freed but the node still having a pointer referencing ... oval:org.secpod.oval:def:46131 The host is missing a critical security update according to Mozilla advisory, MFSA2018-17. The update is required to fix multiple vulnerabilities. A flaw is present in the application, which fails to handle crafted data. Successful exploitation allows attackers to crash an application. oval:org.secpod.oval:def:46134 Mozilla Firefox 61, Mozilla Thunderbird 60.0, Mozilla Firefox ESR 52.9 and 60.1: A use-after-free vulnerability can occur when deleting an code input/code element during a mutation event handler triggered by focusing that element. This results in a potentially exploitable crash. oval:org.secpod.oval:def:46133 Mozilla Firefox 61, Mozilla Thunderbird 60.0, Mozilla Firefox ESR 52.9 and 60.1: A buffer overflow can occur when rendering canvas content while adjusting the height and width of the 'canvas' element dynamically, causing data to be written outside of the currently computed boundaries. This results i ... oval:org.secpod.oval:def:46139 Mozilla Firefox 61, Mozilla Thunderbird 60.0, Mozilla Firefox ESR 52.9 and 60.1: A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. This could result in exposure of private local files. oval:org.secpod.oval:def:46141 Mozilla Firefox 61, Mozilla Thunderbird 60.0, Mozilla Firefox ESR 60.1: In the previous mitigations for Spectre, the resolution or precision of various methods was reduced to counteract the ability to measure precise time intervals. In that work, PerformanceNavigationTiming was not adjusted but it w ... oval:org.secpod.oval:def:46140 Mozilla Firefox 61, Mozilla Thunderbird 60.0, Mozilla Firefox ESR 52.9 and 60.1: An invalid grid size during QCMS (color profile) transformations can result in the out-of-bounds read interpreted as a float value. This could leak private data into the output. oval:org.secpod.oval:def:46147 Mozilla Firefox 61, Mozilla Thunderbird 60.0, Mozilla Firefox ESR 60.1: Mozilla developers and community members Christian Holler, Sebastian Hengst, Nils Ohlmeier, Jon Coppeard, Randell Jesup, Ted Campbell, Gary Kwong, and Jean-Yves Avenard reported memory safety bugs present in Firefox 60 and Firef ... oval:org.secpod.oval:def:46148 Mozilla Firefox 61, Mozilla Thunderbird 60.0, Mozilla Firefox ESR 52.9 and 60.1: Mozilla developers and community members Alex Gaynor, Christoph Diehl, Christian Holler, Jason Kratzer, David Major, Jon Coppeard, Nicolas B. Pierron, Jason Kratzer, Marcia Knous, and Ronald Crane reported memory safety ... oval:org.secpod.oval:def:46142 Mozilla Firefox 61 , Mozilla Firefox ESR 60.1: WebExtensions bundled with embedded experiments were not correctly checked for proper authorization. This allowed a malicious WebExtension to gain full browser permissions. oval:org.secpod.oval:def:46145 Mozilla Firefox 61, Mozilla Thunderbird 60.0, Mozilla Firefox ESR 52.9 and 60.1: A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occuring. This can result in stream data being cast to the wrong type causing a potentially exploitable cra ... oval:org.secpod.oval:def:46144 Mozilla Firefox 61, Mozilla Thunderbird 60.0, Mozilla Firefox ESR 60.1 : An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 16 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable ... oval:org.secpod.oval:def:53281 Richard Zhu and Huzaifa Sidhpurwala discovered that an out-of-bounds memory write when playing Vorbis media files could result in the execution of arbitrary code. oval:org.secpod.oval:def:53288 It was discovered that a use-after-free in the compositor of Firefox can result in the execution of arbitrary code. oval:org.secpod.oval:def:69880 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information disclosure. oval:org.secpod.oval:def:44764 Mozilla Firefox before 59.0.1 or Firefox ESR before 52.7.2 : An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. oval:org.secpod.oval:def:44765 The host is missing a critical security update according to Mozilla advisory, MFSA2018-08. The update is required to fix out-of-bound memory write vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to crash the se ... oval:org.secpod.oval:def:44776 Mozilla Firefox before 59.0.2 or Firefox ESR before 52.7.3 : A use-after-free vulnerability can occur in the compositor during certain graphics operations when a raw pointer is used instead of a reference counted one. This results in a potentially exploitable crash. oval:org.secpod.oval:def:44777 The host is missing a important security update according to Mozilla advisory, MFSA2018-10. The update is required to fix use-after-free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:53276 Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors and other implementation errors may lead to the execution of arbitrary code, denial of service or information disclosure. oval:org.secpod.oval:def:603538 Two security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code inside the sandboxed content process. oval:org.secpod.oval:def:53433 Two security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code inside the sandboxed content process. oval:org.secpod.oval:def:53410 Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors and use-after-frees may lead to the execution of arbitrary code or denial of service. Debian follows the extended support releases of Firefox. Support for the 52.x series has ended, so starting ... oval:org.secpod.oval:def:53427 Two security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code and local information disclosure. oval:org.secpod.oval:def:603506 Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors and use-after-frees may lead to the execution of arbitrary code or denial of service. Debian follows the extended support releases of Firefox. Support for the 52.x series has ended, so starting ... oval:org.secpod.oval:def:603529 Two security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code and local information disclosure. oval:org.secpod.oval:def:47382 Mozilla Firefox 62, Mozilla Firefox ESR 60.2, Mozilla Thunderbird 60.2.1 : A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by JavaScript code that is providing payload values to be stored. This results in a potentially exploitable crash. oval:org.secpod.oval:def:47381 Mozilla Firefox 62, Mozilla Firefox ESR 60.2, Mozilla Thunderbird 60.2.1 : A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exploitable crash. oval:org.secpod.oval:def:47380 Mozilla Firefox 62Mozilla Firefox ESR 60.2, Mozilla Thunderbird 60.2.1 : Mozilla developers and community members Alex Gaynor, Boris Zbarsky, Christoph Diehl, Christian Holler, Jason Kratzer, Jed Davis, Tyson Smith, Bogdan Tara, Karl Tomlinson, Mats Palmgren, Nika Layzell, Ted Campbell, and Andrei C ... oval:org.secpod.oval:def:47869 The host is missing a critical security update according to Mozilla advisory, MFSA2018-24. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:47868 Mozilla Firefox 62.0.3, Mozilla Firefox ESR 60.2.2 : A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. oval:org.secpod.oval:def:47870 Mozilla Firefox 62.0.3, Mozilla Firefox ESR 60.2.2 : A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as ... oval:org.secpod.oval:def:53515 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:53538 Mozilla Firefox 66.0.1, Mozilla Firefox ESR 60.6.1 : Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. oval:org.secpod.oval:def:53537 The host is missing a critical security update according to Mozilla advisory, MFSA2019-10. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:53539 Mozilla Firefox 66.0.1, Mozilla Firefox ESR 60.6.1 : Incorrect handling of __proto__ mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. oval:org.secpod.oval:def:603829 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:50462 The host is missing a critical security update according to Mozilla advisory, MFSA2019-02. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:50463 Mozilla Firefox 65, Mozilla Firefox ESR 60.5 and Mozilla Thunderbird 60.5: A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a potentially exploitable crash. oval:org.secpod.oval:def:50464 Mozilla Firefox 64, Mozilla Firefox ESR 60.4 and Mozilla Thunderbird 60.5: Mozilla developers and community members Alex Gaynor, Christoph Diehl, Steven Crane, Jason Kratzer, Gary Kwong, and Christian Holler reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. Some of these bugs s ... oval:org.secpod.oval:def:50468 Mozilla Firefox 65, Mozilla Firefox ESR 60.5 and Mozilla Thunderbird 60.5: An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. This authentication is insuffic ... oval:org.secpod.oval:def:603833 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:53501 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or privilege escalation. oval:org.secpod.oval:def:603618 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or privilege escalation. oval:org.secpod.oval:def:603637 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:603552 Multiple security issues have been found in the Mozilla Firefox web browser, which could result in the execution of arbitrary code, privilege escalation or information disclosure. oval:org.secpod.oval:def:603588 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or bypass of the same-origin policy. oval:org.secpod.oval:def:53446 Multiple security issues have been found in the Mozilla Firefox web browser, which could result in the execution of arbitrary code, privilege escalation or information disclosure. oval:org.secpod.oval:def:53477 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or bypass of the same-origin policy. oval:org.secpod.oval:def:53020 The host is missing a critical security update according to Mozilla advisory, MFSA2019-08. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:53021 Mozilla Firefox 66, Mozilla Firefox ESR 60.6 : Mozilla developers and community members Bob Clary, Chun-Min Chang, Aral Yaman, Andreea Pavel, Jonathan Kew, Gary Kwong, Alex Gaynor, Masayuki Nakano, and Anne van Kesteren reported memory safety bugs present in Firefox 65 and Firefox ESR 60.5. Some of ... oval:org.secpod.oval:def:53024 Mozilla Firefox 66, Mozilla Firefox ESR 60.6 : The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time (JIT) compiler and when the constructor function is entered through on-stack replacem ... oval:org.secpod.oval:def:53023 Mozilla Firefox 66, Mozilla Firefox ESR 60.6 : A use-after-free vulnerability can occur when a raw pointer to a DOM element on a page is obtained using JavaScript and the element is then removed while still in use. This results in a potentially exploitable crash. oval:org.secpod.oval:def:53026 Mozilla Firefox 66, Mozilla Firefox ESR 60.6 : A mechanism was discovered that removes some bounds checking for string, array, or typed array accesses if Spectre mitigations have been disabled. This vulnerability could allow an attacker to create an arbitrary value in compiled JavaScript, for which ... oval:org.secpod.oval:def:53025 Mozilla Firefox 66, Mozilla Firefox ESR 60.6 : The IonMonkey just-in-time (JIT) compiler can leak an internal codeJS_OPTIMIZED_OUT/code magic value to the running script during a bailout. This magic value can then be used by JavaScript to achieve memory corruption, which results in a potentially exp ... oval:org.secpod.oval:def:53028 Mozilla Firefox 66, Mozilla Firefox ESR 60.6 : A use-after-free vulnerability can occur when the SMIL animation controller incorrectly registers with the refresh driver twice when only a single registration is expected. When a registration is later freed with the removal of the animation controller ... oval:org.secpod.oval:def:53027 Mozilla Firefox 66, Mozilla Firefox ESR 60.6 : A vulnerability where type-confusion in the IonMonkey just-in-time (JIT) compiler could potentially be used by malicious JavaScript to trigger a potentially exploitable crash. oval:org.secpod.oval:def:55535 The host is missing a critical security update according to Mozilla advisory, MFSA2019-18. The update is required to fix a type confusion vulnerability. A flaw is present in the application, which fails to handle issues in Array.pop. Successful exploitation allows remote attackers to peform an explo ... oval:org.secpod.oval:def:55534 Mozilla Firefox 65.0.1, Mozilla Firefox ESR 60.5.1, Mozilla Thunderbird 60.7.2: A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. oval:org.secpod.oval:def:603946 Samuel Gross discovered a type confusion bug in the JavaScript engine of the Mozilla Firefox web browser, which could result in the execution of arbitrary code when browsing a malicious website. oval:org.secpod.oval:def:69923 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:69950 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:69936 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, data exfiltration or cross-site scripting. oval:org.secpod.oval:def:69961 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:604804 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:604786 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:59820 Mozilla Firefox 71, Mozilla Firefox ESR 68.3 and Mozilla Thunderbird 68.3: The plain text serializer used a fixed-size array for the number of elements it could process; however it was possible to overflow the static-sized array leading to memory corruption and a potentially exploitable crash. oval:org.secpod.oval:def:59821 Mozilla Firefox 71, Mozilla Firefox ESR 68.3 and Mozilla Thunderbird 68.3: When using nested workers, a use-after-free could occur during worker destruction. This resulted in a potentially exploitable crash. oval:org.secpod.oval:def:59816 The host is missing a high severity security update according to Mozilla advisory, MFSA2019-37. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to crash the browser. oval:org.secpod.oval:def:59817 Mozilla Firefox 71, Mozilla Firefox ESR 68.3 and Mozilla Thunderbird 68.3: When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable ... oval:org.secpod.oval:def:59823 Mozilla Firefox 71, Mozilla Firefox ESR 68.3 and Mozilla Thunderbird 68.3: Under certain conditions, when checking the Resist Fingerprinting preference during device orientation checks, a race condition could have caused a use-after-free and a potentially exploitable crash. oval:org.secpod.oval:def:59824 Mozilla Firefox 71, Mozilla Firefox ESR 68.3 and Mozilla Thunderbird 68.3: Under certain conditions, when retrieving a document from a DocShell in the antitracking code, a race condition could cause a use-after-free condition and a potentially exploitable crash. oval:org.secpod.oval:def:59825 Mozilla Firefox 71, Mozilla Firefox ESR 68.3 and Mozilla Thunderbird 68.3: Mozilla developers Christoph Diehl, Nathan Froyd, Jason Kratzer, Christian Holler, Karl Tomlinson, Tyson Smith reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memo ... oval:org.secpod.oval:def:604834 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information disclosure. oval:org.secpod.oval:def:69858 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information disclosure. oval:org.secpod.oval:def:69847 A security issue was found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:605497 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, privilege escalation or spoofing. oval:org.secpod.oval:def:95196 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:612643 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:95170 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing. oval:org.secpod.oval:def:93319 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing. oval:org.secpod.oval:def:16249 Google security researcher Michal Zalewski reported issues with JPEG format image processing with Start Of Scan (SOS) and Define HuffmanTable (DHT) markers in the libjpeg library. This could allow for the possible reading of arbitrary memory content as well as cross-domain image theft. oval:org.secpod.oval:def:16068 The host is installed with Google Chrome before 31.0.1650.48, Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2 or SeaMonkey before 2.23 and is prone to an information disclosure vulnerability. The flaw is present in get_dht function in jdmarker.c, which fails to pro ... oval:org.secpod.oval:def:16067 The host is installed with Mono Framework before 4.8.1, Google Chrome before 31.0.1650.48, Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2 or SeaMonkey before 2.23 and is prone to an information disclosure vulnerability. The flaw is present in get_sos function in j ... oval:org.secpod.oval:def:95180 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, bypass of the same-origin policy, spoofing or sandbox bypass. oval:org.secpod.oval:def:93982 Mozilla Firefox 119, Mozilla Firefox ESR 115.4, and Thunderbird 115.4.1 : A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks. oval:org.secpod.oval:def:612660 A buffer overflow in parsing WebP images may result in the execution of arbitrary code. oval:org.secpod.oval:def:93050 The host is installed with Google Chrome before 117.0.5938.62, Microsoft Edge before 117.0.2045.31, Mozilla Firefox before 117.0.1, Mozilla Firefox ESR 102.15.1 or 115.0 before 115.2.1, Mozilla Thunderbird 102.15.1 or 115.0 before 115.2.1, Opera Browser before 102.0.4880.51, Skype before 8.105.0.208 ... oval:org.secpod.oval:def:95206 A buffer overflow in parsing WebP images may result in the execution of arbitrary code. oval:org.secpod.oval:def:93355 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:93335 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, spoofing or permission request bypass. oval:org.secpod.oval:def:27020 The host is missing a security update according to Mozilla advisory, MFSA 2015-96. The update is required to fix multiple unspecified vulnerabilities. The flaws are present in the application, which fails to properly handle unknown vectors. Successful exploitation could allow attackers to crash the ... oval:org.secpod.oval:def:27019 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to properly handle unknown vectors. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:27010 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to a buffer overflow vulnerability. A flaw is present in the applications, which fail to properly handle a crafted VP9 file. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:27011 The host is missing a security update according to Mozilla advisory, MFSA 2015-101. The update is required to fix a buffer overflow vulnerability. A flaw is present in the applications, which fail to properly handle a crafted VP9 file. Successful exploitation could allow attackers to execute arbitra ... oval:org.secpod.oval:def:27005 The host is missing a critical security update according to Mozilla advisory, MFSA 2015-106. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fail to properly handle crafted JavaScript code that modifies the URI table of a media element. Suc ... oval:org.secpod.oval:def:27004 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to properly handle crafted JavaScript code that modifies the URI table of a media element. Successful exploitation ... oval:org.secpod.oval:def:27001 The host is missing an important security update according to Mozilla advisory, MFSA 2015-105. The update is required to fix a heap-based buffer overflow vulnerability. A flaw is present in the applications, which fail to properly handle a crafted header in a WebM video. Successful exploitation coul ... oval:org.secpod.oval:def:27000 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the applications, which fail to properly handle a crafted header in a WebM video. Successful exploitation could allow attackers to e ... oval:org.secpod.oval:def:33510 The host is missing an important security update according to Mozilla advisory, MFSA2016-17. The update is required to fix denial of service vulnerability. A flaw is present in the applications, which fails to prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report. ... oval:org.secpod.oval:def:33504 The host is installed with Mozilla Firefox before 45.0, Thunderbird 38.x before 38.7 or Firefox ESR 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox, which fails to prev ... oval:org.secpod.oval:def:33507 The host is installed with Apple Mac OS X or Server 10.11.x before 10.11.4 or Mozilla Firefox before 45.0, Firefox Thunderbird or Firefox ESR 38.x before 38.7 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the Mozilla Network Security Services (NSS), which fails to ... oval:org.secpod.oval:def:33506 The host is installed with Mozilla Firefox before 45.0,Mozilla Thunderbird 38.x before 38.7 or Firefox ESR 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the browser engine in Mozilla Firefox, which fails to handle via unknown vectors. Successful exploitatio ... oval:org.secpod.oval:def:33502 The host is installed with Mozilla Firefox before 45.0, Mozilla Thunderbird 38.x before 38.7 or Firefox ESR 38.x before 38.7 and is prone to a memory consumption vulnerability. A flaw is present in the libstagefright in Mozilla Firefox, which fails to handle an MPEG-4 file that triggers a delete ope ... oval:org.secpod.oval:def:33509 The host is missing an important security update according to Mozilla advisory, MFSA2016-16. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fails to handle via unknown vectors. Successful exploitation allows remote attackers to cause a denial ... oval:org.secpod.oval:def:602531 Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows and other implementation errors may lead to the execution of arbitrary code or spoofing. Wait, Firefox? No more references to Iceweasel? That"s right, Debian no longer applies ... oval:org.secpod.oval:def:34228 The host is installed with Mozilla Firefox ESR 38.x before 38.8, Mozilla Firefox before 46.0, Mozilla Thunderbird 38.x before 38.8 or 45.x before 45.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle unknown vectors. Successful exploitati ... oval:org.secpod.oval:def:34229 The host is missing an important security update according to Mozilla advisory, MFSA2016-39. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation allows remote attackers to e ... oval:org.secpod.oval:def:34226 The host is installed with Mozilla Firefox before 46.0 or Firefox ESR 45.x before 45.1 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Successful exploitation allows remote attackers to execute arbitrary code or crash th ... oval:org.secpod.oval:def:35555 The host is installed with Mozilla Firefox before 47.0, Mozilla Thunderbird 8.x before 48.2 or Firefox ESR 48.x before 48.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers t ... oval:org.secpod.oval:def:34225 The host is installed with Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, 45.x before 45.1 Mozilla Firefox before 46.0, Mozilla Thunderbird 38.x before 38.8 or 45.x before 45.1 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle ... oval:org.secpod.oval:def:35554 The host is missing a critical security update according to Mozilla advisory, MFSA2016-49. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to run ... oval:org.secpod.oval:def:32464 The host is missing an important security update according to Mozilla advisory, MFSA2015-145. The update is required to fix an information disclosure vulnerability. A flaw is present in the applications, which fail to handle a crafted WebRTC RTP packet. Successful exploitation allows remote attacker ... oval:org.secpod.oval:def:32459 The host is missing a security update according to Mozilla advisory, MFSA2015-139. The update is required to fix an integer overflow vulnerability. A flaw is present in the applications, which fail to handle large texture allocation. Successful exploitation allows remote attackers to execute arbitra ... oval:org.secpod.oval:def:32452 The host is installed with Mozilla Firefox before 43.0, Firefox ESR 38.x before 38.5 or Thunderbird 38.x before 38.5 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fails to handle a crafted MP4 video file that triggers a buffer overflow. Successful ex ... oval:org.secpod.oval:def:32454 The host is missing a security update according to Mozilla advisory, MFSA2015-134. The update is required to fix multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation could allow remote attackers to cause a deni ... oval:org.secpod.oval:def:32453 The host is missing an important security update according to Mozilla advisory, MFSA2015-146. The update is required to fix an integer overflow vulnerability. A flaw is present in the applications, which fails to handle a crafted MP4 video file that triggers a buffer overflow. Successful exploitatio ... oval:org.secpod.oval:def:33526 The host is missing an important security update according to Mozilla advisory, MFSA2016-35. The update is required to fix a heap-based buffer overflow vulnerability. A flaw is present in the Mozilla Network Security Services (NSS), which fails to handle crafted ASN.1 data in an X.509 certificate. S ... oval:org.secpod.oval:def:33528 The host is missing an important security update according to Mozilla advisory, MFSA2016-37. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fails to handle a crafted graphite smart font. Successful exploitation allows remote attackers to caus ... oval:org.secpod.oval:def:33523 The host is missing an important security update according to Mozilla advisory, MFSA2016-31. The update is required to fix a denial of service vulnerability. A flaw is present in the applications, which fails to handle a crafted NPAPI plugin. Successful exploitation allows remote attackers to execut ... oval:org.secpod.oval:def:33525 The host is missing an important security update according to Mozilla advisory, MFSA2016-34. The update is required to fix a denial of service vulnerability. A flaw is present in the applications, which fails to handle a crafted Unicode data in an HTML, XML, or SVG document. Successful exploitation ... oval:org.secpod.oval:def:33516 The host is missing an important security update according to Mozilla advisory, MFSA2016-24. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fails to handle a root element, aka ZDI-CAN-3574. Successful exploitation allows remote attackers t ... oval:org.secpod.oval:def:33515 The host is missing an important security update according to Mozilla advisory, MFSA2016-23. The update is required to fix a denial of service vulnerability. A flaw is present in the applications, which fails to handle end tags, as demonstrated by incorrect SVG processing, aka ZDI-CAN-3545. Successf ... oval:org.secpod.oval:def:33512 The host is missing an important security update according to Mozilla advisory, MFSA2016-20. The update is required to fix denial of service vulnerability. A flaw is present in the applications, which fails to handle an MPEG-4 file that triggers a delete operation on an array. Successful exploitatio ... oval:org.secpod.oval:def:33519 The host is missing an important security update according to Mozilla advisory, MFSA2016-27. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fails to handle XML transformations. Successful exploitation allows remote attackers to execute arb ... oval:org.secpod.oval:def:36608 The host is missing an important security update according to Mozilla advisory, MFSA2016-62. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation allows remote attackers to e ... oval:org.secpod.oval:def:36607 The host is installed with Mozilla Firefox before 48.0, Mozilla Thunderbird 45.x before 45.3 or Firefox ESR before 45.3 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Successful exploitation allows remote attackers to r ... oval:org.secpod.oval:def:32485 The host is installed with Mozilla Firefox before 43.0, Firefox ESR 38.x before 38.5 or Thunderbird 38.x before 38.5 and is prone to multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation allows remote attackers ... oval:org.secpod.oval:def:32484 The host is installed with Mozilla Firefox before 43.0, Firefox ESR 38.x before 38.5 or Thunderbird 38.x before 38.5 and is prone to multiple unspecified vulnerabilities. The flaws are present in the application, which fails to handle unknown vectors. Successful exploitation allows remote attackers ... oval:org.secpod.oval:def:32481 The host is installed with Mozilla Firefox before 43.0, Firefox ESR 38.x before 38.5 or Thunderbird 38.x before 38.5 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fail to handle a crafted WebRTC RTP packet. Successful exploitation allows remote ... oval:org.secpod.oval:def:32476 The host is installed with Mozilla Firefox before 43.0, Firefox ESR 38.x before 38.5 or Thunderbird 38.x before 38.5 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fail to handle large texture allocation. Successful exploitation allows remote attacker ... oval:org.secpod.oval:def:32475 The host is installed with Mozilla Firefox before 43.0, Firefox ESR 38.x before 38.5 or Thunderbird 38.x before 38.5 and is prone to a same origin policy bypass vulnerability. A flaw is present in the applications, which fail to handle data: and view-source: URIs. Successful exploitation allows remo ... oval:org.secpod.oval:def:32467 The host is missing a critical security update according to Mozilla advisory, MFSA2015-149. The update is required to fix a same origin policy bypass vulnerability. A flaw is present in the applications, which fail to handle data: and view-source: URIs. Successful exploitation allows remote attacker ... oval:org.secpod.oval:def:32970 The host is installed with Mozilla Firefox before 43.0, Mozilla Thunderbird 38.x before 38.6 or Firefox ESR 38.x before 38.6.1 and is prone to a denial of service vulnerability. A flaw is present in the applications, which fail to handle a crafted graphite smart font. Successful exploitation allows ... oval:org.secpod.oval:def:32969 The host is missing an important security update according to Mozilla advisory, MFSA2016-14. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a crafted graphite smart font. Successful exploitation allows remote attackers to cause ... oval:org.secpod.oval:def:31623 The host is installed with Mozilla Firefox before 42.0 or Firefox ESR 38.x before 38.4 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the applications, which fail to properly handle crafted OCTET STRING data. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:31624 The host is installed with Mozilla Firefox before 42.0 or Firefox ESR 38.x before 38.4 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle unspecified vectors. Successful exploitation could allow attackers to execute arbitrary code ... oval:org.secpod.oval:def:31625 The host is missing a critical security update according to Mozilla advisory, MFSA2015-133. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the applications, which fail to properly handle unspecified vectors. Successful exploitation could allow atta ... oval:org.secpod.oval:def:31622 The host is installed with Mozilla Firefox before 42.0 or Firefox ESR 38.x before 38.4 and is prone to a denial of service vulnerability. A flaw is present in the applications, which fail to properly handle crafted OCTET STRING data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:31612 The host is installed with Mozilla Firefox before 42.0 or Firefox ESR 38.x before 38.4 and is prone to a buffer underflow vulnerability. A flaw is present in the applications, which fail to properly handle a crafted ZIP archive. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:31613 The host is missing an important security update according to Mozilla advisory, MFSA2015-128. The update is required to fix a buffer underflow vulnerability. A flaw is present in the applications, which fail to properly handle a crafted ZIP archive. Successful exploitation could allow attackers to c ... oval:org.secpod.oval:def:31614 The host is installed with Mozilla Firefox before 42.0 or Firefox ESR 38.x before 38.4 and is prone to a same origin policy bypass vulnerability. A flaw is present in the applications, which fail to properly follow the CORS cross-origin request algorithm for the POST method in situations involving a ... oval:org.secpod.oval:def:31615 The host is missing an important security update according to Mozilla advisory, MFSA2015-127. The update is reqiored to fix a same origin policy bypass vulnerability. A flaw is present in the applications, which fail to properly follow the CORS cross-origin request algorithm for the POST method in s ... oval:org.secpod.oval:def:31616 The host is installed with Mozilla Firefox before 42.0 or Firefox ESR 38.x before 38.4 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the applications, which fail to properly handle vectors involving a CANVAS element and crafted JavaScript code. Successful exploitat ... oval:org.secpod.oval:def:31617 The host is missing an important security update according to Mozilla advisory, MFSA2015-123. The update is required to fix a heap-based buffer overflow vulnerability. A flaw is present in the applications, which fail to properly handle vectors involving a CANVAS element and crafted JavaScript code. ... oval:org.secpod.oval:def:31618 The host is installed with Mozilla Firefox before 42.0 or Firefox ESR 38.x before 38.4 and is prone to a cross site scripting vulnerability. A flaw is present in the applications, which fail to properly handle whitepsace characters in an IP address string. Successful exploitation could allow remote ... oval:org.secpod.oval:def:31619 The host is missing a security update according to Mozilla advisory, MFSA2015-122. The update is required to fix a cross site scripting vulnerability. A flaw is present in the applications, which fail to properly handle whitepsace characters in an IP address string. Successful exploitation could all ... oval:org.secpod.oval:def:26468 The host is installed with Mozilla Firefox before 40.0 or Firefox ESR 38.x before 38.2 and is prone to multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to properly handle unknown vectors. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:26457 The host is missing an important security update according to Mozilla advisory, MFSA2015-85. The update is required to fix an out-of-bounds write vulnerability. A flaw is present in the applications, which fail to properly handle a crafted name of a Mozilla Archive (aka MAR) file. Successful exploit ... oval:org.secpod.oval:def:26456 The host is installed with Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2 or Thunderbird 38.x before 38.2 and is prone to an out-of-bounds write vulnerability. A flaw is present in the applications, which fail to properly handle a crafted name of a Mozilla Archive (aka MAR) file. Successf ... oval:org.secpod.oval:def:26459 The host is missing an important security update according to Mozilla advisory, MFSA2015-84. The update is required to fix a race condition vulnerability. A flaw is present in the applications, which fail to properly handle vectors involving a hard link to a log file during an update. Successful exp ... oval:org.secpod.oval:def:26458 The host is installed with Mozilla Firefox before 40, Firefox ESR 38.x before 38.2 or Thunderbird 38.x before 38.2 and is prone to a race condition vulnerability. A flaw is present in the applications, which fail to properly handle vectors involving a hard link to a log file during an update. Succes ... oval:org.secpod.oval:def:26446 The host is missing an important security update according to Mozilla advisory, MFSA2015-90. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the applications, which fail to properly handle crafted data. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:26445 The host is installed with Mozilla Firefox before 40.0 or Firefox ESR 38.x before 38.2 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:26448 The host is installed with Mozilla Firefox before 40.0 or Firefox ESR 38.x before 38.2 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle unknown vectors. Successful exploitation could allow attackers to have an unspecified impact. oval:org.secpod.oval:def:26447 The host is installed with Mozilla Firefox before 40.0 or Firefox ESR 38.x before 38.2 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to properly handle crafted data. Successful exploitation could allow attackers to have an unspecified impact. oval:org.secpod.oval:def:31602 The host is installed with Mozilla Firefox before 42.0 or Firefox ESR 38.x before 38.4 and is prone to an unspecified vulnerability. A flaw is present in the applications, which fail to properly handle vectors related to a cryptographic key. Successful exploitation could allow attackers to have an u ... oval:org.secpod.oval:def:31603 The host is installed with Mozilla Firefox before 42.0 or Firefox ESR 38.x before 38.4 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle a crafted SVG document. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:31604 The host is installed with Mozilla Firefox before 42.0 or Firefox ESR 38.x before 38.4 and is prone to a buffer overflow vulnerability. A flaw is present in the applications, which fail to properly handle crafted texture data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:31605 The host is missing a critical security update according to Mozilla advisory, MFSA2015-131. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle vectors related to a cryptographic key. Successful exploitation could allow att ... oval:org.secpod.oval:def:31606 The host is installed with Mozilla Firefox before 42.0 or Firefox ESR 38.x before 38.4 and is prone to a mixed-content restriction bypass vulnerability. A flaw is present in the applications, which fail to properly handle crafted JavaScript code. Successful exploitation could allow attackers to bypa ... oval:org.secpod.oval:def:31607 The host is missing a security update according to Mozilla advisory, MFSA2015-132. The update is required to fix a mixed-content restriction bypass vulnerability. A flaw is present in the applications, which fail to properly handle crafted JavaScript code. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:26470 The host is missing a critical security update according to Mozilla advisory, MFSA2015-79. The update is required to fix multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to properly handle unknown vectors. Successful exploitation allows remote attackers to ... oval:org.secpod.oval:def:26987 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which misinterprets the return value of a function call. Successful exploitation could allow attackers to crash the service ... oval:org.secpod.oval:def:33499 The host is installed with Mozilla Firefox before 45.0,Mozilla Thunderbird 38.x before 38.7 or Firefox ESR 38.x before 38.7 and is prone to an integer underflow vulnerability. A flaw is present in the nsHtml5TreeBuilder class in Mozilla Firefox, which fails to handle end tags, as demonstrated by inc ... oval:org.secpod.oval:def:33498 The host is installed with Mozilla Firefox before 45.0, Mozilla Thunderbird 38.x before 38.7 or Firefox ESR 38.x before 38.7 and is prone to an use-after-free vulnerability. A flaw is present in the nsHTMLDocument::SetBody function in dom/html/nsHTMLDocument.cpp, which fails to handle a root element ... oval:org.secpod.oval:def:33493 The host is installed with Mozilla Firefox before 45.0, Mozilla Thunderbird 38.x before 38.7 or Firefox ESR 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRuntime.cpp in Mozilla Firefox, whi ... oval:org.secpod.oval:def:33495 The host is installed with Mozilla Firefox before 45.0, Mozilla Thunderbird 38.x before 38.7 or Firefox ESR 38.x before 38.7 and is prone to an use-after-free vulnerability. A flaw is present in the AtomicBaseIncDec function in Mozilla Firefox, which fails to handle XML transformations. Successful e ... oval:org.secpod.oval:def:33480 The host is installed with Mozilla Firefox before 45.0, Mozilla Thunderbird 38.x before 38.7 or Firefox ESR 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite, which fails to handle a craft ... oval:org.secpod.oval:def:33488 The host is installed with Mozilla Firefox before 45.0, Mozilla Thunderbird 38.x before 38.7 or Firefox ESR 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the nsScannerString::AppendUnicodeTo function in Mozilla Firefox, which fails to handle a crafted Unico ... oval:org.secpod.oval:def:33487 The host is installed with Mozilla Firefox before 45.0, Mozilla Thunderbird 38.x before 38.7 or Firefox ESR 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the Machine::Code::decoder::analysis::set_ref function in Graphite, which fails to handle a crafted gra ... oval:org.secpod.oval:def:33482 The host is installed with Mozilla Firefox before 45.0, Mozilla Thunderbird 38.x before 38.7 or Firefox ESR 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the graphite2::Slot::getAttr function in Slot.cpp in Graphite, which fails to handle a crafted graphite ... oval:org.secpod.oval:def:33481 The host is installed with Mozilla Firefox before 45.0, Mozilla Thunderbird 38.x before 38.7 or Firefox ESR 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the CachedCmap.cpp in Graphite, which fails to handle a crafted graphite smart font. Successful exploit ... oval:org.secpod.oval:def:33484 The host is installed with Mozilla Firefox before 45.0, Mozilla Thunderbird 38.x before 38.7 or Firefox ESR 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the graphite2::TtfUtil::GetTableInfo function in Graphite, which fails to handle a crafted graphite sma ... oval:org.secpod.oval:def:33483 The host is installed with Mozilla Firefox before 45.0, Mozilla Thunderbird 38.x before 38.7 or Firefox ESR 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the graphite2::GlyphCache::glyph function in Graphite, which fails to handle a crafted graphite smart f ... oval:org.secpod.oval:def:33479 The host is installed with Mozilla Firefox before 45.0, Mozilla Thunderbird 38.x before 38.7 or Firefox ESR 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the graphite2::FileFace::get_table_fn function in Graphite, which fails to handle a crafted graphite sm ... oval:org.secpod.oval:def:33478 The host is installed with Mozilla Firefox before 45.0, Mozilla Thunderbird 38.x before 38.7 or Firefox ESR 38.x before 38.7 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the graphite2::vm::Machine::Code::Code function in Graphite, which fails to handle a crafted g ... oval:org.secpod.oval:def:602580 Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows and other implementation errors may lead to the execution of arbitrary code, cross-site scriping, information disclosure and bypass of the same-origin policy. oval:org.secpod.oval:def:26989 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle unknown vectors. Successful exploitation could allow attackers to execute arbitrary code or c ... oval:org.secpod.oval:def:26988 The host is missing an important security update according to Mozilla advisory, MFSA 2015-112. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the applications, which fail to properly handle unknown vectors. Successful exploitation could allow attac ... oval:org.secpod.oval:def:26992 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle unknown vectors. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:26991 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle unknown vectors. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:26994 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle unknown vectors. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:26993 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle unknown vectors. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:26996 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to a security bypass vulnerability. A flaw is present in the applications, which fail to properly handle crafted JavaScript code that executes after a drag-and-drop action of an image into a TEXTBOX e ... oval:org.secpod.oval:def:26995 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to a CORS preflight protection mechanism bypass vulnerability. A flaw is present in the applications, which fail to properly handle duplicate cache-key generation or retrieval of a value from an incor ... oval:org.secpod.oval:def:26997 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle unknown vectors. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:26990 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the applications, which fail to properly handle an incorrect argument to the sscanf function. Successful exploitation could allow a ... oval:org.secpod.oval:def:32566 The host is missing an important security update according to Mozilla advisory, MFSA2015-150. The update is required to fix a server spoofing vulnerability. A flaw is present in the applications, which fail to handle MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffi ... oval:org.secpod.oval:def:32567 The host is installed with Mozilla Firefox before 43.0.2, Mozilla Thunderbird 38.x before 38.6 or Firefox ESR 38.x before 38.5.2 and is prone to a server spoofing vulnerability. A flaw is present in the applications, which fail to handle MD5 signatures in Server Key Exchange messages in TLS 1.2 Hand ... oval:org.secpod.oval:def:33475 The host is installed with Mozilla Firefox before 45.0, Mozilla Thunderbird 38.x before 38.7 or Firefox ESR 38.x before 38.7 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the graphite2::Slot::setAttr function in Graphite, which fails to handle a crafted graphite sm ... oval:org.secpod.oval:def:33474 The host is installed with Mozilla Firefox before 45.0, Mozilla Thunderbird 38.x before 38.7 or Firefox ESR 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the graphite2::Slot::getAttr function in Slot.cpp function in Graphite, which fails to handle a crafted ... oval:org.secpod.oval:def:33477 The host is installed with Mozilla Firefox before 45.0, Mozilla Thunderbird 38.x before 38.7 or Firefox ESR 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite, which fails to handle a crafted grap ... oval:org.secpod.oval:def:33476 The host is installed with Mozilla Firefox before 45.0, Mozilla Thunderbird 38.x before 38.7 or Firefox ESR 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the graphite2::GlyphCache::Loader::Loader function in Graphite, which fails to handle a crafted graphit ... oval:org.secpod.oval:def:33473 The host is installed with Mozilla Firefox before 45.0, Mozilla Thunderbird 38.x before 38.7 or Firefox ESR 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp function in Graphite, which fails ... oval:org.secpod.oval:def:33472 The host is installed with Mozilla Firefox before 45.0, Mozilla Thunderbird 38.x before 38.7 or Firefox ESR 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphite, which fails to handle a crafte ... oval:org.secpod.oval:def:96934 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, sandbox escape or clickjacking. oval:org.secpod.oval:def:612874 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, sandbox escape or clickjacking. oval:org.secpod.oval:def:88325 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or spoofing. Debian follows the extended support releases of Firefox. Support for the 78.x series has ended, so starting with this u ... oval:org.secpod.oval:def:62294 Mozilla Firefox 74.0.1, Mozilla Firefox ESR 68.6.1 and Mozilla Thunderbird 68.7 : Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. oval:org.secpod.oval:def:62293 The host is missing a critical severity security update according to Mozilla advisory, MFSA2020-11. The update is required to fix use-after-free vulnerabilities. The flaws are present in the application, which fails to handle ReadableStream or running the nsDocShell destructor. Successful exploitati ... oval:org.secpod.oval:def:62697 Two security issues have been found in the Mozilla Firefox web browser, which could result in the execution of arbitrary code. oval:org.secpod.oval:def:604801 Two security issues have been found in the Mozilla Firefox web browser, which could result in the execution of arbitrary code. oval:org.secpod.oval:def:25609 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8, 38.x before 38.1, Thunderbird before 31.8 or 38.x before 38.1 or Apple Mac OS X or Server 10.10.x through 10.10.3 and is prone to a logjam attack vulnerability. A flaw is present in the applications, which fail to ... oval:org.secpod.oval:def:25610 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-70. The update is required to fix a logjam attack vulnerability. A flaw is present in the applications, which fail to handle a weak key. Successful exploitation could allow man-in-the-middle (MITM) attackers to f ... oval:org.secpod.oval:def:95218 A buffer overflow in VP8 media stream processing has been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:95216 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code Debian follows the extended support releases of Firefox. Support for the 102.x series has ended, so starting with this update we"re now following the 115.x ... oval:org.secpod.oval:def:612684 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code Debian follows the extended support releases of Firefox. Support for the 102.x series has ended, so starting with this update we"re now following the 115.x ... oval:org.secpod.oval:def:612686 A buffer overflow in VP8 media stream processing has been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:95242 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, clickjacking, spoofing or information leaks. oval:org.secpod.oval:def:93977 Mozilla Firefox 119, Mozilla Firefox ESR 115.4, and Thunderbird 115.4.1 : It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient activation-delay. oval:org.secpod.oval:def:93976 The host is missing a high severity security update according to the Mozilla advisory MFSA2023-46 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation could lead to a potentially exploitable cr ... oval:org.secpod.oval:def:93987 Mozilla Firefox ESR 115.4, and Thunderbird 115.4.1 : An attacker could have created a malicious link using bidirectional characters to spoof the location in the address bar when visited. oval:org.secpod.oval:def:93980 Mozilla Firefox 119, Mozilla Firefox ESR 115.4, and Thunderbird 115.4.1 : Drivers are not always robust to extremely large draw calls and in some cases this scenario could have led to a crash. oval:org.secpod.oval:def:93981 Mozilla Firefox 119, Mozilla Firefox ESR 115.4, and Thunderbird 115.4.1 : A malicious installed WebExtension could open arbitrary URLs, which under the right circumstance could be leveraged to collect sensitive user data. oval:org.secpod.oval:def:93985 Mozilla Firefox 119, Mozilla Firefox ESR 115.4, and Thunderbird 115.4.1 : Memory safety bugs present in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run ... oval:org.secpod.oval:def:93983 Mozilla Firefox 119, Mozilla Firefox ESR 115.4, and Thunderbird 115.4.1 : During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash. oval:org.secpod.oval:def:66291 The host is missing a high severity security update according to Mozilla advisory, MFSA2020-46. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple vectors. Successful exploitation can cause multiple impacts. oval:org.secpod.oval:def:66293 Mozilla Firefox 82, Mozilla Firefox ESR 78.4 and Mozilla Thunderbid 78.4, Google Chrome before 86.0.4240.75 or Microsoft Edge Chromium before 86.0.622.38, Apple MacOS 11 before 11.1, Safari before 14.0.2 on Apple Mac OS X 10.14.6 or 10.15.6: A use-after-free bug in the usersctp library was reported ... oval:org.secpod.oval:def:66298 Mozilla Firefox 82, Mozilla Firefox ESR 78.4 and Mozilla Thunderbid 78.4: Mozilla developers and community members Simon Giesecke, Christian Holler, Philipp, and Jason Kratzer reported memory safety bugs present in Firefox 81 and Firefox ESR 78.3. Some of these bugs showed evidence of memory corrupt ... oval:org.secpod.oval:def:69818 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or an information leak. oval:org.secpod.oval:def:69833 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or CSS sanitiser bypass. oval:org.secpod.oval:def:55003 Mozilla Firefox ESR 60.7 : An out-of-bounds read can occur in the Skia library during path transformations. This could result in the exposure of data stored in memory. oval:org.secpod.oval:def:20624 Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger cer ... oval:org.secpod.oval:def:20620 Security researchers Tyson Smith and Jesse Schwartzentruber used the Address Sanitizer tool while fuzzing to discover a use-after-free error resulting in a crash. This is a result of a pair of NSSCertificate structures being added to a trust domain and then one of them is removed while they are s ... oval:org.secpod.oval:def:16749 Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict public values in Diffie-Hellman key exchanges, which makes it easier for remote ... oval:org.secpod.oval:def:16748 Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service (use-after-free) or possib ... oval:org.secpod.oval:def:16730 Security researcher Arthur Gerkis , via TippingPoint"s Zero Day Initiative, reported a use-after-free during image processing from sites with specific content types in concert with the imgRequestProxy function. This causes a potentially exploitable crash. oval:org.secpod.oval:def:16731 Security researcher Masato Kinugawa reported a cross-origin information leak through web workers" error messages. This violates same-origin policy and the leaked information could potentially be used to gather authentication tokens and other data from third-party websites. oval:org.secpod.oval:def:16734 Mozilla developer Brian Smith and security researchers Antoine Delignat-Lavaud and Karthikeyan Bhargavan of the Prosecco research team at INRIA Paris reported issues with ticket handling in the Network Security Services (NSS) libraries. These have been addressed in the NSS 3.15.4 release, shipping o ... oval:org.secpod.oval:def:16735 Mozilla developer Boris Zbarsky reported an inconsistency with the different JavaScript engines in how JavaScript native getters on window objects are handled by these engines. This inconsistency can lead to different behaviors in JavaScript code, allowing for a potential security issue with window ... oval:org.secpod.oval:def:16727 Fredrik "Flonka" Lnnqvist discovered an issue with image decoding in RasterImage caused by continued use of discarded images. This could allow for the writing to unowned memory and a potentially exploitable crash. oval:org.secpod.oval:def:16725 Security researcher Cody Crews reported a method to bypass System Only Wrappers (SOW) by using XML Binding Language (XBL) content scopes to clone protected XUL elements. This could be used to clone anonymous nodes, making trusted XUL content web accessible. oval:org.secpod.oval:def:16741 RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted im ... oval:org.secpod.oval:def:16740 Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines. oval:org.secpod.oval:def:16745 The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages. oval:org.secpod.oval:def:16744 Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data. oval:org.secpod.oval:def:16738 The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involvin ... oval:org.secpod.oval:def:16736 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code ... oval:org.secpod.oval:def:16724 Mozilla developers and community identified identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least som ... oval:org.secpod.oval:def:4668 The host is installed with Apple Mac OS X 10.5.8, 10.6 before 10.6.5 or Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610 and is prone to an URL parsing vulnerability. A flaw is present in the application, which fails to handle unspecified vectors related to ... oval:org.secpod.oval:def:98202 Mozilla Firefox 123, Mozilla Firefox ESR 115.8, Mozilla Thunderbird 115.8 : A malicious website could have used a combination of exiting fullscreen mode and requestPointerLock to cause the user's mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently grantin ... oval:org.secpod.oval:def:98203 Mozilla Firefox 123, Mozilla Firefox ESR 115.8, Mozilla Thunderbird 115.8 : Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cooki ... oval:org.secpod.oval:def:98204 Mozilla Firefox 123, Mozilla Firefox ESR 115.8, Mozilla Thunderbird 115.8 : Memory safety bugs present in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to r ... oval:org.secpod.oval:def:98200 Mozilla Firefox 123, Mozilla Firefox ESR 115.8, Mozilla Thunderbird 115.8 : A website could have obscured the fullscreen notification by using a dropdown select input element. This could have led to user confusion and possible spoofing attacks. oval:org.secpod.oval:def:98201 Mozilla Firefox 123, Mozilla Firefox ESR 115.8, Mozilla Thunderbird 115.8 : If a website set a large custom cursor, portions of the cursor could have overlapped with the permission dialog, potentially resulting in user confusion and unexpected granted permissions. oval:org.secpod.oval:def:98198 Mozilla Firefox 123, Mozilla Firefox ESR 115.8, Mozilla Thunderbird 115.8 : When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read. oval:org.secpod.oval:def:98199 Mozilla Firefox 123, Mozilla Firefox ESR 115.8, Mozilla Thunderbird 115.8 : Through a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website (with the victim website's URL shown). oval:org.secpod.oval:def:98196 The host is missing a high severity security update according to the Mozilla advisory MFSA2024-06 and is prone to multiple vulnerabilities. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could lead to a potentially exploitable crash. oval:org.secpod.oval:def:97100 Mozilla Firefox 122, Mozilla Firefox ESR 115.7 or Mozilla Thunderbird 115.7 : A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. oval:org.secpod.oval:def:97101 Mozilla Firefox 122, Mozilla Firefox ESR 115.7 or Mozilla Thunderbird 115.7 : A phishing site could have repurposed an code about code dialog to show phishing content with an incorrect origin in the address bar. oval:org.secpod.oval:def:97106 Mozilla Firefox 122, Mozilla Firefox ESR 115.7 or Mozilla Thunderbird 115.7 : Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to ... oval:org.secpod.oval:def:97107 Mozilla Firefox 122, Mozilla Firefox ESR 115.7 or Mozilla Thunderbird 115.7 : In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain. oval:org.secpod.oval:def:97108 Mozilla Firefox 122, Mozilla Firefox ESR 115.7 or Mozilla Thunderbird 115.7 : A malicious devtools extension could have been used to escalate privileges. oval:org.secpod.oval:def:97105 Mozilla Firefox 122, Mozilla Firefox ESR 115.7, Mozilla Thunderbird 115.7 : When a parent page loaded a child in an iframe with code unsafe-inline code, the parent Content Security Policy could have overridden the child Content Security Policy. oval:org.secpod.oval:def:97873 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, phishing, clickjacking, privilege escalation, HSTS bypass or bypass of content security policies. oval:org.secpod.oval:def:97094 The host is missing a high severity security update according to the Mozilla advisory MFSA2024-02 and is prone to multiple vulnerabilities. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could lead to a potentially exploitable crash. oval:org.secpod.oval:def:97095 Mozilla Firefox 122, Mozilla Firefox ESR 115.7 or Mozilla Thunderbird 115.7 : It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load. oval:org.secpod.oval:def:97096 Mozilla Firefox 122, Mozilla Firefox ESR 115.7 or Mozilla Thunderbird 115.7 : An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. oval:org.secpod.oval:def:98524 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or spoofing. oval:org.secpod.oval:def:62292 Mozilla Firefox 74.0.1, Mozilla Firefox ESR 68.6.1 and Mozilla Thunderbird 68.7.0 : Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. oval:org.secpod.oval:def:62291 Mozilla Firefox 74.0.1, Mozilla Firefox ESR 68.6.1 and Mozilla Thunderbird 68.7.0 : Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. oval:org.secpod.oval:def:62409 Mozilla Firefox 75, Mozilla Firefox ESR 68.7 and Mozilla Thunderbird 68.7.0 : When reading from areas partially or fully outside the source resource with WebGL's <code>copyTexSubImage</code> method, the specification requires the returned values be zero. Previously, this memory was uninitialized, le ... oval:org.secpod.oval:def:62413 Mozilla Firefox 75, Mozilla Firefox ESR 68.7 and Mozilla Thunderbird 68.7.0 : Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 74 and Firefox ESR 68.6. Some of these bugs showed evidence of memory corruption and we presume that ... oval:org.secpod.oval:def:610354 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or spoofing. oval:org.secpod.oval:def:89351 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or spoofing. oval:org.secpod.oval:def:89323 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or spoofing. oval:org.secpod.oval:def:89773 Mozilla Firefox 113, Mozilla Firefox ESR 102.11, Mozilla Thunderbird 102.11 : Mozilla developers and community members Gabriele Svelto, Andrew Osmond, Emily McDonough, Sebastian Hengst, Andrew McCreight and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 112 and Firefox ESR 1 ... oval:org.secpod.oval:def:89772 Mozilla Firefox 113, Mozilla Firefox ESR 102.11, Mozilla Thunderbird 102.11 : When reading a file, an uninitialized value could have been used as read limit. oval:org.secpod.oval:def:89771 Mozilla Firefox 113, Mozilla Firefox ESR 102.11, Mozilla Thunderbird 102.11 : An attacker could have positioned a <code>datalist</code> element to obscure the address bar. oval:org.secpod.oval:def:89770 Mozilla Firefox 113, Mozilla Firefox ESR 102.11, Mozilla Thunderbird 102.11 : A type checking bug would have led to invalid code being compiled. oval:org.secpod.oval:def:89766 Mozilla Firefox 113, Mozilla Firefox ESR 102.11, Mozilla Thunderbird 102.11 : A missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions. oval:org.secpod.oval:def:89765 Mozilla Firefox 113, Mozilla Firefox ESR 102.11, Mozilla Thunderbird 102.11 : An out-of-bound read could have led to a crash in the RLBox Expat driver. oval:org.secpod.oval:def:610507 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing. oval:org.secpod.oval:def:89764 Mozilla Firefox 113, Mozilla Firefox ESR 102.11, Mozilla Thunderbird 102.11 : In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. oval:org.secpod.oval:def:89376 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing. oval:org.secpod.oval:def:89777 The host is missing a high severity security update according to the Mozilla advisory MFSA2023-17 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified imp ... oval:org.secpod.oval:def:610640 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:613023 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information disclosure, bypass of content security policies or spoofing. oval:org.secpod.oval:def:55305 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:603928 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:54994 The host is missing a critical security update according to Mozilla advisory, MFSA2019-14. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:55051 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:55004 Oracle Java SE through 7u221, 8u212, 11.0.3 or 12.0.1, Mozilla Firefox 67, Mozilla Firefox ESR 60.7 and Mozilla Thunderbird 60.7: A use-after-free vulnerability was discovered in the png_image_free function in the libpng library. This could lead to denial of service or a potentially exploitable cras ... oval:org.secpod.oval:def:53324 Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors and other implementation errors may lead to the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:45542 The host is missing a critical security update according to Mozilla advisory, MFSA2018-12. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code, ... oval:org.secpod.oval:def:603394 Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors and other implementation errors may lead to the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:45518 >Mozilla Firefox before 60.0, Firefox, Thunderbird or ESR before 52.8 : An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable ... oval:org.secpod.oval:def:45519 Mozilla Firefox before 60.0 or Firefox ESR before 52.8 : Sites can bypass security checks on permissions to install lightweight themes by manipulating the baseURI property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensiv ... oval:org.secpod.oval:def:45514 Mozilla Firefox before 60.0 or Thunderbird or ESR before 52.8 : Mozilla developers and community members Christoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald Crane, Julian Hector, Kannan Vijayan, and Jason Kratzer reported memory safety bugs present in Firefox and Firefox ESR. Some of th ... oval:org.secpod.oval:def:45515 Mozilla Firefox before 60.0 Thunderbird or ESR before 52.8 : A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. oval:org.secpod.oval:def:45520 Mozilla Firefox ESR before 52.8 or Thunderbird before 52.8: A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. oval:org.secpod.oval:def:45521 Mozilla Firefox ESR or Thunderbird before 52.8 : A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. oval:org.secpod.oval:def:45522 Mozilla Firefox ESR or Thunderbird before 52.8 : Mozilla developers backported selected changes in the Skia library to the ESR52 branch of Firefox. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. oval:org.secpod.oval:def:59327 Mozilla Firefox 70, Mozilla Firefox ESR 68.2 and Mozilla Thunderbird 68.2: When storing a value in IndexedDB, the value's prototype chain is followed and it was possible to retain a reference to a locale, delete it, and subsequently reference it. This resulted in a use-after-free and a potentially e ... oval:org.secpod.oval:def:59330 Mozilla Firefox 70, Mozilla Firefox ESR 68.2 and Mozilla Thunderbird 68.2: A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances. oval:org.secpod.oval:def:59331 Mozilla Firefox 70, Mozilla Firefox ESR 68.2 and Mozilla Thunderbird 68.2: By using a form with a data URI it was possible to gain access to the privileged codeJSONView/code object that had been cloned into content. Impact from exposing this object appears to be minimal, however it was a bypass of e ... oval:org.secpod.oval:def:59332 Mozilla Firefox 70, Mozilla Firefox ESR 68.2 and Mozilla Thunderbird 68.2: If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. oval:org.secpod.oval:def:59333 Mozilla Firefox 70, Mozilla Firefox ESR 68.2 and Mozilla Thunderbird 68.2: Failure to correctly handle null bytes when processing HTML entities resulted in Firefox incorrectly parsing these entities. This could have led to HTML comment text being treated as HTML which could have led to XSS in a web ... oval:org.secpod.oval:def:59334 Mozilla Firefox 70, Mozilla Firefox ESR 68.2 and Mozilla Thunderbird 68.2: Mozilla developers and community members Bob Clary, Jason Kratzer, Aaron Klotz, Iain Ireland, Tyson Smith, Christian Holler, Steve Fink, Honza Bambas, Byron Campen, and Cristian Brindusan reported memory safety bugs present i ... oval:org.secpod.oval:def:59328 Mozilla Firefox ESR 68.2 : Mozilla community member Philipp reported a memory safety bug present in Firefox 68 when 360 Total Security was installed. This bug showed evidence of memory corruption in the accessibility engine and we presume that with enough effort that it could be exploited to run arb ... oval:org.secpod.oval:def:59329 Mozilla Firefox 70, Mozilla Firefox ESR 68.2 and Mozilla Thunderbird 68.2: An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a crash. oval:org.secpod.oval:def:69752 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, cross-site scripting, bypass of the same-origin policy, sandbox escape, information disclosure or denial of service. oval:org.secpod.oval:def:69769 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, cross-site scripting or denial of service. Debian follows the extended support releases of Firefox. Support for the 60.x series has ... oval:org.secpod.oval:def:604520 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, cross-site scripting, bypass of the same-origin policy, sandbox escape, information disclosure or denial of service. oval:org.secpod.oval:def:69887 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, cross-site scripting, spoofing, information disclosure, denial of service or cross-site request forgery. oval:org.secpod.oval:def:90679 Updates available for Mozilla Firefox, Firefox ESR and Thunderbird. |
