Download
| Alert*
oval:org.secpod.oval:def:43598
Mozilla Firefox ESR before 52.6 or Thunderbird before 52.6 :- A use-after-free vulnerability can occur while editing events in form elements on a page, resulting in a potentially exploitable crash. oval:org.secpod.oval:def:43620 The host is missing a critical security update according to Mozilla advisory, MFSA2018-03. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code, ... oval:org.secpod.oval:def:42277 The host is missing a critical security update according to Mozilla advisory, MFSA2017-22. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code, ... oval:org.secpod.oval:def:42796 The host is missing a critical security update according to Mozilla advisory, MFSA2017-25. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code, ... oval:org.secpod.oval:def:41102 The host is missing a critical security update according to Mozilla advisory, MFSA2017-16. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code o ... oval:org.secpod.oval:def:41727 The host is missing a critical security update according to Mozilla advisory, MFSA2017-19. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code o ... oval:org.secpod.oval:def:62416 The host is missing a high severity security update according to Mozilla advisory, MFSA2020-13. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple vectors. Successful exploitation can cause multiple impacts. oval:org.secpod.oval:def:48206 The host is missing a critical security update according to Mozilla advisory, MFSA2018-27. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:48208 Mozilla Firefox ESR 60.3 : Mozilla developers and community members Daniel Veditz and Philipp reported memory safety bugs present in Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary ... oval:org.secpod.oval:def:49784 The host is missing a critical security update according to Mozilla advisory, MFSA2018-30. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:14255 Mozilla Firefox ESR is installed on Windows (32 bit). oval:org.secpod.oval:def:54984 Mozilla Firefox ESR 60.7 : Cross-origin images can be read in violation of the same-origin policy by exporting an image after using <code>createImageBitmap</code> to read the image and then rendering the resulting bitmap image within a <code>canvas</code> element. oval:org.secpod.oval:def:53040 The host is missing a critical security update according to Mozilla advisory, MFSA2019-08. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:73100 The host is missing a high severity security update according to the Mozilla advisory MFSA2021-24 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows attackers to cause multiple impacts ... oval:org.secpod.oval:def:86237 Mozilla Firefox ESR 102.6, Mozilla Thunderbird 102.6 : A missing check related to tex units could have led to a use-after-free and potentially exploitable crash. oval:org.secpod.oval:def:70464 The host is missing a high severity security update according to the Mozilla advisory, MFSA2021-11 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to cause unspecified i ... oval:org.secpod.oval:def:84309 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-41 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows attackers to cause multiple impacts ... oval:org.secpod.oval:def:86229 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-52 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows attackers to cause multiple impacts ... oval:org.secpod.oval:def:43141 The host is missing a critical security update according to Mozilla advisory, MFSA2017-28. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to bypass security. oval:org.secpod.oval:def:47368 The host is missing a critical security update according to Mozilla advisory, MFSA2018-21. The update is required to fix multiple vulnerabilities. A flaw is present in the application, which fails to handle crafted data. Successful exploitation allows attackers to crash an application. oval:org.secpod.oval:def:74358 The host is missing a high severity security update according to the Mozilla advisory MFSA2021-34 and is prone to multiple vulnerabilities. The flas are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified impa ... oval:org.secpod.oval:def:74778 The host is missing a high severity security update according to the Mozilla advisory MFSA2021-39 and is prone to multiple vulnerabilities. The flas are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified impa ... oval:org.secpod.oval:def:74777 The host is missing a high severity security update according to the Mozilla advisory MFSA2021-40 and is prone to multiple vulnerabilities. The flas are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified impa ... oval:org.secpod.oval:def:74785 Mozilla Firefox ESR 78.14, Mozilla Firefox ESR 91.1, Mozilla Thunderbird 78.14, Mozilla Thunderbird 91.1: Mozilla developers Tyson Smith, Christian Holler, and Gabriele Svelto reported memory safety bugs present in Firefox 91 and Firefox ESR 91.0. Some of these bugs showed evidence of memory corrupt ... oval:org.secpod.oval:def:77233 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-02 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to cause unspecified im ... oval:org.secpod.oval:def:38844 The host is missing a critical security update according to Mozilla advisory, MFSA2017-02. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code, ... oval:org.secpod.oval:def:40092 The host is missing a critical security update according to Mozilla advisory, MFSA2017-11. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code o ... oval:org.secpod.oval:def:40093 The host is missing a critical security update according to Mozilla advisory, MFSA2017-12. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code o ... oval:org.secpod.oval:def:38074 The host is missing a critical security update according to Mozilla advisory, MFSA2016-90. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code o ... oval:org.secpod.oval:def:39162 The host is missing a critical security update according to Mozilla advisory, MFSA2017-06. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code, ... oval:org.secpod.oval:def:38443 The host is installed with Mozilla Firefox ESR before 45.6 or Thunderbird before 45.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle add or remove of sub-documents. Successful exploitation allows remote attackers to crash the s ... oval:org.secpod.oval:def:38445 The host is missing a critical security update according to Mozilla advisory, MFSA2016-95. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code o ... oval:org.secpod.oval:def:37283 The host is missing a critical security update according to Mozilla advisory, MFSA2016-86. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code o ... oval:org.secpod.oval:def:37281 The host is installed with Mozilla Firefox ESR before 45.4 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to properly handle an error in WebSockets during data buffering on incoming packets. Successful exploitation allows remote attackers to exec ... oval:org.secpod.oval:def:37280 The host is installed with Mozilla Firefox ESR before 45.4 or Thunderbird 45.x before 45.4 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle URLs of resources loaded after a navigation started. Successful exploitation allows ... oval:org.secpod.oval:def:44700 Mozilla Firefox ESR before 52.7 or Thunderbird before 52.7 : An integer overflow can occur during conversion of text to some Unicode character sets due to an unchecked length parameter. oval:org.secpod.oval:def:44701 Mozilla Firefox ESR before 52.7 or Thunderbird before 52.7 : Mozilla developers reported memory safety bugs present in Firefox ESR. These bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. oval:org.secpod.oval:def:44712 The host is missing a critical security update according to Mozilla advisory, MFSA2018-07. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code, ... oval:org.secpod.oval:def:46109 The host is missing a critical security update according to Mozilla advisory, MFSA2018-16. The update is required to fix multiple vulnerabilities. A flaw is present in the application, which fails to handle crafted data. Successful exploitation allows attackers to crash an application. oval:org.secpod.oval:def:46110 The host is missing a critical security update according to Mozilla advisory, MFSA2018-17. The update is required to fix multiple vulnerabilities. A flaw is present in the application, which fails to handle crafted data. Successful exploitation allows attackers to crash an application. oval:org.secpod.oval:def:50453 The host is missing a critical security update according to Mozilla advisory, MFSA2019-02. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:53068 The host is missing a critical security update according to Mozilla advisory, MFSA2019-10. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:89099 Mozilla Firefox ESR 102.10, Mozilla Thunderbird 102.10 : Unexpected data returned from the Safe Browsing API could have led to memory corruption and a potentially exploitable crash. oval:org.secpod.oval:def:96004 The host is missing a high severity security update according to the Mozilla advisory MFSA2023-54 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle various components. Successful exploitation could lead to a potentially exploitable cra ... oval:org.secpod.oval:def:95992 Mozilla Firefox ESR 115.6, Mozilla Thunderbird 115.6 : A use-after-free was identified in the "nsDNSService::Init". This issue appears to manifest rarely during start-up. oval:org.secpod.oval:def:93420 The host is missing a high severity security update according to the Mozilla advisory MFSA2023-35 and is prone to multiple vulnerabilities. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could lead to a potentially exploitable crash. oval:org.secpod.oval:def:67827 The host is missing a critical security update according to Mozilla advisory, MFSA2020-55. The update is required to fix multiple vulnerabilities. The flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation can cause unspecified impact. oval:org.secpod.oval:def:54982 Mozilla Firefox ESR 60.7 : An out-of-bounds read can occur in the Skia library during path transformations. This could result in the exposure of data stored in memory. oval:org.mitre.oval:def:7126 Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when Firefox or chrome is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to URL parsing. oval:org.secpod.oval:def:98163 The host is missing a high severity security update according to the Mozilla advisory MFSA2024-06 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle various components. Successful exploitation could lead to multiple impacts. oval:org.secpod.oval:def:15024 Security researcher Georgi Guninski reported an issue with Java applets where in some circumstances the applet could access files on the local system when loaded using the a file:///URI and violate file origin policy due to interaction with the codebase parameter. This affects applets running on the ... oval:org.secpod.oval:def:15021 Security researcher Cody Crews reported that some Javascript components will perform checks against the wrong uniform resource identifier(URI) before performing security sensitive actions. This will return an incorrect location for the originator of the call. This could be used to bypass same-origi ... oval:org.secpod.oval:def:15022 Mozilla community member Federico Lanusse reported a mechanism where a web worker can violate same-origin policy and bypass cross-origin checks through XMLHttpRequest. This could allow for cross-sitescripting (XSS) attacks by web workers. oval:org.secpod.oval:def:15020 Security researcher Ash reported an issue with the Mozilla Updater on Windows 7 and later versions of Windows. On vulnerable platforms, the Mozilla Updater can be made to load a specific malicious DLL file from the localsystem. This DLL file can run in a privileged context through the Mozilla Maint ... oval:org.secpod.oval:def:15003 Security researcher Johnathan Kuskos reported that Firefox is sending data in the body of XMLHttpRequest (XHR) HEAD requests, which goes against the XHR specification. This can potentially be used for Cross-Site Request Forgery (CSRF) attacks against sites which do not distinguish between HEAD and ... oval:org.secpod.oval:def:15004 Security researcher Paul Stone of <ahref="http://www.contextis.co.uk/">Context Information Security discovered that timing differences in the processing of SVG format images with filters could allow for pixel values to be read. This could potentially allow for text values to be read across domains ... oval:org.secpod.oval:def:15002 Security researcher Nils reported that specially crafted web content using the onreadystatechange event and reloading of pages could sometimes cause a crash when unmapped memory is executed. This crash is potentially exploitable. oval:org.secpod.oval:def:15008 Mozilla security researcher moz_bug_r_a4 reported that XrayWrappers can be bypassed to call content-defined toString and valueOf methods through DefaultValue . This can lead to unexpected behavior when privileged code acts on the incorrect values. oval:org.secpod.oval:def:15005 Mozilla developer Boris Zbarsky found that when PreserveWrapper was used in cases where a wrapper is not set, the preserved-wrapper flag on the wrapper cache is cleared. This could potentially lead to an exploitable crash. oval:org.secpod.oval:def:15000 Security researcher Mariusz Mlynski reported that it is possible to compile a user-defined function in the XBL scope of a specific element and then trigger an event within this scope to run code. In some circumstances, when this code is run, it can access content protected by SystemOnly Wrappers (S ... oval:org.secpod.oval:def:15015 Security researcher Seb Patane reported stack buffer overflows in both the Maintenance Service and the Mozilla Updater when unexpectedly long paths were encountered. A local attacker could pass these as command-line arguments to the Maintenance Service to crash either program and potentially lead t ... oval:org.secpod.oval:def:15012 Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be explo ... oval:org.secpod.oval:def:15018 Mozilla security researcher moz_bug_r_a4 reported a mechanism to execute arbitrary code or a cross-site scripting (XSS) attack when Certificate Request Message Format (CRMF) request is generated in certain circumstances. oval:org.secpod.oval:def:15017 Mozilla security researcher moz_bug_r_a4 reported that through an interaction of frames and browser history it was possible to make the browser believe attacker-supplied content came from the location of a previous page in browser history. This allows for cross-site scripting (XSS) attacks by loadi ... oval:org.secpod.oval:def:10670 The host is missing a security update according to Mozilla advisory, MFSA 2013-40. The update is required to fix out of bounds memory corruption vulnerability. A flaw is present in the applications, which fail to handle a crafted certificate. Successful exploitation allows remote attackers to cause ... oval:org.secpod.oval:def:10672 The host is missing a security update according to Mozilla advisory, MFSA 2013-31. The update is required to fix integer signedness error vulnerability. A flaw is present in the applications, which fail to handle crafted values that trigger attempted use of a negative box boundary or negative box si ... oval:org.secpod.oval:def:10664 The host is missing a security update according to Mozilla advisory, MFSA 2013-32. The update is required to fix buffer overflow vulnerability. A flaw is present in the applications, which fail to handle crafted arguments. Successful exploitation allows local users to gain privileges. oval:org.secpod.oval:def:10665 The host is missing a security update according to Mozilla advisory, MFSA 2013-34. The update is required to fix untrusted search path vulnerability. A flaw is present in the applications, which fail to handle a Trojan horse DLL file in an unspecified directory. Successful exploitation allows local ... oval:org.secpod.oval:def:10666 The host is missing a security update according to Mozilla advisory, MFSA 2013-36. The update is required to fix security bypass vulnerability. A flaw is present in the applications, which fail to prevent use of the cloneNode method for cloning a protected node. Successful exploitation allows remote ... oval:org.secpod.oval:def:10668 The host is missing a security update according to Mozilla advisory, MFSA 2013-38. The update is required to fix cross site scripting vulnerability. A flaw is present in the applications, which fail to ensure the correctness of the address bar during history navigation. Successful exploitation allow ... oval:org.secpod.oval:def:10661 The host is installed with Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5 or SeaMonkey before 2.17 and is prone to out of bounds memory corruption vulnerability. A flaw is present in the applications, which fail to handle a ... oval:org.secpod.oval:def:10663 The host is installed with Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5 or SeaMonkey before 2.17 and is prone to multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to properly handl ... oval:org.secpod.oval:def:10654 The host is installed with Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5 or SeaMonkey before 2.17 and is prone to integer signedness error vulnerability. A flaw is present in the applications, which fail to handle crafted v ... oval:org.secpod.oval:def:10655 The host is installed with Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5 or Thunderbird ESR 17.x before 17.0.5 and is prone to buffer overflow vulnerability. A flaw is present in the applications, which fail to handle crafted arguments. Successful exploitatio ... oval:org.secpod.oval:def:10656 The host is installed with Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5 or SeaMonkey before 2.17 and is prone to untrusted search path vulnerability. A flaw is present in the applications, which fail to handle a Trojan hor ... oval:org.secpod.oval:def:10657 The host is installed with Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5 or SeaMonkey before 2.17 and is prone to security bypass vulnerability. A flaw is present in the applications, which fail to prevent use of the cloneN ... oval:org.secpod.oval:def:10659 The host is installed with Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5 or SeaMonkey before 2.17 and is prone to cross site scripting vulnerability. A flaw is present in the applications, which fail to ensure the correctne ... oval:org.secpod.oval:def:11189 The host is installed with Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6 or Thunderbird ESR 17.x before 17.0.6 and is prone to use-after-free vulnerability. A flaw is present in the applications, which fail to handle certain vectors related to memory. Success ... oval:org.secpod.oval:def:11195 The host is missing a security update according to Mozilla advisory, MFSA 2013-48. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle certain vectors related to memory. Successful exploitation allows attackers to execute arbitrary ... oval:org.secpod.oval:def:11196 The host is installed with Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6 or Thunderbird ESR 17.x before 17.0.6 and is prone to information disclosure vulnerability. A flaw is present in the applications, which fail to properly initialize data structures for t ... oval:org.secpod.oval:def:11197 The host is missing a security update according to Mozilla advisory, MFSA 2013-47. The update is required to fix information disclosure vulnerability. A flaw is present in the applications, which fail to properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEv ... oval:org.secpod.oval:def:11198 The host is installed with Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6 or Thunderbird ESR 17.x before 17.0.6 and is prone to use-after-free vulnerability. A flaw is present in the applications, which fail to handle vectors involving an onresize event during ... oval:org.secpod.oval:def:11199 The host is missing a security update according to Mozilla advisory, MFSA 2013-46. The update is required to fix use-after-free vulnerability. A flaw is present in the applications, which fail to handle vectors involving an onresize event during the playing of a video. Successful exploitation allows ... oval:org.secpod.oval:def:11190 The host is installed with Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6 or Thunderbird ESR 17.x before 17.0.6 and is prone to use-after-free vulnerability. A flaw is present in the applications, which fail to handle certain vectors related to memory. Success ... oval:org.secpod.oval:def:11191 The host is installed with Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6 or Thunderbird ESR 17.x before 17.0.6 and is prone to use-after-free vulnerability. A flaw is present in the applications, which fail to handle certain vectors related to memory. Success ... oval:org.secpod.oval:def:11192 The host is installed with Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6 or Thunderbird ESR 17.x before 17.0.6 and is prone to invalid write operation vulnerability. A flaw is present in the applications, which fail to handle certain vectors related to memory ... oval:org.secpod.oval:def:11193 The host is installed with Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6 or Thunderbird ESR 17.x before 17.0.6 and is prone to out of Bounds Read vulnerability. A flaw is present in the applications, which fail to handle certain vectors related to memory. Suc ... oval:org.secpod.oval:def:11194 The host is installed with Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6 or Thunderbird ESR 17.x before 17.0.6 and is prone to out of bounds read vulnerability. A flaw is present in the applications, which fail to handle certain vectors related to memory. Suc ... oval:org.secpod.oval:def:10394 The host is installed with Mozilla Firefox before 19.0.2, Firefox ESR 17.x before 17.0.4, Thunderbird before 17.0.4, Thunderbird ESR 17.x before 17.0.4 or SeaMonkey before 2.16.1 and is prone to use-after-free vulnerability. A flaw is present in the applications, which fail to handle vectors involvi ... oval:org.secpod.oval:def:10395 The host is missing a security update according to Mozilla advisory, MFSA 2013-29. The update is required to fix use-after-free vulnerability. A flaw is present in the applications, which fail to handle vectors involving an execCommand call. Successful exploitation allows remote attackers to execute ... oval:org.secpod.oval:def:14998 Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be explo ... oval:org.secpod.oval:def:14999 Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover a series of use-after-free problems rated critical as security issues in shipped software.Some of these issues are potentially exploitable, allowing for remote code execution. ... oval:org.secpod.oval:def:11202 The host is installed with Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6 or Thunderbird ESR 17.x before 17.0.6 and is prone to arbitrary code execution vulnerability. A flaw is present in the applications, which fail to handle vectors involving junctions. Suc ... oval:org.secpod.oval:def:11210 The host is installed with Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6 or Thunderbird ESR 17.x before 17.0.6 and is prone to multiple unspecified vulnerabilities. The flaws are present in the applications, which oval:org.secpod.oval:def:11203 The host is missing a security update according to Mozilla advisory, MFSA 2013-44.The update is required to fix arbitrary code execution vulnerability. A flaw is present in the applications, which fail to handle vectors involving junctions. Successful exploitation allows attackers to bypass integrit ... oval:org.secpod.oval:def:11206 The host is installed with Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6 or Thunderbird ESR 17.x before 17.0.6 and is prone to cross-site scripting (XSS) vulnerability. A flaw is present in the applications, which fail to prevent acquisition of chrome privile ... oval:org.secpod.oval:def:11207 The host is missing a security update according to Mozilla advisory, MFSA 2013-42. The update is required to fix cross-site scripting (XSS) vulnerability. A flaw is present in the applications, which fail to prevent acquisition of chrome privileges during calls to content level constructors. Success ... oval:org.secpod.oval:def:11209 The host is missing a security update according to Mozilla advisory, MFSA 2013-41. The update is required to fix multiple unspecified vulnerabilities. The flaws are present in the application, which fails to properly handle certain unknown vectors. Successful exploitation allows attackers to cause a ... oval:org.secpod.oval:def:15047 Stack-based buffer overflow in Mozilla Updater in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8 or Mozilla SeaMonkey before 2.20 allows local users to gain privileges via a long pathname on the command line to the Mozilla M ... oval:org.secpod.oval:def:15046 Stack-based buffer overflow in maintenanceservice.exe in the Mozilla Maintenance Service in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8 or Mozilla SeaMonkey before 2.19 allows local users to gain privileges via a long pat ... oval:org.secpod.oval:def:15049 Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly handle the interaction between FRAME elements and history, which allows remote attackers to conduct cross-site scripting (XSS) attacks ... oval:org.secpod.oval:def:15043 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0, SeaMonkey before 2.20 or Mozilla Firefox ESR, Mozilla Thunderbird, Mozilla Thunderbird ESR before 17.0.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibl ... oval:org.secpod.oval:def:15042 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (memory corruption and application c ... oval:org.secpod.oval:def:15056 Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly restrict local-filesystem access by Java applets, which allows user-assisted remote attackers to read arbitrary files by leveraging a ... oval:org.secpod.oval:def:15050 The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allows remote attackers to execute arbitrary JavaScript code or conduct cross-site scripting (XSS) attacks ... oval:org.secpod.oval:def:15054 The Web Workers implementation in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 does not properly restrict XMLHttpRequest calls, which allows remote attackers to bypass the Same Origin Policy and ... oval:org.secpod.oval:def:15052 Multiple untrusted search path vulnerabilities in updater.exe in Mozilla Updater in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8 or Mozilla SeaMonkey before 2.20 on Windows 7, Windows Server 2008 R2, Windows 8, and Windows ... oval:org.secpod.oval:def:15053 Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 use an incorrect URI within unspecified comparisons during enforcement of the Same Origin Policy, which allows remote attackers to conduct cross-site ... oval:org.secpod.oval:def:15025 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, Thunderbird ESR 17.x before 17.0.7 or Mozilla SeaMonkey before 2.19 allow remote attackers to cause a denial of service (memory corruption and applica ... oval:org.secpod.oval:def:15026 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0, SeaMonkey before 2.19 or Mozilla Firefox ESR, Thunderbird, Thunderbird ESR before 17.0.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitr ... oval:org.secpod.oval:def:15029 Use-after-free vulnerability in the mozilla::ResetDir function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, Thunderbird ESR 17.x before 17.0.7 or Mozilla SeaMonkey before 2.19 allows remote attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:15027 Use-after-free vulnerability in the mozilla::dom::HTMLMediaElement::LookupMediaElementURITable function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, Thunderbird ESR 17.x before 17.0.7 or Mozilla SeaMonkey before 2.19 allows remote attackers to execute ar ... oval:org.secpod.oval:def:15028 Use-after-free vulnerability in the nsIDocument::GetRootElement function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 or Mozilla SeaMonkey before 2.19 allows remote attackers to execute arbitrary code or cause a den ... oval:org.secpod.oval:def:15034 The SVG filter implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, Thunderbird ESR 17.x before 17.0.7 or Mozilla SeaMonkey before 2.19 allows remote attackers to read pixel values, and possibly bypass the Same Origin Policy and read text from a d ... oval:org.secpod.oval:def:15035 The PreserveWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, Thunderbird ESR 17.x before 17.0.7 or Mozilla SeaMonkey before 2.19 does not properly handle the lack of a wrapper, which allows remote attackers to cause a denial of service ... oval:org.secpod.oval:def:15038 The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, Thunderbird ESR 17.x before 17.0.7 or Mozilla SeaMonkey before 2.19 does not properly restrict use of DefaultValue for method calls, which allows remote attackers to execute arbi ... oval:org.secpod.oval:def:15032 Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, Thunderbird ESR 17.x before 17.0.7 or Mozilla SeaMonkey before 2.19 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service ... oval:org.secpod.oval:def:15033 Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, Thunderbird ESR 17.x before 17.0.7 or Mozilla SeaMonkey before 2.19 do not prevent the inclusion of body data in an XMLHttpRequest HEAD request, which makes it easier for remote attackers to conduct cross-site re ... oval:org.secpod.oval:def:15030 The System Only Wrapper (SOW) and Chrome Object Wrapper (COW) implementations in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, Thunderbird ESR 17.x before 17.0.7 or Mozilla SeaMonkey before 2.19 do not properly restrict XBL user-defined functions, which allo ... oval:org.secpod.oval:def:16268 Security researcher Nils used the Address Sanitizer tool while fuzzing to discover a use-after-free problem in the table editing user interface of the editor during garbage collection. This leads to a potentially exploitable crash. oval:org.secpod.oval:def:16267 Security researchers Tyson Smith and JesseSchwartzentruber of the BlackBerry Security Automated Analysis Team used the Address Sanitizer tool while fuzzing to discover a user-after-free when interacting with event listeners from the mListeners array. This leads to a potentially exploitable crash. oval:org.secpod.oval:def:16263 Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be explo ... oval:org.secpod.oval:def:16271 Firefox user Sijie Xia reported that if a user explicitly removes the trust for extended validation (EV) capable root certificates in the certificate manager, the change is not properly used when validating EV certificates, causing the setting to be ignored. This removes the ability of users to exp ... oval:org.secpod.oval:def:16272 Security researchers Tyson Smith and JesseSchwartzentruber of the BlackBerry Security Automated Analysis Team used the Address Sanitizer tool while fuzzing to discover a user-after-free in the functions for synthetic mouse movement handling. Security researcher Atte Kettunen from OUSPG also repor ... oval:org.secpod.oval:def:16270 Security researchers Tyson Smith and JesseSchwartzentruber of the BlackBerry Security Automated Analysis Team used the Address Sanitizer tool while fuzzing to discover a mechanism where inserting an ordered list into a document through script could lead to a potentially exploitable crash that can ... oval:org.secpod.oval:def:16275 Google notified Mozilla that an intermediate certificate, which chains up to a root included in Mozilla's root store, was loaded into a man-in-the-middle (MITM) traffic management device. This certificate was issued by Agence nationale de la scurit des systmesd" information (ANSSI), an agency of th ... oval:org.secpod.oval:def:16276 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code ... oval:org.secpod.oval:def:16273 Mozilla developer Eric Faust reported that during JavaScript compilation GetElementIC typed array stubs can be generated outside observed typesets. This could lead to unpredictable behavior with a potential security impact. oval:org.secpod.oval:def:16274 Google security researcher Michal Zalewski reported issues with JPEG format image processing with Start Of Scan (SOS) and Define HuffmanTable (DHT) markers in the libjpeg library. This could allow for the possible reading of arbitrary memory content as well as cross-domain image theft. oval:org.secpod.oval:def:16282 The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack ve ... oval:org.secpod.oval:def:16283 Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corrupt ... oval:org.secpod.oval:def:16280 Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via ... oval:org.secpod.oval:def:16286 The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements. oval:org.secpod.oval:def:16287 Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid ... oval:org.secpod.oval:def:16284 Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by trig ... oval:org.secpod.oval:def:16411 Security researcher Jordi Chancel discovered a method to put arbitrary HTML content within <select> elements and place it in arbitrary locations. This can be used to spoof the displayed addressbar, leading to clickjacking and other spoofing attacks. oval:org.secpod.oval:def:16412 Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover an access violation due to uninitialized data during Extensible Stylesheet Language Transformation (XSLT) processing. This leads to a potentially exploitable crash. oval:org.secpod.oval:def:16410 Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be explo ... oval:org.secpod.oval:def:16415 Security researcher Byoungyoung Lee of Georgia Tech Information Security Center (GTISC) used the Address Sanitizer tool to discover a use-after-free during state change events while updating the offline cache. This leads to a potentially exploitable crash. oval:org.secpod.oval:def:16416 Security researcher Cody Crews discovered a method to append an iframe into an embedded PDF object rendered with the chrome privileged PDF.js . This can used to bypass security restrictions to load local or chrome privileged files and objects within the embedded PDF object. This can lead to informa ... oval:org.secpod.oval:def:16413 Compiler Engineer Dan Gohman of Google discovered a flaw in the JavaScript engine where memory was being incorrectly allocated for some functions and the calls for allocations were not always properly checked for overflow, leading to potential buffer overflows. When combined with other vulnerabilit ... oval:org.secpod.oval:def:16414 Mozilla community member Ezra Pool reported a potentially exploitable crash on extremely large pages. This was caused when a cycle collected image object was released on the wrong thread during decoding, creating a race condition. oval:org.secpod.oval:def:16408 Security researcher Nils used the Address Sanitizer tool while fuzzing to discover a memory corruption issue with the JavaScript engine when using workers with direct proxies. This results in a potentially exploitable crash. oval:org.secpod.oval:def:16409 Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover a user-after-free when interacting with HTML document templates. This leads to a potentially exploitable crash. oval:org.secpod.oval:def:16407 Security researcher Nils used the Address Sanitizer tool while fuzzing to discover missing strong references in browsing engine leading to use-after-frees. This can lead to a potentially exploitable crash. oval:org.secpod.oval:def:16422 The cycle collection (CC) implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly determine the thread for release of an image object, which allows remote attackers to execute arbitrary code or cause a denial o ... oval:org.secpod.oval:def:16423 Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code ... oval:org.secpod.oval:def:16420 The SELECT element implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly restrict the nature or placement of HTML within a drop down menu, which allows remote attackers to spoof the address bar or conduct cli ... oval:org.secpod.oval:def:16421 The JavaScript engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly allocate memory for unspecified functions, which allows remote attackers to conduct bu ... oval:org.secpod.oval:def:16426 Use-after-free vulnerability in the nsIOService::NewChannelFromURIWithProxyFlags function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute a ... oval:org.secpod.oval:def:16427 Use-after-free vulnerability in the nsEventListenerManager::SetEventHandler function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitr ... oval:org.secpod.oval:def:16424 PDF.js in Mozilla Firefox before 25.0 and Firefox ESR 24.x before 24.1 does not properly handle the appending of an IFRAME element, which allows remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges by using this element within an embedded PDF object. oval:org.secpod.oval:def:16425 Use-after-free vulnerability in the nsIPresShell::GetPresContext function in the PresShell (aka presentation shell) implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before ... oval:org.secpod.oval:def:16417 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allow remote attackers to cause a denial of service (memory corrupt ... oval:org.secpod.oval:def:16418 Unspecified vulnerability in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, SeaMonkey before 2.22 or Thunderbird ESR 17.0 before 17.0.10 allows remote attackers to cause a denial of service (memory corruption and application crash) or possib ... oval:org.secpod.oval:def:16697 Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these ... oval:org.secpod.oval:def:16698 Security researcher Cody Crews reported a method to bypass System Only Wrappers (SOW) by using XML Binding Language (XBL) content scopes to clone protected XUL elements. This could be used to clone anonymous nodes, making trusted XUL content web accessible. oval:org.secpod.oval:def:16430 The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly initialize data, which allows remote attacke ... oval:org.secpod.oval:def:16428 The Worker::SetEventListener function in the Web workers implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or c ... oval:org.secpod.oval:def:16429 Use-after-free vulnerability in the nsContentUtils::ContentIsHostIncludingDescendantOf function in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory ... oval:org.secpod.oval:def:15600 The host is missing a security update according to Mozilla advisory, MFSA 2013-76. The update is required to fix multiple memory safety vulnerabilities. The flaws are present in the applications, which fail to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:15612 The host is missing a security update according to Mozilla advisory, MFSA 2013-89. The update is required to fix a buffer overflow vulnerability. A flaw is present in the applications, which fail to handle crafted use of lists and floats within a multi-column layout. Successful exploitation could al ... oval:org.secpod.oval:def:15613 The host is missing a security update according to Mozilla advisory, MFSA 2013-90. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the applications, which fail to handle crafted data. Successful exploitation could allow attackers to execute arbitrar ... oval:org.secpod.oval:def:15611 The host is missing a security update according to Mozilla advisory, MFSA 2013-88. The update is required to fix a arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle movement of XBL-backed nodes between documents. Successful exploitation could allow a ... oval:org.secpod.oval:def:16700 Fredrik "Flonka" Lnnqvist discovered an issue with image decoding in RasterImage caused by continued use of discarded images. This could allow for the writing to unowned memory and a potentially exploitable crash. oval:org.secpod.oval:def:15606 The host is missing a security update according to Mozilla advisory, MFSA 2013-82. The update is required to a fix memory corruption vulnerability. A flaw is present in the applications, which fail to handle crafted data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:15603 The host is missing a security update according to, MFSA 2013-79. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fails to properly handle stylesheet cloning. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:15607 The host is missing a security update according to Mozilla advisory. The update is required to fix a security bypass vulnerability. A flaw is present in the application, which fails to properly lock the MAR file. Successful exploitation could allow attackers to replace the installed software with th ... oval:org.secpod.oval:def:15620 The host is installed with Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 and is prone to a use-after-free vulnerability. A flaw is present in the applications, which fails to properly handle stylesh ... oval:org.secpod.oval:def:15623 he host is installed with Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle crafted data. S ... oval:org.secpod.oval:def:15624 The host is installed with Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21, and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly lock the MAR ... oval:org.secpod.oval:def:16713 Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines. oval:org.secpod.oval:def:16711 The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involvin ... oval:org.secpod.oval:def:15616 The host is installed with Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, or SeaMonkey before 2.21 and is prone to a memory safety vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Su ... oval:org.secpod.oval:def:15617 The host is installed with Mozilla Firefox before 24.0, Thunderbird before 24.0, SeaMonkey before 2.21 or Mozilla Firefox ESR, Mozilla Thunderbird ESR before 17.0.9 and is prone to a memory safety vulnerability. A flaw is present in the applications, which fails to handle crafted data. Successful ex ... oval:org.secpod.oval:def:15614 The host is missing a security update according to Mozilla advisory, MFSA 2013-91. The update is required to fix a security bypass vulnerability. A flaw is present in the applications, which fail to properly identify the "this" object during use of user-defined getter methods on DOM proxies. Success ... oval:org.secpod.oval:def:16703 Security researcher Arthur Gerkis , via TippingPoint"s Zero Day Initiative, reported a use-after-free during image processing from sites with specific content types in concert with the imgRequestProxy function. This causes a potentially exploitable crash. oval:org.secpod.oval:def:16704 Security researcher Masato Kinugawa reported a cross-origin information leak through web workers" error messages. This violates same-origin policy and the leaked information could potentially be used to gather authentication tokens and other data from third-party websites. oval:org.secpod.oval:def:16709 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code ... oval:org.secpod.oval:def:16707 Mozilla developer Brian Smith and security researchers Antoine Delignat-Lavaud and Karthikeyan Bhargavan of the Prosecco research team at INRIA Paris reported issues with ticket handling in the Network Security Services (NSS) libraries. These have been addressed in the NSS 3.15.4 release, shipping o ... oval:org.secpod.oval:def:16708 Mozilla developer Boris Zbarsky reported an inconsistency with the different JavaScript engines in how JavaScript native getters on window objects are handled by these engines. This inconsistency can lead to different behaviors in JavaScript code, allowing for a potential security issue with window ... oval:org.secpod.oval:def:15630 The host is installed with Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 and is prone to an use after free vulnerability. A flaw is present in the applications, which fail to handle crafted data. Su ... oval:org.secpod.oval:def:15631 The host is installed with Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 and is prone to use after free vulnerability. A flaw is present in the applications, which fail to handle crafted data. Succe ... oval:org.secpod.oval:def:15632 The host is installed with Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 and is prone to a security bypass vulnerability. A flaw is present in the applications, which fail to properly identify the " ... oval:org.secpod.oval:def:15627 Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly handle movement of XBL-backed nodes between documents, which allows arbitrary attackers to execute arbitrary code or cause a denial of s ... oval:org.secpod.oval:def:16717 Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data. oval:org.secpod.oval:def:16714 RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted im ... oval:org.secpod.oval:def:15629 The host is installed with Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, or SeaMonkey before 2.21 allows remote attackers and is prone to an arbitrary code execution vulnerability. A flaw is present in the applications, whic ... oval:org.secpod.oval:def:16718 The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages. oval:org.secpod.oval:def:16084 The host is installed with Google Chrome before 31.0.1650.48, Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2 or SeaMonkey before 2.23 and is prone to an information disclosure vulnerability. The flaw is present in get_dht function in jdmarker.c, which fails to pro ... oval:org.secpod.oval:def:20610 Security researchers Tyson Smith and Jesse Schwartzentruber used the Address Sanitizer tool while fuzzing to discover a use-after-free error resulting in a crash. This is a result of a pair of NSSCertificate structures being added to a trust domain and then one of them is removed while they are s ... oval:org.secpod.oval:def:20611 Mozilla community member John reported a crash in the Skia library when scaling high quality images if the scaling operation takes too long. This is caused by the image data being discarded while still in use by the scaling operation. This crash is potentially exploitable on some systems. oval:org.secpod.oval:def:20603 Mozilla developers and community identified identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least som ... oval:org.secpod.oval:def:20609 Developer Patrick Cozzi reported a crash in some circumstances when using the Cesium JavaScript library to generate WebGL content. Mozilla developers determined that this crash is potentially exploitable. oval:org.secpod.oval:def:20608 Security researcher Jethro Beekman of the University of California, Berkeley reported a crash when the FireOnStateChange event is triggered in some circumstances. This leads to a use-after-free and a potentially exploitable crash when it occurs. oval:org.secpod.oval:def:20606 Mozilla community member James Kitchener reported a crash in DirectWrite when rendering MathML content with specific fonts due to an error in how font resources and tables are handled. This leads to use-after-free of a DirectWrite font-face object, resulting in a potentially exploitable crash. oval:org.secpod.oval:def:16834 The host is missing a critical security update according to Mozilla advisory, MFSA 2013-03. The update is required to fix miscellaneous network security services vulnerabilities. The flaws are present in the applications, which fail to handle statistical analysis of ciphertext or a crafted X.509 cer ... oval:org.secpod.oval:def:22280 The host is missing a security update according to MFSA 2014-83. The update is required to fix multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation allows attackers to cause a denial of service (memory corrupti ... oval:org.secpod.oval:def:22278 The host is installed with Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3 or SeaMonkey before 2.31 and is prone to multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation allows ... oval:org.secpod.oval:def:16835 Integer overflow in the PL_ArenaAllocate function in Mozilla Netscape Portable Runtime (NSPR) before 4.10.2, as used in Firefox before 25.0.1, Firefox ESR 17.x before 17.0.11 and 24.x before 24.1.1, SeaMonkey before 2.22.1, Thunderbird 24.x before 24.1.1 or Thunderbird ESR 17.0.x before 17.0.11 allo ... oval:org.secpod.oval:def:17149 Security researcher Atte Kettunen from OUSPG reported an out of bounds read during the decoding of WAV format audio files for playback. This could allow web content access to heap data as well as causing a crash. oval:org.secpod.oval:def:21406 Mozilla developers Eric Shepherd and Jan-Ivar Bruaroey reported issues with privacy and video sharing using WebRTC. Once video sharing has started within a WebRTC session running within an <iframe> , video will continue to be shared even if the user selects the "e;Stop Sharing" button ... oval:org.secpod.oval:def:17148 Security researcher Ash reported an issue where the extracted files for updates to existing files are not read only during the update process. This allows for the potential replacement or modification of these files during the update process if a malicious application is present on the local system ... oval:org.secpod.oval:def:21407 Mozilla developer Boris Zbarsky reported that a malicious app could use the AlarmAPI to read the values of cross-origin references, such as an iframe"s location object, as part of an alarm"s JSON data. This allows a malicious app to bypass same-origin policy. oval:org.secpod.oval:def:17147 Mozilla developers and community identified identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least som ... oval:org.secpod.oval:def:21404 Security researcher regenrecht reported, via TippingPoint"s Zero Day Initiative, a use-after-free during text layout when interacting with text direction. This results in a crash which can lead to arbitrary code execution. oval:org.secpod.oval:def:21402 Security researcher Holger Fuhrmannek used the used the Address Sanitizer tool to discover an out-of-bounds read issue with Web Audio when interacting with custom waveforms with invalid values. This results in a crash and could allow for the reading of random memory which may contain sensitive data, ... oval:org.secpod.oval:def:21403 Using the Address Sanitizer tool, security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team found an out-of-bounds write when buffering WebM format video containing frames with invalid tile sizes. This can lead to a potentially exploitable crash during WebM video playback. oval:org.secpod.oval:def:21400 Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these ... oval:org.secpod.oval:def:21401 Using the Address Sanitizer tool, security researcher Atte Kettunen from OUSPG discovered a buffer overflow when making capitalization style changes during CSS parsing. This can cause a crash that is potentially exploitable. oval:org.secpod.oval:def:21409 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vecto ... oval:org.secpod.oval:def:17159 Mozilla developer Robert O"Callahan reported a mechanism for timing attacks involving SVG filters and displacements input to feDisplacementMap . This allows displacements to potentially be correlated with values derived from content. This is similar to the previously reported techniques used for SV ... oval:org.secpod.oval:def:17158 Security researcher John Thomson discovered a memory corruption in the Cairo graphics library during font rendering of a PDF file for display. This memory corruption leads to a potentially exploitable crash and to a denial of service (DOS). This issues is not able to be triggered in a default confi ... oval:org.secpod.oval:def:17157 Security researcher Tyson Smith and Jesse Schwartzentruber of the BlackBerry Security Automated Analysis Team used the Address Sanitizer tool while fuzzing to discover an out-of-bounds read during polygon rendering in MathML. This can allow web content to potentially read protected memory addresse ... oval:org.secpod.oval:def:19915 Use-after-free vulnerability in the nsTextEditRules::CreateMozBR function in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. oval:org.secpod.oval:def:19917 Use-after-free vulnerability in the RefreshDriverTimer::TickDriver function in the SMIL Animation Controller in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruptio ... oval:org.secpod.oval:def:19911 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. oval:org.secpod.oval:def:19908 Security researcher Nils used the Address Sanitizer to discover a use-after-free problem with the SMIL Animation Controller when interacting with and rendering improperly formed web content. This causes a potentially exploitable crash. oval:org.secpod.oval:def:19905 Mozilla developers and community identified identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least som ... oval:org.secpod.oval:def:19906 Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team discovered a number of use-after-free and out of bounds read issues using the Address Sanitizer tool. These issues are potentially exploitable, allowing for remote code execution. oval:org.secpod.oval:def:21266 Antoine Delignat-Lavaud , security researcher at Inria Paris in team Prosecco, reported an issue in Network Security Services (NSS) libraries affecting all versions. He discovered that NSS is vulnerable to a variant of a signature forgery attack previously published by Daniel Bleichenbacher. This is ... oval:org.secpod.oval:def:21265 Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31.x before 31.1.2, Mozilla SeaMonkey before 2.29.1, ... oval:org.secpod.oval:def:17824 The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects, which allows remote attackers to execute arbitrary code or cause a denial of se ... oval:org.secpod.oval:def:17823 Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image. oval:org.secpod.oval:def:17821 maintenservice_installer.exe in the Maintenance Service Installer in Mozilla Firefox before 29.0 and Firefox ESR 24.x before 24.5 on Windows allows local users to gain privileges by placing a Trojan horse DLL file into a temporary directory at an unspecified point in the update process. oval:org.secpod.oval:def:17817 Security researchers Tyson Smith and Jesse Schwartzentruber of the BlackBerry Security Automated Analysis Team used the Address Sanitizer tool while fuzzing to discover a use-after-free during host resolution in some circumstances. This leads to a potentially exploitable crash. oval:org.secpod.oval:def:17815 Security researcher Nils discovered a use-after-free error in which the imgLoader object is freed while an image is being resized. This results in a potentially exploitable crash. oval:org.secpod.oval:def:17814 Mozilla security researcher moz_bug_r_a4 reported a method to use browser navigations through history to load a website with that page"s baseURI property pointing to that of another site instead of the seemingly loaded one. The user will continue to see the incorrect site in the addressbar of the b ... oval:org.secpod.oval:def:17819 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code ... oval:org.secpod.oval:def:17831 Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corru ... oval:org.secpod.oval:def:17830 The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-site scripting (XSS) attacks, via a crafted web site ... oval:org.secpod.oval:def:17832 Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap m ... oval:org.secpod.oval:def:17829 The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page for ... oval:org.secpod.oval:def:17813 Security researcher Mariusz Mlynski discovered an issue where sites that have been given notification permissions by a user can bypass security checks on source components for the Web Notification API. This allows for script to be run in a privileged context through notifications, leading to arbitr ... oval:org.secpod.oval:def:16721 Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service (use-after-free) or possib ... oval:org.secpod.oval:def:16722 Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict public values in Diffie-Hellman key exchanges, which makes it easier for remote ... oval:org.secpod.oval:def:17806 Security researcher Ash reported an issue affected the Mozilla Maintenance Service on Windows systems. The Mozilla Maintenance Service installer writes to a temporary directory created during the update process which is writable by users. If malicious DLL files are placed within this directory duri ... oval:org.secpod.oval:def:17805 Mozilla developers and community identified identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least som ... oval:org.secpod.oval:def:17809 Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover a buffer overflow when a script uses a non-XBL object as an XBL object because the XBL status of the object is not properly validated. The resulting memory corruption is potent ... oval:org.secpod.oval:def:17808 Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover a fixed offset out of bounds read issue while decoding specifically formatted JPG format images. This causes a non-exploitable crash. oval:org.secpod.oval:def:20597 Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to execute arbitrary code via crafted WebGL content constructed with the Cesium JavaScript library. oval:org.secpod.oval:def:20598 The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data during function execution, which allows remote attackers to execute arbitrary code by triggering prolong ... oval:org.secpod.oval:def:17182 vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service ... oval:org.secpod.oval:def:17181 TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to execute arbitrary code or cause a denial of service (h ... oval:org.secpod.oval:def:17180 Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering extensive memory consumption while garbage co ... oval:org.secpod.oval:def:20589 Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger cer ... oval:org.secpod.oval:def:20596 Use-after-free vulnerability in the nsDocLoader::OnProgress function in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allows remote attackers to execute arbitrary code via vectors that trigger a FireOnStateChange event. oval:org.secpod.oval:def:20594 Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 on Windows allows remote attackers to execute arbitrary code via crafted use of fonts in MathML content, leading to improper handling of a DirectWrite ... oval:org.secpod.oval:def:20590 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. oval:org.secpod.oval:def:17163 Security researcher George Hotz , via TippingPoint"s Pwn2Own contest, discovered an issue where values are copied from an array into a second, neutered array. This allows for an out-of-bounds write into memory, causing an exploitable crash leading to arbitrary code execution. oval:org.secpod.oval:def:17162 Security researcher Juri Aedla , via TippingPoint"s Pwn2Own contest, reported that TypedArrayObject does not handle the case where ArrayBuffer objects are neutered, setting their length to zero while still in use. This leads to out-of-bounds reads and writes into the JavaScript heap, allowing for ... oval:org.secpod.oval:def:17161 Security research firm VUPEN , via TippingPoint"s Pwn2Own contest, reported that memory pressure during Garbage Collection could lead to memory corruption of TypeObjects in the JS engine, resulting in an exploitable use-after-free condition. oval:org.secpod.oval:def:17160 Security researcher Mariusz Mlynski , via TippingPoint"s Pwn2Own contest, reported that it is possible for untrusted web content to load a chrome-privileged page by getting JavaScript-implemented WebIDL to call window.open() . A second bug allowed the bypassing of the popup-blocker without user inte ... oval:org.secpod.oval:def:17167 The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and appli ... oval:org.secpod.oval:def:17166 Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update. oval:org.secpod.oval:def:17164 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code ... oval:org.secpod.oval:def:21418 The WebRTC video-sharing feature in dom/media/MediaManager.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 does not properly recognize Stop Sharing actions for videos in IFRAME elements, which allows remote attackers to obtain sensitive information ... oval:org.secpod.oval:def:17179 Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors. oval:org.secpod.oval:def:21416 The Alarm API in Mozilla Firefox before 33.0 and Firefox ESR 31.x before 31.2 does not properly restrict toJSON calls, which allows remote attackers to bypass the Same Origin Policy via crafted API calls that access sensitive information within the JSON data of an alarm. oval:org.secpod.oval:def:21413 The get_tile function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly execute arbitrary code via WebM frames with invalid tile sizes that are im ... oval:org.secpod.oval:def:21414 Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between directionality resolution and la ... oval:org.secpod.oval:def:21411 Heap-based buffer overflow in the nsTransformedTextRun function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via Cascading Style Sheets (CSS) token sequences that trigger changes to capitalization sty ... oval:org.secpod.oval:def:21412 The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bo ... oval:org.secpod.oval:def:17174 The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a different d ... oval:org.secpod.oval:def:17178 The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call. oval:org.secpod.oval:def:17177 Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF docu ... oval:org.secpod.oval:def:17176 The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash ... oval:org.secpod.oval:def:21419 content/base/src/nsDocument.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 does not consider whether WebRTC video sharing is occurring, which allows remote attackers to obtain sensitive information from the local camera in certain IFRAME situations ... oval:org.secpod.oval:def:26339 The host is missing a critical security update according to Mozilla advisory, MFSA2015-83. The update is required to fix multiple overflow vulnerabilities. The flaws are present in the applications, which fail to properly handle an invalid size field in an esds chunk in MPEG-4 video data. Successful ... oval:org.secpod.oval:def:26345 The host is missing an important security update according to Mozilla advisory, MFSA2015-90. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the applications, which fail to properly handle crafted data. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:26344 The host is installed with Mozilla Firefox before 40.0, Thunderbird 38.0 before 38.2 or Firefox ESR 38.x before 38.2 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle crafted data. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:26347 The host is installed with Mozilla Firefox before 40.0, Thunderbird 38.x before 38.2 or Firefox ESR 38.x before 38.2 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle unknown vectors. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:26346 The host is installed with Mozilla Firefox before 40.0, Thunderbird 38.x before 38.2 or Firefox ESR 38.x before 38.2 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to properly handle crafted data. Successful exploitation could allow attackers to ha ... oval:org.secpod.oval:def:26349 The host is missing a critical security update according to Mozilla advisory, MFSA2015-89. The update is required to fix buffer overflow vulnerabilities. The flaws are present in the applications, which fail to properly handle malformed WebM video data. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:26348 The host is installed with Mozilla Firefox before 40.0 or Firefox ESR 38.x before 38.2 and is prone to an out-of-bounds read vulnerability. A flaw is present in the applications, which fail to properly handle malformed WebM video data. Successful exploitation could allow attackers to execute arbitra ... oval:org.secpod.oval:def:26341 The host is missing an important security update according to Mozilla advisory, MFSA2015-92. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fail to properly handle a SharedWorker object that makes recursive calls to the open method of an X ... oval:org.secpod.oval:def:26340 The host is installed with Mozilla Firefox before 40.0 or Firefox ESR 38.x before 38.2 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to properly handle a SharedWorker object that makes recursive calls to the open method of an XMLHttpRequest object ... oval:org.secpod.oval:def:26338 The host is installed with Mozilla Firefox before 40.0 or Firefox ESR 38.x before 38.2 and is prone to heap-based buffer overflow vulnerability. A flaw is present in the applications, which fail to properly handle an invalid size field in an esds chunk in MPEG-4 video data. Successful exploitation c ... oval:org.secpod.oval:def:26356 The host is missing an important security update according to Mozilla advisory, MFSA2015-85. The update is required to fix an out-of-bounds write vulnerability. A flaw is present in the applications, which fail to properly handle a crafted name of a Mozilla Archive (aka MAR) file. Successful exploit ... oval:org.secpod.oval:def:26355 The host is installed with Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2 or Thunderbird 38.x before 38.2 and is prone to an out-of-bounds write vulnerability. A flaw is present in the applications, which fail to properly handle a crafted name of a Mozilla Archive (aka MAR) file. Successf ... oval:org.secpod.oval:def:26357 The host is installed with Mozilla Firefox before 40, Firefox ESR 38.x before 38.2 or Thunderbird 38.x before 38.2 and is prone to a race condition vulnerability. A flaw is present in the applications, which fail to properly handle vectors involving a hard link to a log file during an update. Succes ... oval:org.secpod.oval:def:26350 The host is installed with Mozilla Firefox before 40.0 or Firefox ESR 38.x before 38.2 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the applications, which fail to properly handle malformed WebM video data. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:26352 The host is missing a security update according to Mozilla advisory, MFSA2015-87. The update is required to fix a denial of service vulnerability. A flaw is present in the applications, which fail to properly handle the use of shared memory and accessing (1) an Atomics object or (2) a SharedArrayBuf ... oval:org.secpod.oval:def:26351 The host is installed with Mozilla Firefox before 40.0 or Firefox ESR 38.x before 38.2 and is prone to a denial of service vulnerability. A flaw is present in the applications, which fail to properly handle the use of shared memory and accessing (1) an Atomics object or (2) a SharedArrayBuffer objec ... oval:org.secpod.oval:def:23589 The host is missing a security update according to Mozilla advisory, MFSA 2015-04. The update is required to fix a session-fixation vulnerability. A flaw is present in the applications, which do not properly interpret Set-Cookie headers within responses that have a 407 (aka Proxy Authentication Requ ... oval:org.secpod.oval:def:23593 The host is missing a security update according to Mozilla advisory, MFSA 2015-06. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fail to handle a crafted track data. Successful exploitation allows attackers to execute arbitrary code. oval:org.secpod.oval:def:23592 The host is installed with Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4 or SeaMonkey before 2.32 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to handle a crafted track data. Successful exploitation allows attackers to execute arbitra ... oval:org.secpod.oval:def:23579 The host is installed with Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4 or SeaMonkey before 2.32 and is prone to multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation allows ... oval:org.secpod.oval:def:23588 The host is installed with Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4 or SeaMonkey before 2.32 and is prone to a session-fixation vulnerability. A flaw is present in the applications, which do not properly interpret Set-Cookie headers within responses that hav ... oval:org.secpod.oval:def:23587 The host is missing a security update according to Mozilla advisory, MFSA 2015-03. The update is required to fix a security bypass vulnerability. A flaw is present in the applications, which fail to handle a crafted web site. Successful exploitation allows attackers to bypass intended CORS access-co ... oval:org.secpod.oval:def:23586 The host is installed with Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4 or SeaMonkey before 2.32 and is prone to a security bypass vulnerability. A flaw is present in the applications, which fail to handle a crafted web site. Successful exploitation allows attac ... oval:org.secpod.oval:def:23581 The host is missing a security update according to Mozilla advisory, MFSA 2015-01. The update is required to fix to multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation allows attackers to cause a denial of ser ... oval:org.secpod.oval:def:22292 The host is missing a security update according to MFSA 2014-89. The update is required to fix an arbitrary code execution vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Successful exploitation allows attackers to execute arbitrary code by leveraging an i ... oval:org.secpod.oval:def:22291 The host is installed with Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3 or SeaMonkey before 2.31 and is prone to an arbitrary code execution vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Successful exploitation allow ... oval:org.secpod.oval:def:22290 The host is missing a security update according to MFSA 2014-88. The update is required to fix a stack-based buffer overflow vulnerability. A flaw is present in the applications, which fail to handle a crafted media content. Successful exploitation allows attackers to execute arbitrary code. oval:org.secpod.oval:def:22289 The host is installed with Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3 or SeaMonkey before 2.31 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the applications, which fail to handle a crafted media content. Successful exploita ... oval:org.secpod.oval:def:22288 The host is missing a security update according to MFSA 2014-87. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fail to handle a addition of a second root element to an HTML5 document during parsing. Successful exploitation allows attacker ... oval:org.secpod.oval:def:22287 The host is installed with Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3 or SeaMonkey before 2.31 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to handle a addition of a second root element to an HTML5 document ... oval:org.secpod.oval:def:22284 The host is missing a security update according to MFSA 2014-85. The update is required to fix a denial of service vulnerability. A flaw is present in the applications, which fail to handle a crafted JavaScript object. Successful exploitation allows attackers to cause a denial of service (applicatio ... oval:org.secpod.oval:def:22283 The host is installed with Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3 or SeaMonkey before 2.31 and is prone to a denial of service vulnerability. A flaw is present in the applications, which fail to handle a crafted JavaScript object. Successful exploitation a ... oval:org.secpod.oval:def:23969 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-28. The update is required to fix a security bypass vulnerability. A flaw is present in the applications, which do not properly handle vectors involving SVG hash navigation. Successful exploitation could allow at ... oval:org.secpod.oval:def:23968 The host is installed with Mozilla Firefox before 36.0.4, Firefox ESR 31.x before 31.5.3 or SeaMonkey before 2.33.1 and is prone to a security bypass vulnerability. A flaw is present in the applications, which do not properly handle vectors involving SVG hash navigation. Successful exploitation coul ... oval:org.secpod.oval:def:23967 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-29. The update is required to fix an arbitrary code execution vulnerability. A flaw is present in the applications, which do not properly determine the cases in which bounds checking may be safely skipped during ... oval:org.secpod.oval:def:23966 The host is installed with Mozilla Firefox before 36.0.3, Firefox ESR 31.x before 31.5.2 or SeaMonkey before 2.33.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the applications, which do not properly determine the cases in which bounds checking may be safely skipp ... oval:org.secpod.oval:def:24018 The host is installed with Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 and is prone to multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation could allow attackers to ca ... oval:org.secpod.oval:def:24020 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-30. The update is required to fix multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation could allow attackers to cause a de ... oval:org.secpod.oval:def:24012 The host is installed with Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 and is prone to a security bypass vulnerability. A flaw is present in the applications, which fail to handle vectors involving anchor navigation. Successful exploitation could allow atta ... oval:org.secpod.oval:def:24013 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-40. The update is required to fix a security bypass vulnerability. A flaw is present in the applications, which fail to handle vectors involving anchor navigation. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:24014 The host is installed with Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 and is prone to a security bypass vulnerability. A flaw is present in the applications, which fail to handle a crafted web site. Successful exploitation could allow attackers to bypass i ... oval:org.secpod.oval:def:24015 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-37. The update is required to fix a security bypass vulnerability. A flaw is present in the applications, which fail to handle a crafted web site. Successful exploitation could allow attackers to bypass intended ... oval:org.secpod.oval:def:24016 The host is installed with Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 and is prone to a security bypass vulnerability. A flaw is present in the applications, which do not properly restrict resource: URLs. Successful exploitation could allow attackers to ex ... oval:org.secpod.oval:def:24017 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-33. The update is required to fix a security bypass vulnerability. A flaw is present in the applications, which do not properly restrict resource: URLs. Successful exploitation could allow attackers to execute ar ... oval:org.secpod.oval:def:24558 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-46. The update is required to fix multiple unspecified vulnerabilities. The flaws are present in the application, which fails to handle unknown vectors. Successful exploitation could allow attackers to cause a de ... oval:org.secpod.oval:def:24559 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-48. The update is required to fix a heap-based buffer overflow vulnerability. A flaw is present in the applications, which fail to handle a crafted SVG graphics data in conjunction with a crafted Cascading Style ... oval:org.secpod.oval:def:24562 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-51. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fail to handle a document containing crafted text in conjunction with a Cascading Style Sheets (CSS) ... oval:org.secpod.oval:def:24564 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-54. The update is required to fix a buffer overflow vulnerability. A flaw is present in the applications, which fail to handle a large amount of compressed XML data. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:25635 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, Thunderbird before 31.8 or 38.x before 38.1 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to handle client-side JavaScript that triggers removal of a DOM object ... oval:org.secpod.oval:def:24547 The host is installed with Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7 or Thunderbird before 31.7 and is prone to a buffer overflow vulnerability. A flaw is present in the applications, which fail to handle a large amount of compressed XML data. Successful exploitation could allow atta ... oval:org.secpod.oval:def:25636 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-63. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fail to handle client-side JavaScript that triggers removal of a DOM object on the basis of a Conten ... oval:org.secpod.oval:def:24548 The host is installed with Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7 or Thunderbird before 31.7 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the applications, which fail to handle a crafted SVG graphics data in conjunction with a crafted Cascading ... oval:org.secpod.oval:def:25637 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 or 38.x before 38.1 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to handle vectors involving attachment of an XMLHttpRequest object to a dedicated worker. Succes ... oval:org.secpod.oval:def:24549 The host is installed with Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7 or Thunderbird before 31.7 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to handle a document containing crafted text in conjunction with a Cascading Style Sheets ... oval:org.secpod.oval:def:25638 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, Thunderbird before 31.8 or 38.x before 38.1 and is prone to a security bypass vulnerability. A flaw is present in the applications, which do not enforce key pinning upon encountering an X.509 certificate problem th ... oval:org.secpod.oval:def:25639 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-67. The update is required to fix a security bypass vulnerability. A flaw is present in the applications, which do not enforce key pinning upon encountering an X.509 certificate problem that generates a user dial ... oval:org.secpod.oval:def:24550 The host is installed with Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7 or Thunderbird before 31.7 and is prone to multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation could allow attackers to caus ... oval:org.secpod.oval:def:25640 The host is installed with Mozilla Firefox before 39.0 or Firefox ESR 31.x before 31.8 or 38.x before 38.1 and is prone to a security bypass vulnerability. A flaw is present in the applications, which enable excessive privileges for internal Workers. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:25641 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-69. The update is required to fix a security bypass vulnerability. A flaw is present in the applications, which enable excessive privileges for internal Workers. Successful exploitation could allow attackers to e ... oval:org.secpod.oval:def:25642 The host is installed with OpenSSL 1.0.1 before 1.0.1n or 1.0.2 before 1.0.2b, Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8, 38.x before 38.1, Thunderbird before 31.8 or 38.x before 38.1 and is prone to a logjam attack vulnerability. A flaw is present in the applications, which fail to ... oval:org.secpod.oval:def:25643 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-70. The update is required to fix a logjam attack vulnerability. A flaw is present in the applications, which fail to handle a weak key. Successful exploitation could allow man-in-the-middle (MITM) attackers to f ... oval:org.secpod.oval:def:25624 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-65. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fail to handle vectors involving attachment of an XMLHttpRequest object to a shared worker. Successf ... oval:org.secpod.oval:def:25625 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, Thunderbird before 31.8 or 38.x before 38.1 and is prone to multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation could allow ... oval:org.secpod.oval:def:25627 The host is installed with Mozilla Firefox before 39.0 or Firefox ESR 38.x before 38.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the applications, which fail to handle a crafted web site that is accessed with unspecified mouse and keyboard actions. Successful ex ... oval:org.secpod.oval:def:25628 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-60. The update is required to fix an arbitrary code execution vulnerability. A flaw is present in the applications, which fail to handle a crafted web site that is accessed with unspecified mouse and keyboard act ... oval:org.secpod.oval:def:25629 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 or 38.x before 38.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the applications, which misinterpret an unspecified IDBDatabase field as a pointer. Successful exploitation could a ... oval:org.secpod.oval:def:25630 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-61. The update is required to fix an arbitrary code execution vulnerability. A flaw is present in the applications, which misinterpret an unspecified IDBDatabase field as a pointer. Successful exploitation could ... oval:org.secpod.oval:def:25631 The host is installed with Mozilla Firefox before 39.0 or Firefox ESR 38.x before 38.1 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which do not properly calculate an oscillator rendering range. Successful exploitation could allow attackers to obtai ... oval:org.secpod.oval:def:25632 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-62. The update is required to fix an information disclosure vulnerability. A flaw is present in the applications, which do not properly calculate an oscillator rendering range. Successful exploitation could allow ... oval:org.secpod.oval:def:25633 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 or 38.x before 38.1 and is prone to an ECDSA signatures spoofing vulnerability. A flaw is present in the applications, which do not properly perform Elliptical Curve Cryptography (ECC) multiplications. Successful ex ... oval:org.secpod.oval:def:25634 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-64. The update is required to fix an ECDSA signatures spoofing vulnerability. A flaw is present in the applications, which do not properly perform Elliptical Curve Cryptography (ECC) multiplications. Successful e ... oval:org.secpod.oval:def:25613 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8, 38.x before 38.1, Thunderbird before 31.8 or 38.x before 38.1 and is prone to multiple vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation could ... oval:org.secpod.oval:def:25614 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-59. The update is required to fix multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation could allow attackers to cause deni ... oval:org.secpod.oval:def:25615 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8, 38.x before 38.1, Thunderbird before 31.8 or 38.x before 38.1 and is prone to an unspecified vulnerability. A flaw is present in the applications, which read data from uninitialized memory locations. Successful exp ... oval:org.secpod.oval:def:25616 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-66. The update is required to fix unspecified vulnerabilities. The flaws are present in the applications, which read data from uninitialized memory locations. Successful exploitation could allow attackers to caus ... oval:org.secpod.oval:def:25617 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8, 38.x before 38.1, Thunderbird before 31.8 or 38.x before 38.1 and is prone to an unspecified vulnerability. A flaw is present in the applications, which access unintended memory locations. Successful exploitation c ... oval:org.secpod.oval:def:25618 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8, 38.x before 38.1, Thunderbird before 31.8 or 38.x before 38.1 and is prone to an unspecified vulnerability. A flaw is present in the applications, which access unintended memory locations. Successful exploitation c ... oval:org.secpod.oval:def:25619 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8, 38.x before 38.1, Thunderbird before 31.8 or 38.x before 38.1 and is prone to an unspecified vulnerability. A flaw is present in the applications, which read data from uninitialized memory locations. Successful exp ... oval:org.secpod.oval:def:25620 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8, 38.x before 38.1, Thunderbird before 31.8 or 38.x before 38.1 and is prone to an unspecified vulnerability. A flaw is present in the applications, which read data from uninitialized memory locations. Successful exp ... oval:org.secpod.oval:def:25621 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8, 38.x before 38.1, Thunderbird before 31.8 or 38.x before 38.1 and is prone to an unspecified vulnerability. A flaw is present in the applications, which access unintended memory locations. Successful exploitation c ... oval:org.secpod.oval:def:25622 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8, 38.x before 38.1, Thunderbird before 31.8 or 38.x before 38.1 and is prone to a buffer overflow vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Successful exploitation co ... oval:org.secpod.oval:def:25623 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 or 38.x before 38.1 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to handle vectors involving attachment of an XMLHttpRequest object to a shared worker. Successfu ... oval:org.secpod.oval:def:23629 The host is missing an important security update according Mozilla advisory, MFSA-2015-12. The update is required to fix multiple untrusted search path vulnerabilities. The flaws are present in the applications, which fail to properly handle a Trojan horse DLL. Successful exploitation could allow at ... oval:org.secpod.oval:def:23628 The host is installed with Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 and is prone to multiple untrusted search path vulnerabilities. The flaws are present in the applications, which fail to properly handle a Trojan horse DLL. Successful exploitation could ... oval:org.secpod.oval:def:23627 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-11. The update is required to fix multiple unspecified vulnerabilities. The flaws are present in the application, which fails to handle unknown vectors. Successful exploitation could allow attackers to execute ar ... oval:org.secpod.oval:def:23625 The host is installed with Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 and is prone to multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation could allow attackers to ex ... oval:org.secpod.oval:def:25611 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8, 38.x before 38.1, Thunderbird before 31.8 or 38.x before 38.1 and is prone to a security bypass vulnerability. A flaw is present in the applications, which do not properly determine state transitions for the TLS st ... oval:org.secpod.oval:def:25612 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-71. The update is required to fix a security bypass vulnerability. A flaw is present in the applications, which do not properly determine state transitions for the TLS state machine. Successful exploitation could ... oval:org.secpod.oval:def:23653 The host is missing an important security update according to Mozilla advisory, MFSA-2015-24. The update is required to fix an information disclosure vulnerability. A flaw is present in the applications, which fails to properly handle crafted JavaScript code. Successful exploitation could allow atta ... oval:org.secpod.oval:def:23652 The host is installed with Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fails to properly handle crafted JavaScript code. Successful exploitation could allo ... oval:org.secpod.oval:def:23637 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-16. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fails to properly handle crafted content during IndexedDB index creation. Successful exploitation co ... oval:org.secpod.oval:def:23636 The host is installed with Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fails to properly handle crafted content during IndexedDB index creation. Successful exploit ... oval:org.secpod.oval:def:23643 The host is missing a security update according to Mozilla advisory, MFSA-2015-19. The update is required to fix a heap-based buffer overflow vulnerability. A flaw is present in the applications, which fails to properly handle a malformed SVG graphic. Successful exploitation could allow attackers di ... oval:org.secpod.oval:def:23642 The host is installed with Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the applications, which fails to properly handle a malformed SVG graphic. Successful exploitation could a ... oval:org.secpod.oval:def:27036 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to a security bypass vulnerability. A flaw is present in the applications, which fail to properly handle crafted JavaScript code that executes after a drag-and-drop action of an image into a TEXTBOX e ... oval:org.secpod.oval:def:27035 The host is missing an important security update according to Mozilla advisory, MFSA 2015-111. The update is required to fix a CORS preflight protection mechanism bypass vulnerability. A flaw is present in the applications, which fail to properly handle duplicate cache-key generation or retrieval of ... oval:org.secpod.oval:def:27038 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle unknown vectors. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:27037 The host is missing a security update according to Mozilla advisory, MFSA 2015-110. The update is required to fix a security bypass vulnerability. A flaw is present in the applications, which fail to properly handle crafted JavaScript code that executes after a drag-and-drop action of an image into ... oval:org.secpod.oval:def:27030 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle unknown vectors. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:27032 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle unknown vectors. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:27031 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle unknown vectors. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:27034 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to a CORS preflight protection mechanism bypass vulnerability. A flaw is present in the applications, which fail to properly handle duplicate cache-key generation or retrieval of a value from an incor ... oval:org.secpod.oval:def:27033 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle unknown vectors. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:27025 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle crafted (1) OpenGL or (2) WebGL content. Successful exploitation could allow attackers to exe ... oval:org.secpod.oval:def:27024 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to a buffer overflow and application crash vulnerability. A flaw is present in the applications, which incorrectly allocate memory for shader attribute arrays. Successful exploitation could allow atta ... oval:org.secpod.oval:def:27027 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle unknown vectors. Successful exploitation could allow attackers to execute arbitrary code or c ... oval:org.secpod.oval:def:27026 The host is missing a critical security update according to Mozilla advisory, MFSA 2015-113. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the applications, which incorrectly allocate memory for shader attribute arrays. Successful exploitation cou ... oval:org.secpod.oval:def:27029 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the applications, which fail to properly handle an incorrect argument to the sscanf function. Successful exploitation could allow a ... oval:org.secpod.oval:def:27028 The host is missing an important security update according to Mozilla advisory, MFSA 2015-112. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the applications, which fail to properly handle unknown vectors. Successful exploitation could allow attac ... oval:org.secpod.oval:def:27021 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which misinterpret the return value of a function call. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:31571 The host is installed with Mozilla Firefox before 42.0 or Firefox ESR 38.x before 38.4 and is prone to an unspecified vulnerability. A flaw is present in the applications, which fail to properly handle vectors related to a cryptographic key. Successful exploitation could allow attackers to have an u ... oval:org.secpod.oval:def:31572 The host is missing a critical security update according to Mozilla advisory, MFSA2015-131. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle vectors related to a cryptographic key. Successful exploitation could allow att ... oval:org.secpod.oval:def:31573 The host is installed with Mozilla Firefox before 42.0 or Firefox ESR 38.x before 38.4 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle a crafted SVG document. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:31574 The host is installed with Mozilla Firefox before 42.0 or Firefox ESR 38.x before 38.4 and is prone to a buffer overflow vulnerability. A flaw is present in the applications, which fail to properly handle crafted texture data. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:27063 The host is missing a security update according to Mozilla advisory, MFSA 2015-96. The update is required to fix multiple unspecified vulnerabilities. The flaws are present in the application, which fails to properly handle unknown vectors. Successful exploitation could allow attackers to crash the ... oval:org.secpod.oval:def:27062 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to properly handle unknown vectors. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:27052 The host is missing a security update according to Mozilla advisory, MFSA 2015-101. The update is required to fix a buffer overflow vulnerability. A flaw is present in the applications, which fail to properly handle a crafted VP9 file. Successful exploitation could allow attackers to execute arbitra ... oval:org.secpod.oval:def:27051 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to a buffer overflow vulnerability. A flaw is present in the applications, which fail to properly handle a crafted VP9 file. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:27054 The host is missing an important security update according to Mozilla advisory, MFSA 2015-100. The update is required to fix an arbitrary file write vulnerability. A flaw is present in the applications, which fail to properly handle a junction attack and waiting for an update operation. Successful e ... oval:org.secpod.oval:def:27053 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to an arbitrary file write vulnerability. A flaw is present in the applications, which fail to properly handle a junction attack and waiting for an update operation. Successful exploitation could allo ... oval:org.secpod.oval:def:27041 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the applications, which fail to properly handle a crafted header in a WebM video. Successful exploitation could allow attackers to e ... oval:org.secpod.oval:def:27043 The host is installed with Mozilla Firefox before 41.0 or Firefox ESR 38.x before 38.3 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to properly handle crafted JavaScript code that modifies the URI table of a media element. Successful exploitation ... oval:org.secpod.oval:def:27042 The host is missing an important security update according to Mozilla advisory, MFSA 2015-105. The update is required to fix a heap-based buffer overflow vulnerability. A flaw is present in the applications, which fail to properly handle a crafted header in a WebM video. Successful exploitation coul ... oval:org.secpod.oval:def:27044 The host is missing a critical security update according to Mozilla advisory, MFSA 2015-106. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fail to properly handle crafted JavaScript code that modifies the URI table of a media element. Suc ... oval:org.secpod.oval:def:26365 The host is installed with Mozilla Firefox before 40.0 or Firefox ESR 38.x before 38.2 and is prone to an out-of-bounds read vulnerability. A flaw is present in the applications, which fail to properly handle inconsistent sample formats within MP3 audio data. Successful exploitation allows remote at ... oval:org.secpod.oval:def:26367 The host is installed with Mozilla Firefox before 40.0, Thunderbird 38.x before 38.2 or Firefox ESR 38.x before 38.2 and is prone to multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to properly handle unknown vectors. Successful exploitation allows remote a ... oval:org.secpod.oval:def:26366 The host is missing an important security update according to Mozilla advisory, MFSA2015-80. The update is required to fix an out-of-bounds read vulnerability. A flaw is present in the applications, which fail to properly handle inconsistent sample formats within MP3 audio data. Successful exploitat ... oval:org.secpod.oval:def:26369 The host is missing a critical security update according to Mozilla advisory, MFSA2015-79. The update is required to fix multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to properly handle unknown vectors. Successful exploitation allows remote attackers to ... oval:org.secpod.oval:def:26361 The host is installed with Mozilla Firefox before 40.0 or Firefox ESR 38.x before 38.2 and is prone to a same origin policy bypass vulnerability. A flaw is present in the applications, which fail to properly impose certain ECMAScript 6 requirements on JavaScript object properties. Successful exploit ... oval:org.secpod.oval:def:26360 The host is installed with Mozilla Firefox before 40.0 or Firefox ESR 38.x before 38.2 and is prone to multiple integer overflows vulnerability. The flaws are present in the applications, which fail to properly handle a crafted saio chunk in MPEG-4 video data. Successful exploitation allows remote a ... oval:org.secpod.oval:def:26362 The host is missing an important security update according to Mozilla advisory, MFSA2015-82. The update is required to fix a same origin policy bypass vulnerability. A flaw is present in the applications, which fail to properly impose certain ECMAScript 6 requirements on JavaScript object properties ... oval:org.secpod.oval:def:26358 The host is missing an important security update according to Mozilla advisory, MFSA2015-84. The update is required to fix a race condition vulnerability. A flaw is present in the applications, which fail to properly handle vectors involving a hard link to a log file during an update. Successful exp ... oval:org.secpod.oval:def:26359 The host is installed with Mozilla Firefox before 40.0 or Firefox ESR 38.x before 38.2 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fail to properly handle crafted MPEG-4 video data with H.264 encoding. Successful exploitation allows remote attacker ... oval:org.secpod.oval:def:31593 The host is installed with Mozilla Firefox before 42.0 or Firefox ESR 38.x before 38.4 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the applications, which fail to properly handle crafted OCTET STRING data. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:31594 The host is installed with Mozilla Firefox before 42.0 or Firefox ESR 38.x before 38.4 and is prone to a denial of service vulnerability. A flaw is present in the applications, which fail to properly handle crafted OCTET STRING data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:31591 The host is missing a critical security update according to Mozilla advisory, MFSA2015-133. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow atta ... oval:org.secpod.oval:def:31592 The host is installed with Oracle VM VirtualBox 4.0.x before 4.0.36, 4.1.x before 4.1.44, 4.2.x before 4.2.36, 4.3.x before 4.3.34 or 5.0.x before 5.0.10, Mozilla Firefox before 42.0 or Firefox ESR 38.x before 38.4 and is prone to a memory corruption vulnerability. A flaw is present in the applicati ... oval:org.secpod.oval:def:31586 The host is missing an important security update according to Mozilla advisory, MFSA2015-123. The update is required to fix a heap-based buffer overflow vulnerability. A flaw is present in the applications, which fail to properly handle vectors involving a CANVAS element and crafted JavaScript code. ... oval:org.secpod.oval:def:31587 The host is installed with Mozilla Firefox before 42.0 or Firefox ESR 38.x before 38.4 and is prone to a cross site scripting vulnerability. A flaw is present in the applications, which fail to properly handle whitepsace characters in an IP address string. Successful exploitation could allow remote ... oval:org.secpod.oval:def:31588 The host is missing a security update according to Mozilla advisory, MFSA2015-122. The update is required to fix a cross site scripting vulnerability. A flaw is present in the applications, which fail to properly handle whitepsace characters in an IP address string. Successful exploitation could all ... oval:org.secpod.oval:def:31582 The host is missing an important security update according to Mozilla advisory, MFSA2015-128. The update is required to fix a buffer underflow vulnerability. A flaw is present in the applications, which fail to properly handle a crafted ZIP archive. Successful exploitation could allow attackers to c ... oval:org.secpod.oval:def:31583 The host is installed with Mozilla Firefox before 42.0 or Firefox ESR 38.x before 38.4 and is prone to a same origin policy bypass vulnerability. A flaw is present in the applications, which fail to properly follow the CORS cross-origin request algorithm for the POST method in situations involving a ... oval:org.secpod.oval:def:31584 The host is missing an important security update according to Mozilla advisory, MFSA2015-127. The update is reqiored to fix a same origin policy bypass vulnerability. A flaw is present in the applications, which fail to properly follow the CORS cross-origin request algorithm for the POST method in s ... oval:org.secpod.oval:def:31585 The host is installed with Mozilla Firefox before 42.0 or Firefox ESR 38.x before 38.4 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the applications, which fail to properly handle vectors involving a CANVAS element and crafted JavaScript code. Successful exploitat ... oval:org.secpod.oval:def:31581 The host is installed with Mozilla Firefox before 42.0 or Firefox ESR 38.x before 38.4 and is prone to a buffer underflow vulnerability. A flaw is present in the applications, which fail to properly handle a crafted ZIP archive. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:31575 The host is installed with Mozilla Firefox before 42.0 or Firefox ESR 38.x before 38.4 and is prone to a mixed-content restriction bypass vulnerability. A flaw is present in the applications, which fail to properly handle crafted JavaScript code. Successful exploitation could allow attackers to bypa ... oval:org.secpod.oval:def:31576 The host is missing a security update according to Mozilla advisory, MFSA2015-132. The update is required to fix a mixed-content restriction bypass vulnerability. A flaw is present in the applications, which fail to properly handle crafted JavaScript code. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:31577 The host is installed with Mozilla Firefox before 42.0 or Firefox ESR 38.x before 38.4 and is prone to a denial of service vulnerability. A flaw is present in the applications, which fail to properly handle a crafted Java applet. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:31578 The host is missing an important security update according to Mozilla advisory, MFSA2015-130. The update is required to fix a denial of service vulnerability. A flaw is present in the applications, which fail to properly handle a crafted Java applet. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:31601 The host is missing a critical security update according to Mozilla advisory, MFSA2015-116. The update is required to fix multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to properly handle unknown vectors. Successful exploitation could allow attackers to e ... oval:org.secpod.oval:def:31600 The host is installed with Mozilla Firefox before 42.0 or Firefox ESR 38.x before 38.4 and is prone to multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to properly handle unknown vectors. Successful exploitation could allow attackers to execute arbitrary co ... oval:org.secpod.oval:def:30732 The host is installed with Mozilla Firefox before 40.0.3 or Firefox ESR 38.x before 38.2.1 and is prone to a security bypass vulnerability. A flaw is present in the applications, which fail to handle a crafted data: URL. Successful exploitation could allow attackers to bypass an intended user-confir ... oval:org.secpod.oval:def:30733 The host is missing an important security update according to Mozilla advisory, MFSA2015-78. The update is required to fix a same origin policy bypass vulnerability. A flaw is present in the applications, which fail to handle vectors involving crafted JavaScript code and a native setter. Successful ... oval:org.secpod.oval:def:30734 The host is missing an important security update according to Mozilla advisory, MFSA2015-94. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:30735 The host is missing an important security update according to Mozilla advisory, MFSA2015-95. The update is required to fix a security bypass vulnerability. A flaw is present in the applications, which fail to handle a crafted data: URL. Successful exploitation could allow attackers to bypass an inte ... oval:org.secpod.oval:def:30730 The host is installed with Mozilla Firefox before 39.0.3 or Firefox ESR 38.x before 38.1.1 and is prone to a same origin policy bypass vulnerability. A flaw is present in the applications, which fail to handle vectors involving crafted JavaScript code and a native setter. Successful exploitation cou ... oval:org.secpod.oval:def:30731 The host is installed with Mozilla Firefox before 40.0.3 or Firefox ESR 38.x before 38.2.1 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Successful exploitation could allow attackers to execute arbitrary code by leveragi ... oval:org.secpod.oval:def:48211 Mozilla Firefox 63, Mozilla Firefox ESR 60.3 : A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16 representation could result in allocating a buffer too small for the conversion. This leads to a possible out-of-bounds ... oval:org.secpod.oval:def:62410 Mozilla Firefox 75, Mozilla Firefox ESR 68.7 and Mozilla Thunderbird 68.7.0 : On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in <code>GMPDecodeData</code>. It is possible that with enough effort this could have been exploited to run arbitrary c ... oval:org.secpod.oval:def:9702 The host is missing a critical security update according to Mozilla advisory, MFSA 2013-16. The update is required to fix use-after-free vulnerability. A flaw is present in the applications, which fail to handle crafted web content. Successful exploitation allows remote attackers to execute arbitrar ... oval:org.secpod.oval:def:9701 The host is missing a critical security update according to Mozilla advisory, MFSA 2013-17. The update is required to fix use-after-free vulnerability. A flaw is present in the applications, which fail to handle vectors that involve the triggering of garbage collection after memory allocation for li ... oval:org.secpod.oval:def:9703 The host is missing a security update according to Mozilla advisory, MFSA 2013-13. The update is required to fix memory corruption vulnerability. A flaw is present in the applications, which fail to handle a crafted XBL file with multiple bindings that have SVG content. Successful exploitation allow ... oval:org.secpod.oval:def:9700 The host is missing a critical security update according to Mozilla advisory, MFSA 2013-18. The update is required to fix use-after-free vulnerability. A flaw is present in the applications, which fail to handle vectors related to the domDoc pointer. Successful exploitation allows remote attackers t ... oval:org.secpod.oval:def:9709 The host is missing a security update according to Mozilla advisory, MFSA 2013-10. The update is required to fix same-origin policy bypass vulnerability. A flaw is present in the applications, which fail to properly enforce the Same Origin Policy. Successful exploitation allows remote attackers to c ... oval:org.secpod.oval:def:9706 The host is missing a critical security update according to Mozilla advisory, MFSA 2013-05. The update is required to fix use-after-free vulnerability. A flaw is present in the applications, which fail to handle an HTML document with a table containing many columns and column groups. Successful expl ... oval:org.secpod.oval:def:9705 The host is missing a critical security update according to Mozilla advisory, MFSA 2013-12. The update is required to fix Integer overflow vulnerability. A flaw is present in the applications, which fail to handle a crafted string concatenation, leading to improper memory allocation. Successful expl ... oval:org.secpod.oval:def:9708 The host is missing a security update according to Mozilla advisory, MFSA 2013-09. The update is required to fix denial of service vulnerability. A flaw is present in the applications, which fail to properly implement quickstubs that use the jsval data type for their return values. Successful exploi ... oval:org.secpod.oval:def:9707 The host is missing a critical security update according to Mozilla advisory, MFSA 2013-08. The update is required to fix remote code execution vulnerability. A flaw is present in the applications, which fail to properly interact with garbage collection. Successful exploitation allows remote attacke ... oval:org.secpod.oval:def:9710 The host is missing a security update according to Mozilla advisory, MFSA 2013-11. The update is required to fix information disclosure vulnerability. A flaw is present in the applications, which fail to prevent calling the toString function of an XBL object. Successful exploitation allows remote at ... oval:org.secpod.oval:def:9669 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1 or SeaMonkey before 2.15 and is prone to denial of service vulnerability. A flaw is present in the app ... oval:org.secpod.oval:def:9668 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1 or SeaMonkey before 2.15 and is prone to multiple unspecified vulnerabilities. The flaws are present i ... oval:org.secpod.oval:def:9665 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to stack-based buffer overflow vulnerability. A flaw is present in the applications, which fail to handle an HTM ... oval:org.secpod.oval:def:9666 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1 or SeaMonkey before 2.15 and is prone to heap-based buffer overflow vulnerability. A flaw is present in the applications, which fail to handle a craft ... oval:org.secpod.oval:def:9698 The host is missing a security update according to Mozilla advisory, MFSA 2013-14. The update is required to fix arbitrary code execution vulnerability. A flaw is present in the applications, which fail to prevent modifications to the prototype of an object. Successful exploitation allows remote att ... oval:org.secpod.oval:def:9697 The host is missing a critical security update according to Mozilla advisory, MFSA 2013-15. The update is required to fix privilege escalation vulnerability. A flaw is present in the applications, which fail to handle improper interaction between plugin objects and SVG elements. Successful exploitat ... oval:org.secpod.oval:def:9699 The host is missing a critical security update according to Mozilla advisory, MFSA 2013-19. The update is required to fix use-after-free vulnerability. A flaw is present in the applications, which fail to handle a crafted web page referencing JavaScript Proxy objects that are not properly handled du ... oval:org.secpod.oval:def:9694 The host is missing a critical security update according to Mozilla advisory, MFSA 2013-03. The update is required to fix stack-based buffer overflow vulnerability. A flaw is present in the applications, which fail to handle an HTML document that specifies invalid width and height values. Successfu ... oval:org.secpod.oval:def:9693 The host is missing a critical security update according to Mozilla advisory, MFSA 2013-01. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle certain vectors and memory. Successful exploitation allows attackers to execute arbitra ... oval:org.secpod.oval:def:9696 The host is missing a security update according to Mozilla advisory, MFSA 2013-04. The update is required to fix URL spoofing vulnerability. A flaw is present in the applications, which fail to handle vectors involving authentication information in the userinfo field of a URL. Successful exploitatio ... oval:org.secpod.oval:def:9695 The host is missing a security update according to Mozilla advisory, MFSA 2013-07. The update is required to fix remote code execution vulnerability. A flaw is present in the applications, which fail to ensure thread safety for SSL sessions. Successful exploitation allows remote attackers to execute ... oval:org.secpod.oval:def:9690 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to remote code execution vulnerability. A flaw is present in the applications, which fail to properly interact w ... oval:org.secpod.oval:def:9692 The host is missing a critical security update according to Mozilla advisory, MFSA 2013-02. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle certain vectors and memory. Successful exploitation allows attackers to execute arbitrar ... oval:org.secpod.oval:def:9691 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to use-after-free vulnerability. A flaw is present in the applic ... oval:org.secpod.oval:def:9679 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to use-after-free vulnerability. A flaw is present in the applications, which fail to handle a crafted web page ... oval:org.secpod.oval:def:9676 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to URL spoofing vulnerability. A flaw is present in the applicat ... oval:org.secpod.oval:def:9678 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to arbitrary code execution vulnerability. A flaw is present in the applications, which fail to prevent modifica ... oval:org.secpod.oval:def:9677 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to privilege escalation vulnerability. A flaw is present in the ... oval:org.secpod.oval:def:9672 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1 or SeaMonkey before 2.15 and is prone to use-after-free vulnerability. A flaw is present in the applications, which fail to handle vectors related to ... oval:org.secpod.oval:def:9671 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to remote code execution vulnerability. A flaw is present in the applications, which fail to ensure thread safet ... oval:org.secpod.oval:def:9674 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1 or SeaMonkey before 2.15 and is prone to use-after-free vulnerability. A flaw is present in the applications, which fail to handle some unspecified ve ... oval:org.secpod.oval:def:9673 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1 or SeaMonkey before 2.15 and is prone to use-after-free vulnerability. A flaw is present in the applic ... oval:org.secpod.oval:def:9670 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1 or SeaMonkey before 2.15 and is prone to use-after-free vulnerability. A flaw is present in the applic ... oval:org.secpod.oval:def:9687 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to information disclosure vulnerability. A flaw is present in th ... oval:org.secpod.oval:def:9686 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1 or SeaMonkey before 2.15 and is prone to multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to handle some un ... oval:org.secpod.oval:def:9689 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to denial of service vulnerability. A flaw is present in the app ... oval:org.secpod.oval:def:9688 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to same-origin policy bypass vulnerability. A flaw is present in the applications, which fail to properly enforc ... oval:org.secpod.oval:def:9683 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to memory corruption vulnerability. A flaw is present in the applications, which fail to handle a crafted XBL fi ... oval:org.secpod.oval:def:9682 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to use-after-free vulnerability. A flaw is present in the applic ... oval:org.secpod.oval:def:9685 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to Integer overflow vulnerability. A flaw is present in the appl ... oval:org.secpod.oval:def:9681 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to use-after-free vulnerability. A flaw is present in the applic ... oval:org.secpod.oval:def:9680 The host is installed with Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2 or SeaMonkey before 2.15 and is prone to use-after-free vulnerability. A flaw is present in the applications, which fail to handle vectors related to ... oval:org.secpod.oval:def:9911 The host is installed with Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3 or SeaMonkey before 2.16 and is prone to information disclosure vulnerability. A flaw is present in the applications, which fail to prevent modificati ... oval:org.secpod.oval:def:9910 The host is installed with Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3 and SeaMonkey before 2.16 and is prone to information disclosure vulnerability. A flaw is present in the applications, which fail to prevent JavaScrip ... oval:org.secpod.oval:def:9919 The host is installed with Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3 or SeaMonkey before 2.16 and is prone to multiple memory safety vulnerabilities. The flaws are present in the applications, which fail to handle certa ... oval:org.secpod.oval:def:9914 The host is installed with Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3 or SeaMonkey before 2.16 and is prone to heap-based buffer overflow vulnerability. A flaw is present in the applications, which fail to handle the nsS ... oval:org.secpod.oval:def:9916 The host is installed with Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3 or SeaMonkey before 2.16 and is prone to use-after-free vulnerability. A flaw is present in the applications, which fail to handle a crafted document ... oval:org.secpod.oval:def:9922 The host is missing a security update according to Mozilla advisory, MFSA 2013-28. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle certain functions. Successful exploitation allows remote attackers to execute arbitrary code or c ... oval:org.secpod.oval:def:9921 The host is missing a security update according to Mozilla advisory, MFSA 2013-21. The update is required to fix multiple memory safety vulnerabilities. The flaws are present in the applications, which fail to handle certain unspecified vectors. Successful exploitation allows remote attackers to cau ... oval:org.secpod.oval:def:9926 The host is missing a security update according to Mozilla advisory, MFSA 2013-25. The update is required to fix information disclosure vulnerability. A flaw is present in the applications, which fail to prevent JavaScript workers from reading the browser-profile directory name. Successful exploitat ... oval:org.secpod.oval:def:9925 The host is missing a security update according to Mozilla advisory, MFSA 2013-24. The update is required to fix information disclosure vulnerability. A flaw is present in the applications, which fail to prevent modifications to a prototype. Successful exploitation allows remote attackers to obtain ... oval:org.secpod.oval:def:9928 The host is missing a security update according to Mozilla advisory, MFSA 2013-27. The update is required to fix address spoofing vulnerability. A flaw is present in the applications, which fail to handle a proxy server that provides a 407 HTTP status code accompanied by web script. Successful explo ... oval:org.secpod.oval:def:9927 The host is missing a security update according to Mozilla advisory, MFSA 2013-26. The update is required to fix use-after-free vulnerability. A flaw is present in the applications, which fail to handle the the nsImageLoadingContent::OnStopContainer function. Successful exploitation allows remote at ... oval:org.secpod.oval:def:9908 The host is installed with Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3 and SeaMonkey before 2.16 and is prone to address spoofing vulnerability. A flaw is present in the applications, which fail to handle a proxy server t ... oval:org.secpod.oval:def:9909 The host is installed with Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3 or SeaMonkey before 2.16 and is prone to use-after-free vulnerability. A flaw is present in the applications, which fail to handle the the nsImageLoad ... oval:org.secpod.oval:def:32421 The host is missing an important security update according to Mozilla advisory, MFSA2015-145. The update is required to fix an information disclosure vulnerability. A flaw is present in the applications, which fail to handle a crafted WebRTC RTP packet. Successful exploitation allows remote attacker ... oval:org.secpod.oval:def:32417 The host is missing a critical security update according to Mozilla advisory, MFSA2015-149. The update is required to fix a same origin policy bypass vulnerability. A flaw is present in the applications, which fail to handle data: and view-source: URIs. Successful exploitation allows remote attacker ... oval:org.secpod.oval:def:32419 The host is missing an important security update according to Mozilla advisory, MFSA2015-147. The update is required to fix an arbitrary code execution vulnerability. A flaw is present in the applications, which fail to handle MP4 video file with crafted covr metadata that triggers a buffer overflow ... oval:org.secpod.oval:def:32450 The host is installed with Mozilla Firefox before 43.0 or Firefox ESR 38.x before 38.5 and is prone to an arbitrary code execution vulnerability. A flaw is present in the applications, which fail to handle MP4 video file with crafted covr metadata that triggers a buffer overflow. Successful exploita ... oval:org.secpod.oval:def:32441 The host is installed with Mozilla Firefox before 43.0, Firefox ESR 38.x before 38.5 or Thunderbird 38.x before 38.5 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fail to handle large texture allocation. Successful exploitation allows remote attacker ... oval:org.secpod.oval:def:32443 The host is installed with Mozilla Firefox before 43.0, Firefox ESR 38.x before 38.5 or Thunderbird 38.x before 38.5 and is prone to a same origin policy bypass vulnerability. A flaw is present in the applications, which fail to handle data: and view-source: URIs. Successful exploitation allows remo ... oval:org.secpod.oval:def:32439 The host is installed with Mozilla Firefox before 43.0 or Firefox ESR 38.x before 38.5 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to handle data channel that has been closed by a WebRTC function. Successful exploitation allows remote attackers ... oval:org.secpod.oval:def:32433 The host is installed with Mozilla Firefox before 43.0, Firefox ESR 38.x before 38.5 or Thunderbird 38.x before 38.5 and is prone to multiple unspecified vulnerabilities. The flaws are present in the application, which fails to handle unknown vectors. Successful exploitation allows remote attackers ... oval:org.secpod.oval:def:32436 The host is installed with Mozilla Firefox before 43.0, Firefox ESR 38.x before 38.5 or Thunderbird 38.x before 38.5 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fail to handle a crafted WebRTC RTP packet. Successful exploitation allows remote ... oval:org.secpod.oval:def:32432 The host is installed with Mozilla Firefox before 43.0, Firefox ESR 38.x before 38.5 or Thunderbird 38.x before 38.5 and is prone to multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation allows remote attackers ... oval:org.secpod.oval:def:32431 The host is missing a security update according to Mozilla advisory, MFSA2015-134. The update is required to fix multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation could allows remote attackers to cause a den ... oval:org.secpod.oval:def:32427 The host is missing a security update according to Mozilla advisory, MFSA2015-138. The update is required to fix a use-after-free vulnerability. A flaw is present in the applications, which fail to handle data channel that has been closed by a WebRTC function. Successful exploitation allows remote a ... oval:org.secpod.oval:def:32426 The host is missing a security update according to Mozilla advisory, MFSA2015-139. The update is required to fix an integer overflow vulnerability. A flaw is present in the applications, which fail to handle large texture allocation. Successful exploitation allows remote attackers to execute arbitra ... oval:org.secpod.oval:def:32965 The host is installed with Mozilla Firefox before 43.0, Firefox ESR 38.x before 38.6.1 or Mozilla Thunderbird before 38.6 and is prone to a denial of service vulnerability. A flaw is present in the applications, which fail to handle a crafted graphite smart font. Successful exploitation allows remot ... oval:org.secpod.oval:def:32962 The host is installed with Mozilla Firefox before 43.0, Firefox ESR 38.x before 38.6.1 or Mozilla Thunderbird before 38.6 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fail to handle a crafted graphite smart font. Successful exploitation allows ... oval:org.secpod.oval:def:32964 The host is missing an important security update according to Mozilla advisory, MFSA2016-14. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a crafted graphite smart font. Successful exploitation allows remote attackers to cause ... oval:org.secpod.oval:def:32963 The host is installed with Mozilla Firefox before 43.0, Firefox ESR 38.x before 38.6.1 or Mozilla Thunderbird before 38.6 and is prone to an arbitrary code execution vulnerability. A flaw is present in the applications, which fail to handle a crafted graphite smart font. Successful exploitation allo ... oval:org.secpod.oval:def:32959 The host is installed with Mozilla Firefox before 43.0, Firefox ESR 38.x before 38.6.1 or Thunderbird 38.x before 38.6 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fail to handle a crafted graphite smart font. Successful exploitation allows re ... oval:org.secpod.oval:def:32768 The host is missing a critical security update according to Mozilla advisory, MFSA2016-03. The update is required to fix a buffer overflow vulnerability. A flaw is present in the applications, which fail to handle crafted data. Successful exploitation allows remote attackers to cause a denial of ser ... oval:org.secpod.oval:def:32767 The host is installed with Mozilla Firefox before 44.0, Firefox ESR 38.x before 38.6 or Mozilla Thunderbird before 38.6 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle crafted data. Successful exploitation allows remote attackers to caus ... oval:org.secpod.oval:def:32764 The host is missing a critical security update according to Mozilla advisory, MFSA2016-01. The update is required to fix multiple vulnerabilities. A flaw is present in the applications, which fail to handle crafted data. Successful exploitation allows remote attackers to cause a denial of service (m ... oval:org.secpod.oval:def:32762 The host is installed with Mozilla Firefox before 44.0, Firefox ESR 38.x before 38.6 or Mozilla Thunderbird 38.x before 38.6 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle crafted data. Successful exploitation allows remote attackers to ... oval:org.secpod.oval:def:24274 The host is installed with Microsoft IE 11, Edge, Mozilla Firefox before 44.0 or Google Chrome before 48.0.2564.82 and is prone to a bar mitzvah attack vulnerability. A flaw is present in the RC4 algorithm, which does not properly combine state data with key data during the initialization phase. Suc ... oval:org.secpod.oval:def:33416 The host is installed with Mozilla Firefox before 45.0, Firefox ESR 38.x before 38.7 or Mozilla Thunderbird 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the CachedCmap.cpp in Graphite, which fails to handle a crafted graphite smart font. Successful exploit ... oval:org.secpod.oval:def:33413 The host is installed with Mozilla Firefox before 45.0, Firefox ESR 38.x before 38.7 or Mozilla Thunderbird 38.x before 38.7 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the graphite2::vm::Machine::Code::Code function in Graphite, which fails to handle a crafted g ... oval:org.secpod.oval:def:32565 The host is installed with Mozilla Firefox before 43.0.2 or Firefox ESR 38.x before 38.5.2, Mozilla Thunderbird 38.x before 38.6, Oracle Java SE through 6u105, through 7u91 or through 8u66 and is prone to a server spoofing vulnerability. A flaw is present in the applications, which fail to handle MD ... oval:org.secpod.oval:def:33412 The host is installed with Mozilla Firefox before 45.0, Firefox ESR 38.x before 38.7 or Mozilla Thunderbird 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite, which fails to handle a crafted grap ... oval:org.secpod.oval:def:33415 The host is installed with Mozilla Firefox before 45.0, Firefox ESR 38.x before 38.7 or Mozilla Thunderbird 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite, which fails to handle a craft ... oval:org.secpod.oval:def:33414 The host is installed with Mozilla Firefox before 45.0, Firefox ESR 38.x before 38.7 or Mozilla Thunderbird 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the graphite2::FileFace::get_table_fn function in Graphite, which fails to handle a crafted graphite sm ... oval:org.secpod.oval:def:32564 The host is missing an important security update according to Mozilla advisory, MFSA2015-150. The update is required to fix a server spoofing vulnerability. A flaw is present in the applications, which fail to handle MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffi ... oval:org.secpod.oval:def:33411 The host is installed with Mozilla Firefox before 45.0, Firefox ESR 38.x before 38.7 or Mozilla Thunderbird 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the graphite2::GlyphCache::Loader::Loader function in Graphite, which fails to handle a crafted graphit ... oval:org.secpod.oval:def:33410 The host is installed with Mozilla Firefox before 45.0, Firefox ESR 38.x before 38.7 or Mozilla Thunderbird 38.x before 38.7 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the graphite2::Slot::setAttr function in Graphite, which fails to handle a crafted graphite sm ... oval:org.secpod.oval:def:33408 The host is installed with Mozilla Firefox before 45.0, Firefox ESR 38.x before 38.7 or Mozilla Thunderbird 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp function in Graphite, which fails ... oval:org.secpod.oval:def:33407 The host is installed with Mozilla Firefox before 45.0, Firefox ESR 38.x before 38.7 or Mozilla Thunderbird 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphite, which fails to handle a crafte ... oval:org.secpod.oval:def:33409 The host is installed with Mozilla Firefox before 45.0, Firefox ESR 38.x before 38.7 or Mozilla Thunderbird 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the graphite2::Slot::getAttr function in Slot.cpp function in Graphite, which fails to handle a crafted ... oval:org.secpod.oval:def:38134 The host is installed with Mozilla Firefox before 50.0.2, Firefox ESR before 45.5.1 or Thunderbird 45.x before 45.5.1 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:38135 The host is missing a critical security update according to Mozilla advisory, MFSA2016-92. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Successful exploitation could allow attackers to execute remote code. oval:org.secpod.oval:def:34192 The host is installed with Mozilla Firefox ESR 38.x before 38.8 or 45.x before 45.1, Mozilla thunderbird 38.x before 38.8 or 45.0 or Firefox before 46.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle unknown vectors. Successful exploita ... oval:org.secpod.oval:def:34193 The host is missing an important security update according to Mozilla advisory, MFSA2016-39. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation allows remote attackers to e ... oval:org.secpod.oval:def:34190 The host is installed with Mozilla Firefox before 46.0, Firefox ESR 45.x before 45.1 or 38.x before 38.8 or Thunderbird 45.0 or 38.x before 38.8 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Successful exploitation all ... oval:org.secpod.oval:def:34198 The host is missing an important security update according to Mozilla advisory, MFSA2016-44. The update is required to fix a heap buffer overflow vulnerability. A flaw is present in the libstagefright library, which fails to handle CENC offsets and the sizes table. Successful exploitation allows rem ... oval:org.secpod.oval:def:34197 The host is installed with Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8 or 45.x before 45.1 and is prone to a heap buffer overflow vulnerability. A flaw is present in the libstagefright library, which fails to handle CENC offsets and the sizes table. Successful exploitation allows remot ... oval:org.secpod.oval:def:34188 The host is installed with Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, 45.x before 45.1 or Mozilla thunderbird 38.x before 38.8 or 45.0 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Successful exploitati ... oval:org.secpod.oval:def:36593 The host is missing an important security update according to Mozilla advisory, MFSA2016-77. The update is required to fix a buffer overflow vulnerability. A flaw is present in the applications, which fail to handle malformed video file due to incorrect error handling. Successful exploitation allows ... oval:org.secpod.oval:def:36592 The host is installed with Mozilla Firefox before 48.0 or Firefox ESR before 45.3 and is prone to a buffer overflow vulnerability. A flaw is present in the applications, which fail to handle malformed video file due to incorrect error handling. Successful exploitation allows remote attackers to exec ... oval:org.secpod.oval:def:36591 The host is missing an important security update according to Mozilla advisory, MFSA2016-76. The update is required to fix a cross-site scripting vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Successful exploitation allows remote attackers to execute scr ... oval:org.secpod.oval:def:36590 The host is installed with Mozilla Firefox before 48.0 or Firefox ESR before 45.3 and is prone to a cross-site scripting vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Successful exploitation allows remote attackers to execute scripts on marquee tag in sa ... oval:org.secpod.oval:def:36599 The host is missing an important security update according to Mozilla advisory, MFSA2016-80. The update is required to fix a same-origin policy bypass vulnerability. A flaw is present in the applications, which fail to a handle local HTML file and saved shortcut file. Successful exploitation allows ... oval:org.secpod.oval:def:36598 The host is installed with Mozilla Firefox before 48.0 or Firefox ESR before 45.3 and is prone to a same-origin policy bypass vulnerability. A flaw is present in the applications, which fail to a handle local HTML file and saved shortcut file. Successful exploitation allows remote attackers to bypas ... oval:org.secpod.oval:def:36597 The host is missing an important security update according to Mozilla advisory, MFSA2016-79. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Successful exploitation allows remote attackers to crash the servic ... oval:org.secpod.oval:def:36596 The host is installed with Mozilla Firefox before 48.0 or Firefox ESR before 45.3 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:36595 The host is missing an important security update according to Mozilla advisory, MFSA2016-78. The update is required to fix a type confusion vulnerability. A flaw is present in the applications, which fail to properly check bounds. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:36594 The host is installed with Mozilla Firefox before 48.0 or Firefox ESR before 45.3 and is prone to a type confusion vulnerability. A flaw is present in the applications, which fail to properly check bounds. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:37273 The host is installed with Mozilla Firefox before 49.0, Firefox ESR before 45.4 or Thunderbird 45.x before 45.4 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to properly manipulate SVG format content through script. Successful exploitation allows ... oval:org.secpod.oval:def:37272 The host is installed with Mozilla Firefox before 49.0, Firefox ESR before 45.4 or Thunderbird 45.x before 45.4 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to properly manage changing text direction. Successful exploitation allows remote attacke ... oval:org.secpod.oval:def:37270 The host is installed with Mozilla Firefox before 49.0 or Firefox ESR before 45.4 and is prone to a heap-buffer-overflow vulnerability. A flaw is present in the applications, which fail to properly encode image frames to images. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:37279 The host is installed with Mozilla Firefox before 49.0, Firefox ESR before 45.4 or Thunderbird 45.x before 45.4 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle crafted data. Successful exploitation allows remote attackers to exe ... oval:org.secpod.oval:def:37276 The host is installed with Mozilla Firefox before 49.0, Firefox ESR before 45.4 or Thunderbird 45.x before 45.4 and is prone to a malicious add-on injection vulnerability. A flaw is present in the applications, which fail to properly handle mis-issued certificate for a Mozilla web site. Successful e ... oval:org.secpod.oval:def:37263 The host is installed with Mozilla Firefox before 49.0, Firefox ESR before 45.4 or Thunderbird 45.x before 45.4 and is prone to a heap based buffer overflow vulnerability. A flaw is present in the applications, which fail to properly handle text conversion with some unicode characters. Successful ex ... oval:org.secpod.oval:def:37269 The host is installed with Mozilla Firefox before 49.0, Firefox ESR before 45.4 or Thunderbird 45.x before 45.4 and is prone to a heap-use-after-free vulnerability. A flaw is present in the applications, which fail to properly handle web animations when destroying a timeline. Successful exploitation ... oval:org.secpod.oval:def:37268 The host is installed with Mozilla Firefox before 49.0, Firefox ESR before 45.4 or Thunderbird 45.x before 45.4 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to properly handle web animations. Successful exploitation allows remote attackers to exe ... oval:org.secpod.oval:def:37267 The host is installed with Mozilla Firefox before 49.0, Firefox ESR before 45.4 or Thunderbird 45.x before 45.4 and is prone to a heap-use-after-free vulnerability. A flaw is present in the applications, which fail to properly handle an attribute. Successful exploitation allows remote attackers to e ... oval:org.secpod.oval:def:37265 The host is installed with Mozilla Firefox before 49.0, Firefox ESR before 45.4 or Thunderbird 45.x before 45.4 and is prone to a denial of service vulnerability. A flaw is present in the applications, which fail to cast layout with input elements. Successful exploitation allows remote attackers to ... oval:org.secpod.oval:def:34204 The host is missing an important security update according to Mozilla advisory, MFSA2016-47. The update is required to fix an arbitrary code execution vulnerability. A flaw is present in the JavaScript .watch() method, which can be used to overflow the 32-bit generation count of the underlying HashM ... oval:org.secpod.oval:def:34203 The host is installed with Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8 or 45.x before 45.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the JavaScript .watch() method, which can be used to overflow the 32-bit generation count of the underlying HashMap ... oval:org.secpod.oval:def:34961 The host is installed with Mozilla Firefox before 47.0 or Firefox ESR before 45.2 and is prone to an out-of-bounds write vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to cause out-of-bounds write or crash th ... oval:org.secpod.oval:def:34962 The host is missing an important security update according to Mozilla advisory, MFSA2016-52. The update is required to fix an addressbar spoofing vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to mask the tru ... oval:org.secpod.oval:def:34960 The host is missing an important security update according to Mozilla advisory, MFSA2016-53. The update is required to fix an out-of-bounds write vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to cause out-of ... oval:org.secpod.oval:def:34956 The host is missing a security update according to Mozilla advisory, MFSA2016-55. The update is required to fix a privilege escalation vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to use Mozilla Windows upd ... oval:org.secpod.oval:def:34957 The host is installed with Mozilla Firefox before 47.0 or Firefox ESR before 45.2 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to use Mozilla Windows updater and overw ... oval:org.secpod.oval:def:34954 The host is missing an important security update according to Mozilla advisory, MFSA2016-56. The update is required to fix an use-after-free vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to cause potentially ... oval:org.secpod.oval:def:34955 The host is installed with Mozilla Firefox before 47.0 or Firefox ESR before 45.2 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to cause potentially exploitable crash when t ... oval:org.secpod.oval:def:34950 The host is missing an important security update according to Mozilla advisory, MFSA2016-58. The update is required to fix a privilege escalation vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to escalate per ... oval:org.secpod.oval:def:34951 The host is installed with Mozilla Firefox before 47.0 or Firefox ESR before 45.2 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to escalate permissions, spoofing and cl ... oval:org.secpod.oval:def:38056 The host is installed with Mozilla Firefox before 50.0, Firefox ESR before 45.5 or Thunderbird 45.x before 45.5 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fail to handle large amounts of incoming data. Successful exploitation allows remote attacke ... oval:org.secpod.oval:def:38055 The host is installed with Mozilla Firefox before 50.0 or Firefox ESR before 45.5 and is prone to a man-in-the-middle attack vulnerability. A flaw is present in the applications, which fail to verify that the add-on ID inside the signed package matched the ID of the add-on being updated. Successful ... oval:org.secpod.oval:def:38054 The host is installed with Mozilla Firefox before 50.0, Firefox ESR before 45.5 or Thunderbird 45.x before 45.5 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fail to handle argument length checking in JavaScript. Successful exploitation allows remote ... oval:org.secpod.oval:def:38053 The host is installed with Mozilla Firefox before 50.0, Firefox ESR before 45.5 or Thunderbird 45.x before 45.5 and is prone to an unspecified vulnerability. A flaw is present in the applications, which fail to handle a unknown vector. Successful exploitation allows attackers to choose an arbitrary ... oval:org.secpod.oval:def:38052 The host is installed with Mozilla Firefox before 50.0 or Firefox ESR before 45.5 and is prone to an arbitrary local file write vulnerability. A flaw is present in the applications, which fail to handle Updater's log file in the working directory points to a hardlink. Successful exploitation allows ... oval:org.secpod.oval:def:38051 The host is installed with Mozilla Firefox before 50.0, Firefox ESR before 45.5 or Thunderbird 45.x before 45.5 and is prone to a heap-buffer-overflow vulnerability. A flaw is present in the applications, which fail to properly process SVG content. Successful exploitation allows remote attackers to ... oval:org.secpod.oval:def:38059 The host is installed with Mozilla Firefox before 50.0, Firefox ESR before 45.5 or Thunderbird 45.x before 45.5 and is prone to a memory corruption vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation allows remote attackers to run ... oval:org.secpod.oval:def:38058 The host is installed with Mozilla Firefox before 50.0, Firefox ESR before 45.5 or Thunderbird 45.x before 45.5 and is prone to a unspecified vulnerability. A flaw is present in the applications, which is due to an existing mitigation of timing side-channel attacks is insufficient in some circumstan ... oval:org.secpod.oval:def:38057 The host is installed with Mozilla Firefox before 50.0, Firefox ESR before 45.5 or Thunderbird 45.x before 45.5 and is prone to a same-origin policy bypass vulnerability. A flaw is present in the applications, which fail to handle local HTML file and saved shortcut file. Successful exploitation allo ... oval:org.secpod.oval:def:38432 The host is installed with Mozilla Firefox before 50.1, Firefox ESR before 45.6 or Mozilla Thunderbird 45.x before 45.6 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle unknown vectors. Successful exploitation allows remote attac ... oval:org.secpod.oval:def:38433 The host is installed with Mozilla Firefox before 50.1, Firefox ESR before 45.6 or Thunderbird before 45.6 and is prone to a content security policy (CSP) bypass vulnerability. A flaw is present in the applications, which fail to properly handle event handlers on marquee tag. Successful exploitation ... oval:org.secpod.oval:def:38434 The host is installed with Mozilla Firefox before 50.1, Firefox ESR before 45.6 or Mozilla Thunderbird before 45.6 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle a vector constructor with a varying array within libGLES. Success ... oval:org.secpod.oval:def:36582 The host is installed with Mozilla Firefox before 48.0 or Firefox ESR before 45.3 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to handle DTLS objects in memory that are freed while still actively in use during WebRTC session shutdown. Successful ... oval:org.secpod.oval:def:36585 The host is missing an important security update according to Mozilla advisory, MFSA2016-73. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fail to handle a nested sync event. Successful exploitation allows remote attackers to crash the se ... oval:org.secpod.oval:def:36584 The host is installed with Mozilla Firefox before 48.0 or Firefox ESR before 45.3 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to handle a nested sync event. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:36583 The host is missing an important security update according to Mozilla advisory, MFSA2016-72. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fail to handle DTLS objects in memory that are freed while still actively in use during WebRTC sess ... oval:org.secpod.oval:def:36579 The host is missing an important security update according to Mozilla advisory, MFSA2016-70. The update is required to fix an use-after-free vulnerability. A flaw is present in the application, which fails to handle alt key used in conjunction with toplevel menu items. Successful exploitation allows ... oval:org.secpod.oval:def:36578 The host is installed with Mozilla Firefox before 48.0 or Firefox ESR before 45.3 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to handle alt key used in conjunction with toplevel menu items. Successful exploitation allows remote attackers to cras ... oval:org.secpod.oval:def:36573 The host is missing an important security update according to Mozilla advisory, MFSA2016-67. The update is required to fix a stack underflow vulnerability. A flaw is present in the application, which improperly calculates clipping regions in 2D graphics. Successful exploitation allows remote attacke ... oval:org.secpod.oval:def:36572 The host is installed with Mozilla Firefox before 48.0 or Firefox ESR before 45.3 and is prone to a stack underflow vulnerability. A flaw is present in the applications, which improperly calculate clipping regions in 2D graphics. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:36569 The host is missing an important security update according to Mozilla advisory, MFSA2016-64. The update is required to fix a buffer overflow vulnerability. A flaw is present in the applications, which improperly render SVG format graphics with directional content. Successful exploitation allows remo ... oval:org.secpod.oval:def:36568 The host is installed with Mozilla Firefox before 48.0 or Firefox ESR before 45.3 and is prone to a buffer overflow vulnerability. A flaw is present in the applications, which improperly render SVG format graphics with directional content. Successful exploitation allows remote attackers to crash the ... oval:org.secpod.oval:def:36567 The host is missing an important security update according to Mozilla advisory, MFSA2016-63. The update is required to fix an information disclosure vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Successful exploitation allows remote attackers to disclose ... oval:org.secpod.oval:def:36566 The host is installed with Mozilla Firefox before 48.0 or Firefox ESR before 45.3 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Successful exploitation allows remote attackers to disclose information, such as tra ... oval:org.secpod.oval:def:36565 The host is missing an important security update according to Mozilla advisory, MFSA2016-62. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation allows remote attackers to e ... oval:org.secpod.oval:def:36564 The host is installed with Mozilla Firefox before 48.0, Firefox ESR before 45.3 or Mozilla Thunderbird 45.x before 45.3 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle unknown vectors. Successful exploitation allows remote attackers to r ... oval:org.secpod.oval:def:33430 The host is installed with Mozilla Firefox before 45.0 or Firefox ESR 38.x before 38.6.1 and is prone to a denial of service vulnerability. A flaw is present in the setAttr in Mozilla Firefox, which fails to handle unknown vectors. Successful exploitation allows remote attackers to cause a denial of ... oval:org.secpod.oval:def:33433 The host is installed with Mozilla Firefox before 45.0, Firefox ESR 38.x before 38.7 or Thunderbird 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRuntime.cpp in Mozilla Firefox, which fails ... oval:org.secpod.oval:def:33425 The host is installed with Mozilla Firefox before 45.0, Firefox ESR 38.x before 38.7 or Mozilla Thunderbird 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the nsScannerString::AppendUnicodeTo function in Mozilla Firefox, which fails to handle a crafted Unico ... oval:org.secpod.oval:def:33422 The host is installed with Mozilla Firefox before 45.0, Firefox ESR 38.x before 38.7 or Mozilla Thunderbird 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the Machine::Code::decoder::analysis::set_ref function in Graphite, which fails to handle a crafted gra ... oval:org.secpod.oval:def:33417 The host is installed with Mozilla Firefox before 45.0, Firefox ESR 38.x before 38.7 or Mozilla Thunderbird 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the graphite2::Slot::getAttr function in Slot.cpp in Graphite, which fails to handle a crafted graphite ... oval:org.secpod.oval:def:33419 The host is installed with Mozilla Firefox before 45.0, Firefox ESR 38.x before 38.7 or Mozilla Thunderbird 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the graphite2::TtfUtil::GetTableInfo function in Graphite, which fails to handle a crafted graphite sma ... oval:org.secpod.oval:def:33418 The host is installed with Mozilla Firefox before 45.0, Firefox ESR 38.x before 38.7 or Mozilla Thunderbird 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the graphite2::GlyphCache::glyph function in Graphite, which fails to handle a crafted graphite smart f ... oval:org.secpod.oval:def:34969 The host is installed with Mozilla Firefox before 47.0, Firefox ESR before 45.2.2 or Mozilla Thunderbird 45.x before 45.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to ... oval:org.secpod.oval:def:34967 The host is installed with Mozilla Firefox before 47.0 or Firefox ESR before 45.2 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to crash service. oval:org.secpod.oval:def:34968 The host is missing a critical security update according to Mozilla advisory, MFSA2016-49. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to run ... oval:org.secpod.oval:def:34965 The host is installed with Mozilla Firefox before 47.0 or Firefox ESR before 45.2 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to crash service. oval:org.secpod.oval:def:34966 The host is missing a critical security update according to Mozilla advisory, MFSA2016-50. The update is required to fix a buffer overflow vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to crash service. oval:org.secpod.oval:def:34963 The host is installed with Mozilla Firefox before 47.0 or Firefox ESR before 45.2 and is prone to an addressbar spoofing vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to mask the true site URL, allowing for ... oval:org.secpod.oval:def:34964 The host is missing an important security update according to Mozilla advisory, MFSA2016-51. The update is required to fix an use-after-free vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to crash service. oval:org.secpod.oval:def:33470 The host is missing an important security update according to Mozilla advisory, MFSA2016-38. The update is required to fix a denial of service vulnerability. A flaw is present in the applications, which fails to handle unknown vectors. Successful exploitation allows remote attackers to cause a denia ... oval:org.secpod.oval:def:33467 The host is missing an important security update according to Mozilla advisory, MFSA2016-35. The update is required to fix a heap-based buffer overflow vulnerability. A flaw is present in the Mozilla Network Security Services (NSS), which fails to handle crafted ASN.1 data in an X.509 certificate. S ... oval:org.secpod.oval:def:33469 The host is missing an important security update according to Mozilla advisory, MFSA2016-37. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fails to handle a crafted graphite smart font. Successful exploitation allows remote attackers to caus ... oval:org.secpod.oval:def:33463 The host is missing an important security update according to Mozilla advisory, MFSA2016-31. The update is required to fix a denial of service vulnerability. A flaw is present in the applications, which fails to handle a crafted NPAPI plugin. Successful exploitation allows remote attackers to execut ... oval:org.secpod.oval:def:33466 The host is missing an important security update according to Mozilla advisory, MFSA2016-34. The update is required to fix a denial of service vulnerability. A flaw is present in the applications, which fails to handle a crafted Unicode data in an HTML, XML, or SVG document. Successful exploitation ... oval:org.secpod.oval:def:33460 The host is missing an important security update according to Mozilla advisory, MFSA2016-28. The update is required to fix an unspecified vulnerability. A flaw is present in the applications, which fails to handle a crafted NPAPI plugin. Successful exploitation allows remote attackers to spoof the a ... oval:org.secpod.oval:def:33457 The host is missing an important security update according to Mozilla advisory, MFSA2016-25. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fails to handle WebRTC data-channel connections. Successful exploitation allows remote attackers to ... oval:org.secpod.oval:def:33456 The host is missing an important security update according to Mozilla advisory, MFSA2016-24. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fails to handle a root element, aka ZDI-CAN-3574. Successful exploitation allows remote attackers t ... oval:org.secpod.oval:def:33459 The host is missing an important security update according to Mozilla advisory, MFSA2016-27. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fails to handle XML transformations. Successful exploitation allows remote attackers to execute arb ... oval:org.secpod.oval:def:33453 The host is missing an important security update according to Mozilla advisory, MFSA2016-21. The update is required to fix an unspecified vulnerability. A flaw is present in the applications, which fails to handle a javascript: URL. Successful exploitation allows remote attackers to spoof the addres ... oval:org.secpod.oval:def:33452 The host is missing an important security update according to Mozilla advisory, MFSA2016-20. The update is required to fix denial of service vulnerability. A flaw is present in the applications, which fails to handle an MPEG-4 file that triggers a delete operation on an array. Successful exploitatio ... oval:org.secpod.oval:def:33455 The host is missing an important security update according to Mozilla advisory, MFSA2016-23. The update is required to fix a denial of service vulnerability. A flaw is present in the applications, which fails to handle end tags, as demonstrated by incorrect SVG processing, aka ZDI-CAN-3545. Successf ... oval:org.secpod.oval:def:33450 The host is missing an important security update according to Mozilla advisory, MFSA2016-17. The update is required to fix denial of service vulnerability. A flaw is present in the applications, which fails to prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report. ... oval:org.secpod.oval:def:33449 The host is missing an important security update according to Mozilla advisory, MFSA2016-16. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fails to handle via unknown vectors. Successful exploitation allows remote attackers to cause a denial ... oval:org.secpod.oval:def:33446 The host is installed with Mozilla Firefox before 45.0, Firefox ESR 38.x before 38.7 or Mozilla Thunderbird 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the browser engine in Mozilla Firefox, which fails to handle via unknown vectors. Successful exploitati ... oval:org.secpod.oval:def:33447 The host is installed with Mozilla Firefox before 45.0, Firefox ESR 38.x before 38.7 or Mozilla Thunderbird 38.x before 38.7 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the Mozilla Network Security Services (NSS), which fails to handle crafted ASN.1 data in an X. ... oval:org.secpod.oval:def:33442 The host is installed with Mozilla Firefox before 45.0, Firefox ESR 38.x before 38.7 or Mozilla Thunderbird 38.x before 38.7 and is prone to a memory leak vulnerability. A flaw is present in the libstagefright in Mozilla Firefox, which fails to handle an MPEG-4 file that triggers a delete operation ... oval:org.secpod.oval:def:33441 The host is installed with Mozilla Firefox before 45.0 or Firefox ESR 38.x before 38.7 and is prone to a spoofing vulnerability. A flaw is present in the browser/base/content/browser.js in Mozilla Firefox, which fails to handle a javascript: URL. Successful exploitation allows remote attackers to sp ... oval:org.secpod.oval:def:33444 The host is installed with Mozilla Firefox before 45.0, Firefox ESR 38.x before 38.7 or Mozilla Thunderbird 38.x before 38.7 and is prone to a denial of service vulnerability. A flaw is present in the nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox, which fails ... oval:org.secpod.oval:def:33439 The host is installed with Mozilla Firefox before 45.0, Firefox ESR 38.x before 38.7 or Mozilla Thunderbird 38.x before 38.7 and is prone to an integer underflow vulnerability. A flaw is present in the nsHtml5TreeBuilder class in Mozilla Firefox, which fails to handle end tags, as demonstrated by in ... oval:org.secpod.oval:def:33438 The host is installed with Mozilla Firefox before 45.0, Firefox ESR 38.x before 38.7 or Mozilla Thunderbird 38.x before 38.7 and is prone to an use-after-free vulnerability. A flaw is present in the nsHTMLDocument::SetBody function in dom/html/nsHTMLDocument.cpp, which fails to handle a root element ... oval:org.secpod.oval:def:33435 The host is installed with Mozilla Firefox before 45.0, Firefox ESR 38.x before 38.7 or Mozilla Thunderbird 38.x before 38.7 and is prone to an use-after-free vulnerability. A flaw is present in the AtomicBaseIncDec function in Mozilla Firefox, which fails to handle XML transformations. Successful e ... oval:org.secpod.oval:def:33434 The host is installed with Mozilla Firefox before 45.0 or Firefox ESR 38.x before 38.7 and is prone to a spoofing vulnerability. A flaw is present in the applications, which fails to a navigation sequence that returns to the original page. Successful exploitation allows remote attackers to spoof the ... oval:org.secpod.oval:def:33437 The host is installed with Mozilla Firefox before 45.0 or Firefox ESR 38.x before 38.7 and is prone to an use-after-free vulnerability. A flaw is present in the mozilla::DataChannelConnection::Close function in Mozilla Firefox, which fails to handle WebRTC data-channel connections. Successful exploi ... oval:org.secpod.oval:def:41100 Mozilla Firefox before 54.0, Firefox ESR before 52.2 or Thunderbird before 52.2 :- Mozilla developers and community members Tyson Smith, Mats Palmgren, Philipp, Masayuki Nakano, Christian Holler, Andrew McCreight, Gary Kwong, Andre Bargull, Carsten Book, Jesse Schwartzentruber, Julian Hector, Marcia ... oval:org.secpod.oval:def:39470 The host is missing a critical security update according to Mozilla advisory, MFSA2017-08. The update is required to fix an integer overflow vulnerability. A flaw is present in createImageBitmap API, which fails to handle unknown vector. Successful exploitation allows remote attackers to cause integ ... oval:org.secpod.oval:def:39469 Mozilla Firefox or Firefox ESR before 52.0.1 :- An integer overflow in createImageBitmap() was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the createImageBitmap API. This function runs in the content sandbox, requiring a second vulnera ... oval:org.secpod.oval:def:38569 The host is installed with Mozilla Firefox from 48.0 before 50.1 or Firefox ESR from 45.3 before 45.6 and is prone to an unspecified vulnerability. A flaw is present in the applications, which fail to properly validate the origin of events. Successful exploitation allows content from other origins t ... oval:org.secpod.oval:def:41702 Mozilla Firefox before 55.0 , Firefox ESR before 52.3 or Thunderbird 52.3 :- A buffer overflow can occur when manipulating Accessible Rich Internet Applications (ARIA) attributes within the DOM. This results in a potentially exploitable crash. oval:org.secpod.oval:def:41701 Mozilla Firefox before 55.0 , Firefox ESR before 52.3 or Thunderbird 52.3 :- A use-after-free vulnerability can occur when reading an image observer during frame reconstruction after the observer has been freed. This results in a potentially exploitable crash. oval:org.secpod.oval:def:41700 Mozilla Firefox before 55.0 , Firefox ESR before 52.3 or Thunderbird 52.3 :- An error in the WindowsDllDetourPatcher where a RWX ("Read/Write/Execute") 4k block is allocated but never protected, violating DEP protections. oval:org.secpod.oval:def:41706 Mozilla Firefox before 55.0 , Firefox ESR before 52.3 or Thunderbird 52.3 :- A buffer overflow will occur when viewing a certificate in the certificate manager if the certificate has an extremely long object identifier (OID). This results in a potentially exploitable crash. oval:org.secpod.oval:def:41705 Mozilla Firefox before 55.0 , Firefox ESR before 52.3 or Thunderbird 52.3 :- On pages containing an iframe, the data: protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert from the iframe content. oval:org.secpod.oval:def:41704 Mozilla Firefox before 55.0 , Firefox ESR before 52.3 or Thunderbird 52.3 :- Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, allowing the iframes to access content on the top level page, leading to information disclosure. oval:org.secpod.oval:def:41703 Mozilla Firefox before 55.0 , Firefox ESR before 52.3 or Thunderbird 52.3 :- A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG elements. This results in a potentially exploitable crash. oval:org.secpod.oval:def:41709 Mozilla Firefox before 55.0 , Firefox ESR before 52.3 or Thunderbird 52.3 :- A use-after-free vulnerability can occur while re-computing layout for a marquee element during window resizing where the updated style object is freed while still in use. This results in a potentially exploitable crash. oval:org.secpod.oval:def:41708 Mozilla Firefox before 55.0 , Firefox ESR before 52.3 or Thunderbird 52.3 :- A use-after-free vulnerability can occur in WebSockets when the object holding the connection is freed before the disconnection operation is finished. This results in an exploitable crash. oval:org.secpod.oval:def:41707 Mozilla Firefox before 55.0 , Firefox ESR before 52.3 or Thunderbird 52.3 :- A use-after-free vulnerability can occur when an editor DOM node is deleted prematurely during tree traversal while still bound to the document. This results in a potentially exploitable crash. oval:org.secpod.oval:def:41713 Mozilla Firefox before 55.0 , Firefox ESR before 52.3 or Thunderbird 52.3 :- A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. This has been addressed by requiring fallback files be inside the manifest directory. oval:org.secpod.oval:def:41712 Mozilla Firefox before 55.0 , Firefox ESR before 52.3 or Thunderbird 52.3 :- The destructor function for the WindowsDllDetourPatcher class can be re-purposed by malicious code in concert with another vulnerability to write arbitrary data to an attacker controlled location in memory. This can be used ... oval:org.secpod.oval:def:41711 Mozilla Firefox before 55.0 , Firefox ESR before 52.3 or Thunderbird 52.3 :- When a pages content security policy (CSP) header contains a sandbox directive, other directives are ignored. This results in the incorrect enforcement of CSP. oval:org.secpod.oval:def:41710 Mozilla Firefox before 55.0 , Firefox ESR before 52.3 or Thunderbird 52.3 :- A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur ... oval:org.secpod.oval:def:41714 Mozilla Firefox before 55.0 or Firefox ESR before 52.3 :- The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. In the worst case, this could allow arbitrary code execution when opening a malicious page with the style editor ... oval:org.secpod.oval:def:38830 Mozilla Firefox before 51.0, Firefox ESR before 45.7 or Thunderbird before 45.x before 45.7 :- A use-after-free vulnerability in the Media Decoder when working with media files when some events are fired after the media elements are freed from memory. oval:org.secpod.oval:def:38824 Mozilla Firefox before 51.0, Firefox ESR before 45.7 or Thunderbird before 45.x before 45.7 :- Use-after-free while manipulating XSL in XSLT documents oval:org.secpod.oval:def:38825 Mozilla Firefox before 51.0, Firefox ESR before 45.7 or Thunderbird before 45.x before 45.7 :- Hashed codes of JavaScript objects are shared between pages. This allows for pointer leaks because an object's address can be discovered through hash codes, and also allows for data leakage of an object's ... oval:org.secpod.oval:def:38826 Mozilla Firefox before 51.0, Firefox ESR before 45.7 or Thunderbird before 45.x before 45.7 :- A potential use-after-free found through fuzzing during DOM manipulation of SVG content. oval:org.secpod.oval:def:38827 Mozilla Firefox before 51.0, Firefox ESR before 45.7 or Thunderbird before 45.x before 45.7 :- URLs containing certain unicode glyphs for alternative hyphens and quotes do not properly trigger punycode display, allowing for domain name spoofing attacks in the location bar. oval:org.secpod.oval:def:38828 Mozilla Firefox before 51.0 or Mozilla Firefox ESR before 45.7 :- WebExtension scripts can use the data: protocol to affect pages loaded by other web extensions using this protocol, leading to potential data disclosure or privilege escalation in affected extensions. oval:org.secpod.oval:def:38829 Mozilla Firefox before 51.0, Firefox ESR before 45.7 or Thunderbird before 45.x before 45.7 :- The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. oval:org.secpod.oval:def:38822 Mozilla Firefox before 51.0, Firefox ESR before 45.7 or Thunderbird before 45.x before 45.7 :- Mozilla developers and community members reported memory safety bugs present in Firefox and Firefox ESR. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that ... oval:org.secpod.oval:def:38823 Mozilla Firefox before 51.0, Firefox ESR before 45.7 or Thunderbird before 45.x before 45.7 :- JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. oval:org.secpod.oval:def:42267 Mozilla Firefox before 56.0, Firefox ESR before 52.4 or Thunderbird 52.4 :- A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentia ... oval:org.secpod.oval:def:40055 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- Mozilla developers and community members Christian Holler, Jon Coppeard, Marcia Knous, David Baron, Mats Palmgren, Ronald Crane, Bob Clary, and Chris Peterson reported memory safety bugs present in F ... oval:org.secpod.oval:def:40058 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- A use-after-free vulnerability occurs during transaction processing in the editor during design mode interactions. This results in a potentially exploitable crash. oval:org.secpod.oval:def:40059 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as ... oval:org.secpod.oval:def:40056 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- A use-after-free vulnerability occurs during certain text input selection resulting in a potentially exploitable crash. oval:org.secpod.oval:def:40057 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- A use-after-free vulnerability occurs when redirecting focus handling which results in a potentially exploitable crash. oval:org.secpod.oval:def:40061 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- A use-after-free vulnerability during XSLT processing due to the result handler being held by a freed handler during handling. This results in a potentially exploitable crash. oval:org.secpod.oval:def:40062 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. This results in a potentially exploitable crash. oval:org.secpod.oval:def:40060 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- Three vulnerabilities were reported in the Libevent library that allow for out-of-bounds reads and denial of service (DoS) attacks: CVE-2016-10195, CVE-2016-10196, and CVE-2016-10197. These were fixe ... oval:org.secpod.oval:def:40065 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- A use-after-free vulnerability during changes in style when manipulating DOM elements. This results in a potentially exploitable crash. oval:org.secpod.oval:def:40066 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- An out-of-bounds write vulnerability while decoding improperly formed BinHex format archives. oval:org.secpod.oval:def:40063 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions during matching while evaluating context, leading to objects being used when they no longer exist. ... oval:org.secpod.oval:def:40064 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- A use-after-free vulnerability when holding a selection during scroll events. This results in a potentially exploitable crash. oval:org.secpod.oval:def:40069 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- A vulnerability while parsing application/http-index-format format content where uninitialized values are used to create an array. This could allow the reading of uninitialized memory into the arrays ... oval:org.secpod.oval:def:40067 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- A buffer overflow vulnerability while parsing application/http-index-format format content when the header contains improperly formatted data. This allows for an out-of-bounds read of data from memor ... oval:org.secpod.oval:def:40068 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex. oval:org.secpod.oval:def:40072 Mozilla Firefox before 53.0, Firefox ESR before 45.9 or 52.x before 52.1 :- An out-of-bounds write in ClearKeyDecryptor while decrypting some Clearkey-encrypted media content. The ClearKeyDecryptor code runs within the Gecko Media Plugin (GMP) sandbox. If a second mechanism is found to escape the sa ... oval:org.secpod.oval:def:40073 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- A buffer overflow in WebGL triggerable by web content, resulting in a potentially exploitable crash. oval:org.secpod.oval:def:40070 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- An out-of-bounds read when an HTTP/2 connection to a servers sends DATA frames with incorrect data content. This leads to a potentially exploitable crash. oval:org.secpod.oval:def:40071 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- An out-of-bounds read during the processing of glyph widths during text layout. This results in a potentially exploitable crash and could allow an attacker to read otherwise inaccessible memory. oval:org.secpod.oval:def:40076 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bits over. oval:org.secpod.oval:def:40077 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- During DOM manipulations of the accessibility tree through script, the DOM tree can become out of sync with the accessibility tree, leading to memory corruption and a potentially exploitable crash. oval:org.secpod.oval:def:40074 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- A use-after-free vulnerability in frame selection triggered by a combination of malicious script content and key presses by a user. This results in a potentially exploitable crash. oval:org.secpod.oval:def:40075 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- An out-of-bounds write during Base64 decoding operation in the Network Security Services (NSS) library due to insufficient memory being allocated to the buffer. This results in a potentially exploita ... oval:org.secpod.oval:def:40078 Mozilla Firefox before 53.0, Thunderbird before 52.1, Firefox ESR before 45.9 or 52.x before 52.1 :- An out-of-bounds read while processing SVG content in ConvolvePixel. This results in a crash and also allows for otherwise inaccessible memory being copied into SVG graphic content, which could then ... oval:org.secpod.oval:def:40079 Mozilla Firefox before 53.0, Thunderbird before 52.1 or Firefox ESR 52.x before 52.1 :- Mozilla developers and community members Christian Holler, Jon Coppeard, Milan Sreckovic, Tyson Smith, Ronald Crane, Randell Jesup, Philipp, Tooru Fujisawa, and Kan-Ru Chen reported memory safety bugs present in ... oval:org.secpod.oval:def:40080 Mozilla Firefox before 53.0, Thunderbird before 52.1 and Firefox ESR before 45.9 or 52.x before 52.1 :- A use-after-free vulnerability in SMIL animation functions occurs when pointers to animation elements in an array are dropped from the animation controller while still in use. This results in a po ... oval:org.secpod.oval:def:40083 Mozilla Firefox before 53.0, Thunderbird before 52.1 or Firefox ESR 52.x before 52.1 :- A mechanism to bypass file system access protections in the sandbox to use the file picker to access different files than those selected in the file picker through the use of relative paths. This allows for read ... oval:org.secpod.oval:def:42262 Mozilla Firefox before 56.0, Firefox ESR before 52.4 or Thunderbird 52.4 :- Mozilla developers and community members Christoph Diehl, Jan de Mooij, Jason Kratzer, Randell Jesup, Tom Ritter, Tyson Smith, and Sebastian Hengst reported memory safety bugs present in Firefox and Firefox ESR. Some of thes ... oval:org.secpod.oval:def:40084 Mozilla Firefox before 53.0 and Firefox ESR 52.x before 52.1 :- The internal feed reader APIs that crossed the sandbox barrier allowed for a sandbox escape and escalation of privilege if combined with another vulnerability that resulted in remote code execution inside the sandboxed process. oval:org.secpod.oval:def:42261 Mozilla Firefox before 56.0, Firefox ESR before 52.4 or Thunderbird 52.4 :- During TLS 1.2 exchanges, handshake hashes are generated which point to a message buffer. This saved data is used for later messages but in some cases, the handshake transcript can exceed the space available in the current b ... oval:org.secpod.oval:def:40081 Mozilla Firefox before 53.0, Thunderbird before 52.1 or Firefox ESR 52.x before 52.1 :- A possibly exploitable crash triggered during layout and manipulation of bidirectional unicode text in concert with CSS animations. oval:org.secpod.oval:def:42260 Mozilla Firefox before 56.0, Firefox ESR before 52.4 or Thunderbird 52.4 :- A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. oval:org.secpod.oval:def:40082 Mozilla Firefox before 53.0, Thunderbird before 52.1 or Firefox ESR 52.x before 52.1 :- A mechanism to spoof the addressbar through the user interaction on the addressbar and the onblur event. The event could be used by script to affect text display to make the loaded site appear to be different fro ... oval:org.secpod.oval:def:40087 Mozilla Firefox before 53.0, Thunderbird before 52.1 or Firefox ESR 52.x before 52.1 :- A potential memory corruption and crash when using Skia content when drawing content outside of the bounds of a clipping region. oval:org.secpod.oval:def:42266 Mozilla Firefox before 56.0, Firefox ESR before 52.4 or Thunderbird 52.4 :- The content security policy (CSP) sandbox directive did not create a unique origin for the document, causing it to behave as if the allow-same-origin keyword were always specified. This could allow a Cross-Site Scripting (XS ... oval:org.secpod.oval:def:42265 Mozilla Firefox before 56.0, Firefox ESR before 52.4 or Thunderbird 52.4 :- A use-after-free vulnerability can occur in design mode when image objects are resized if objects referenced during the resizing have been freed from memory. This results in a potentially exploitable crash. oval:org.secpod.oval:def:40085 Mozilla Firefox before 53.0 and Firefox ESR 52.x before 52.1 :- A mechanism to bypass file system access protections in the sandbox using the file system request constructor through an IPC message. This allows for read and write access to the local file system. oval:org.secpod.oval:def:42264 Mozilla Firefox before 56.0, Firefox ESR before 52.4 or Thunderbird 52.4 :- A use-after-free vulnerability can occur when manipulating arrays of Accessible Rich Internet Applications (ARIA) elements within containers through the DOM. This results in a potentially exploitable crash. oval:org.secpod.oval:def:40086 Mozilla Firefox before 53.0, Thunderbird before 52.1 or Firefox ESR 52.x before 52.1 :- If a page is loaded from an original site through a hyperlink and contains a redirect to a data:text/html URL, triggering a reload will run the reloaded data:text/html page with its origin set incorrectly. This a ... oval:org.secpod.oval:def:42263 Mozilla Firefox before 56.0, Firefox ESR before 52.4 or Thunderbird 52.4 :- File downloads encoded with blob: and data: URL elements bypassed normal file download checks though the Phishing and Malware Protection feature and its block lists of suspicious sites and files. This would allow malicious s ... oval:org.secpod.oval:def:39135 Mozilla Firefox before 52.0, Firefox ESR before 45.8 or Thunderbird before before 45.8 :- JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. oval:org.secpod.oval:def:39136 Mozilla Firefox before 52.0, Firefox ESR before 45.8 or Thunderbird before before 45.8 :- A crash triggerable by web content in which an ErrorResult references unassigned memory due to a logic error. The resulting crash may be exploitable. oval:org.secpod.oval:def:41698 Mozilla Firefox before 55.0 , Firefox ESR before 52.3 or Thunderbird 52.3 :- An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data. oval:org.secpod.oval:def:39137 Mozilla Firefox before 52.0, Firefox ESR before 45.8 or Thunderbird before before 45.8 :- A use-after-free can occur when events are fired for a FontFace object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash. oval:org.secpod.oval:def:39138 Mozilla Firefox before 52.0, Firefox ESR before 45.8 or Thunderbird before before 45.8 :- A use-after-free error can occur when manipulating ranges in selections with one node inside a native anonymous tree and one node outside of it. This results in a potentially exploitable crash. oval:org.secpod.oval:def:39139 Mozilla Firefox before 52.0, Firefox ESR before 45.8 or Thunderbird before before 45.8 :- Using SVG filters that don't use the fixed point math implementation on a target iframe, a malicious page can extract pixel values from a targeted user. This can be used to extract history information and read ... oval:org.secpod.oval:def:41699 Mozilla Firefox before 55.0 , Firefox ESR before 52.3 or Thunderbird 52.3 :- Mozilla developers and community members Masayuki Nakano, Gary Kwong, Ronald Crane, Andrew McCreight, Tyson Smith, Bevis Tseng, Christian Holler, Bryce Van Dyk, Dragana Damjanovic, Kartikaya Gupta, Philipp, Tristan Bourvon, ... oval:org.secpod.oval:def:39140 Mozilla Firefox before 52.0, Firefox ESR before 45.8 or Thunderbird before before 45.8 :- Memory corruption resulting in a potentially exploitable crash during garbage collection of JavaScript due errors in how incremental sweeping is managed for memory cleanup. oval:org.secpod.oval:def:39141 Mozilla Firefox before 52.0, Firefox ESR before 45.8 or Thunderbird before before 45.8 :- Video files loaded video captions cross-origin without checking for the presence of CORS headers permitting such cross-origin use, leading to potential information disclosure for video captions. oval:org.secpod.oval:def:39142 Mozilla Firefox before 52.0, Firefox ESR before 45.8 or Thunderbird before before 45.8 :- Certain response codes in FTP connections can result in the use of uninitialized values for ports in FTP operations. oval:org.secpod.oval:def:39143 Mozilla Firefox before 52.0, Firefox ESR before 45.8 or Thunderbird before before 45.8 :- Mozilla developers and community members reported memory safety bugs present in Firefox, Firefox ESR and Thunderbird. Some of these bugs showed evidence of memory corruption and we presume that with enough effo ... oval:org.secpod.oval:def:39144 Mozilla Firefox before 52.0 or Firefox ESR before 45.8 :- The Mozilla Windows updater can be called by a non-privileged user to delete an arbitrary local file by passing a special path to the callback parameter through the Mozilla Maintenance Service, which has privileged access. oval:org.secpod.oval:def:42783 Mozilla Firefox before 57.0 or Firefox ESR before 52.5 :- Mozilla developers and community members Christian Holler, David Keeler, Jon Coppeard, Julien Cristau, Jan de Mooij, Jason Kratzer, Philipp, Nicholas Nethercote, Oriol Brufau, Andre Bargull, Bob Clary, Jet Villegas, Randell Jesup, Tyson Smith ... oval:org.secpod.oval:def:42782 Mozilla Firefox before 57.0, Firefox ESR before 52.5 or Apple iCloud 7.3:- The Resource Timing API incorrectly revealed navigations in cross-origin iframes. This is a same-origin policy violation and could allow for data theft of URLs loaded by users. oval:org.secpod.oval:def:42781 Mozilla Firefox before 57.0 or Firefox ESR before 52.5 :- A use-after-free vulnerability can occur when flushing and resizing layout because the PressShell object has been freed while still in use. This results in a potentially exploitable crash during these operations. oval:org.secpod.oval:def:38439 The host is installed with Mozilla Firefox before 50.1, Firefox ESR before 45.6 or Thunderbird before 45.6 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fail to determine whether an atom is used by another compartment/zone in specific contexts. ... oval:org.secpod.oval:def:38435 The host is installed with Mozilla Firefox before 50.1, Firefox ESR before 45.6 or Thunderbird before 45.6 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to properly handle manipulation of DOM subtrees in the Editor. Successful exploitation allows ... oval:org.secpod.oval:def:38436 The host is installed with Mozilla Firefox before 50.1, Firefox ESR before 45.6 or Thunderbird before 45.6 and is prone to an use-after-free vulnerability. A flaw is present in the applications, which fail to properly handle manipulation of DOM events and removing audio elements. Successful exploita ... oval:org.secpod.oval:def:38437 The host is installed with Mozilla Firefox before 50.1 or Firefox ESR before 45.6 and is prone to a security bypass vulnerability. A flaw is present in the applications, which fail to properly handle external resources that should be blocked when loaded by SVG images. Successful exploitation could a ... oval:org.secpod.oval:def:38438 The host is installed with Mozilla Firefox before 50.1 or Firefox ESR before 45.6 and is prone to a security bypass vulnerability. A flaw is present in the applications, which fail to sanitize HTML tags received from the Pocket server and any JavaScript code executed will be run in the about:pocket- ... oval:org.secpod.oval:def:41080 Mozilla Firefox before 54.0, Firefox ESR before 52.2 or Thunderbird before 52.2 :- A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable c ... oval:org.secpod.oval:def:41081 Mozilla Firefox before 54.0, Firefox ESR before 52.2 or Thunderbird before 52.2 :- A use-after-free vulnerability when using an incorrect URL during the reloading of a docshell. This results in a potentially exploitable crash. oval:org.secpod.oval:def:41084 Mozilla Firefox before 54.0, Firefox ESR before 52.2 or Thunderbird before 52.2 :- A use-after-free vulnerability during specific user interactions with the input method editor (IME) in some languages due to how events are handled. This results in a potentially exploitable crash but would require sp ... oval:org.secpod.oval:def:41085 Mozilla Firefox before 54.0, Firefox ESR before 52.2 or Thunderbird before 52.2 :- An out-of-bounds read in WebGL with a maliciously crafted ImageInfo object during WebGL operations. oval:org.secpod.oval:def:41082 Mozilla Firefox before 54.0, Firefox ESR before 52.2 or Thunderbird before 52.2 :- A use-after-free vulnerability during video control operations when a 'track' element holds a reference to an older window if that window has been replaced in the DOM. This results in a potentially exploitable crash. oval:org.secpod.oval:def:41083 Mozilla Firefox before 54.0, Firefox ESR before 52.2 or Thunderbird before 52.2 :- A use-after-free vulnerability with content viewer listeners that results in a potentially exploitable crash. oval:org.secpod.oval:def:41088 Mozilla Firefox before 54.0, Firefox ESR before 52.2 or Thunderbird before 52.2 :- A use-after-free vulnerability in IndexedDB when one of its objects is destroyed in memory while a method on it is still being executed. This results in a potentially exploitable crash. oval:org.secpod.oval:def:41089 Mozilla Firefox before 54.0, Firefox ESR before 52.2 or Thunderbird before 52.2 :- A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. These issues were addressed in Graphite 2 version 1. ... oval:org.secpod.oval:def:41086 Mozilla Firefox before 54.0 or Firefox ESR before 52.2 :- The Firefox installer on Windows can be made to load malicious DLL files stored in the same directory as the installer when it is run. This allows privileged execution if the installer is run with elevated privileges. oval:org.secpod.oval:def:41087 Mozilla Firefox before 54.0, Firefox ESR before 52.2 or Thunderbird before 52.2 :- A use-after-free and use-after-scope vulnerability when logging errors from headers for XML HTTP Requests (XHR). This could result in a potentially exploitable crash. oval:org.secpod.oval:def:41091 Mozilla Firefox before 54.0 or Firefox ESR before 52.2 :- The Mozilla Windows updater modifies some files to be updated by reading the original file and applying changes to it. The location of the original file can be altered by a malicious user by passing a special path to the callback parameter th ... oval:org.secpod.oval:def:41092 Mozilla Firefox before 54.0 or Firefox ESR before 52.2 :- The Mozilla Maintenance Service helper.exe application creates a temporary directory writable by non-privileged users. When this is combined with creation of a junction (a form of symbolic link), protected files in the target directory of the ... oval:org.secpod.oval:def:41090 Mozilla Firefox before 54.0, Firefox ESR before 52.2 or Thunderbird before 52.2 :- An out-of-bounds read vulnerability with the Opus encoder when the number of channels in an audio stream changes while the encoder is in use. oval:org.secpod.oval:def:41095 Mozilla Firefox before 54.0, Firefox ESR before 52.2 or Thunderbird before 52.2 :- The "Mark of the Web" was not correctly saved on Windows when files with very long names were downloaded from the Internet. Without the Mark of the Web data, the security warning that Windows displays before running e ... oval:org.secpod.oval:def:41096 Mozilla Firefox before 54.0 or Firefox ESR before 52.2:- An attack using manipulation of updater.ini contents, used by the Mozilla Windows Updater, and privilege escalation through the Mozilla Maintenance Service to allow for arbitrary file execution and deletion by the Maintenance Service, which ha ... oval:org.secpod.oval:def:41094 Mozilla Firefox before 54.0, Firefox ESR before 52.2 or Thunderbird before 52.2 :- Characters from the "Canadian Syllabics" unicode block can be mixed with characters from other unicode blocks in the addressbar instead of being rendered as their raw "punycode" form, allowing for domain name spoofing ... oval:org.secpod.oval:def:41097 Mozilla Firefox before 54.0 or Firefox ESR before 52.2 :- The Mozilla Maintenance Service can be invoked by an unprivileged user to overwrite arbitrary files with junk data using the Mozilla Windows Updater, which runs with the Maintenance Service's privileged access. oval:org.secpod.oval:def:41098 Mozilla Firefox before 54.0 or Firefox ESR before 52.2 :- The Mozilla Maintenance Service can be invoked by an unprivileged user to read 32 bytes of any arbitrary file on the local system by convincing the service that it is reading a status file provided by the Mozilla Windows Updater. The Mozilla ... oval:org.secpod.oval:def:45956 The host is missing a critical security update according to Mozilla advisory, MFSA2018-14. The update is required to fix heap buffer overflow vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation allows attackers to crash an application. oval:org.secpod.oval:def:45955 The host is installed with Mozilla Firefox before 60.0.2, Firefox-esr before 52.8.1 or 60.0.x before 60.0.2 and is prone to a heap buffer overflow vulnerability. A flaw is present in the application, which failes to properly handle SVG file with anti-aliasing turned off. Successful exploitation coul ... oval:org.secpod.oval:def:50454 Mozilla Firefox 65, Mozilla Firefox ESR 60.5 and Mozilla Thunderbird 60.5 : A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a potentially exploitable crash ... oval:org.secpod.oval:def:50455 Mozilla Firefox 64, Mozilla Firefox ESR 60.4 and Mozilla Thunderbird 60.5 : Mozilla developers and community members Alex Gaynor, Christoph Diehl, Steven Crane, Jason Kratzer, Gary Kwong, and Christian Holler reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. Some of these bugs ... oval:org.secpod.oval:def:50459 Mozilla Firefox 65, Mozilla Firefox ESR 60.5 and Mozilla Thunderbird 60.5 : An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. This authentication is insuffi ... oval:org.secpod.oval:def:47768 Mozilla Firefox 62.0.3, Mozilla Firefox ESR 60.2.2 : A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. oval:org.secpod.oval:def:47769 Mozilla Firefox 62.0.3, Mozilla Firefox ESR 60.2.2 : A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as ... oval:org.secpod.oval:def:47770 The host is missing a critical security update according to Mozilla advisory, MFSA2018-24. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:44694 Mozilla Firefox before 59.0, Firefox ESR before 52.7 or Thunderbird before 52.7 : A buffer overflow can occur when manipulating the SVG animatedPathSegList through script. This results in a potentially exploitable crash. oval:org.secpod.oval:def:44695 Mozilla Firefox before 59.0, Firefox ESR before 52.7 or Thunderbird before 52.7 : A lack of parameter validation on IPC messages results in a potential out-of-bounds write through malformed IPC messages. This can potentially allow for sandbox escape through memory corruption in the parent process. oval:org.secpod.oval:def:44696 Mozilla Firefox before 59.0 or Firefox ESR before 52.7 : When packets with a mismatched RTP payload type are sent in WebRTC connections, in some circumstances a potentially exploitable crash is triggered. oval:org.secpod.oval:def:44697 Mozilla Firefox before 59.0 or Firefox ESR before 52.7 : Under certain circumstances the fetch() API can return transient local copies of resources that were sent with a no-store or no-cache cache header instead of downloading a copy from the network as it should. This can result in previously store ... oval:org.secpod.oval:def:44693 Mozilla Firefox before 59.0, Firefox ESR before 52.7 or Thunderbird before 52.7 : Mozilla developers and community members reported memory safety bugs present in Firefox and Firefox ESR. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these ... oval:org.secpod.oval:def:43589 Mozilla Firefox before 58.0 or Firefox ESR before 52.6 :- A use-after-free vulnerability can occur during WebRTC connections when interacting with the DTMF timers. This results in a potentially exploitable crash. oval:org.secpod.oval:def:43588 Mozilla Firefox before 58.0 or Firefox ESR before 52.6 or Thunderbird before 52.6 :- Mozilla developers and community members reported memory safety bugs present in Firefox, Firefox ESR and Thunderbird. Some of these bugs showed evidence of memory corruption and we presume that with enough effort th ... oval:org.secpod.oval:def:43593 Mozilla Firefox before 58.0 or Firefox ESR before 52.6 or Thunderbird before 52.6 :- A use-after-free vulnerability can occur when the widget listener is holding strong references to browser objects that have previously been freed, resulting in a potentially exploitable crash when these references a ... oval:org.secpod.oval:def:43592 Mozilla Firefox before 58.0 or Firefox ESR before 52.6 or Thunderbird before 52.6 :- A use-after-free vulnerability can occur when form input elements, focus, and selections are manipulated by script content. This results in a potentially exploitable crash. oval:org.secpod.oval:def:43591 Mozilla Firefox before 58.0 or Firefox ESR before 52.6 or Thunderbird before 52.6 :- A use-after-free vulnerability can occur during XSL transformations when the source document for the transformation is manipulated by script content during the transformation. This results in a potentially exploitab ... oval:org.secpod.oval:def:43590 Mozilla Firefox before 58.0 or Firefox ESR before 52.6 or Thunderbird before 52.6 :- An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 8 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially e ... oval:org.secpod.oval:def:43597 Mozilla Firefox before 58.0 or Firefox ESR before 52.6 or Thunderbird before 52.6 :- If right-to-left text is used in the addressbar with left-to-right alignment, it is possible in some circumstances to scroll this text to spoof the displayed URL. This issue could result in the wrong URL being displ ... oval:org.secpod.oval:def:43596 Mozilla Firefox before 58.0 or Firefox ESR before 52.6 or Thunderbird before 52.6 :- A use-after-free vulnerability can occur during font face manipulation when a font face is freed while still in use, resulting in a potentially exploitable crash. oval:org.secpod.oval:def:43595 Mozilla Firefox before 58.0 or Firefox ESR before 52.6 or Thunderbird before 52.6 :- A use-after-free vulnerability can occur during mouse event handling due to issues with multiprocess support. This results in a potentially exploitable crash. oval:org.secpod.oval:def:43594 Mozilla Firefox before 58.0 or Firefox ESR before 52.6 or Thunderbird before 52.6 :- A use-after-free vulnerability can occur when manipulating HTML media elements with media streams, resulting in a potentially exploitable crash. oval:org.secpod.oval:def:54974 Mozilla Firefox 67, Mozilla Firefox ESR 60.7 and Mozilla Thunderbird 60.7: A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked to a renderer from a broker when making a call to access an otherwise unavailable file. This results in the potential leaking ... oval:org.secpod.oval:def:54972 Mozilla Firefox 67, Mozilla Firefox ESR 60.7 and Mozilla Thunderbird 60.7: A use-after-free vulnerability can occur when working with <code>XMLHttpRequest</code> (XHR) in an event loop, causing the XHR main thread to be called after it has been freed. This results in a potentially exploitable crash. oval:org.secpod.oval:def:54973 Mozilla Firefox 67, Mozilla Firefox ESR 60.7 and Mozilla Thunderbird 60.7: A use-after-free vulnerability can occur when listeners are removed from the event listener manager while still in use, resulting in a potentially exploitable crash. oval:org.secpod.oval:def:48209 Mozilla Firefox 63, Mozilla Firefox ESR 60.3 : Mozilla developers and community members Christian Holler, Bob Owen, Boris Zbarsky, Calixte Denizet, Jason Kratzer, Jed Davis, Taegeon Lee, Philipp, Ronald Crane, Raul Gurzau, Gary Kwong, Tyson Smith, Raymond Forbes, and Bogdan Tara reported memory safe ... oval:org.secpod.oval:def:49789 Mozilla Firefox 64, Mozilla Firefox ESR 60.4, Mozilla Thunderbird 60.4 : A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. This results in a potentially exploitable cr ... oval:org.secpod.oval:def:48214 Mozilla Firefox 63, Mozilla Firefox ESR 60.3 : A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all websites" being displayed to the user. This allows extensions to run content scripts in local pages without permission ... oval:org.secpod.oval:def:49788 Mozilla Firefox 64, Mozilla Firefox ESR 60.4, Mozilla Thunderbird 60.4 : A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. This results in a potentially exploitable crash. oval:org.secpod.oval:def:48212 Mozilla Firefox 63, Mozilla Firefox ESR 60.3 : By rewriting the Host request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting. This would allow access to domains that share a host that are otherwise restricted. oval:org.secpod.oval:def:49785 Mozilla Firefox 64, Mozilla Firefox ESR 60.4, Mozilla Thunderbird 60.4 : Mozilla developers and community members Christian Holler, Diego Calleja, Andrew McCreight, Jon Coppeard, Jed Davis, Natalia Csoregi, Nicolas B. Pierron, and Tyson Smith reported memory safety bugs present in Firefox 63 and Fir ... oval:org.secpod.oval:def:48213 Mozilla Firefox 63, Mozilla Firefox ESR 60.3 : A vulnerability where a WebExtension can run content scripts in disallowed contexts following navigation or other events. This allows for potential privilege escalation by the WebExtension on sites where content scripts should not be run. oval:org.secpod.oval:def:48210 Mozilla Firefox 63, Mozilla Firefox ESR 60.3 : When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. oval:org.secpod.oval:def:47371 Mozilla Firefox 62, Mozilla Firefox ESR 60.2, Mozilla Thunderbird 60.2.1 : Mozilla developers and community members Alex Gaynor, Boris Zbarsky, Christoph Diehl, Christian Holler, Jason Kratzer, Jed Davis, Tyson Smith, Bogdan Tara, Karl Tomlinson, Mats Palmgren, Nika Layzell, Ted Campbell, and Andrei ... oval:org.secpod.oval:def:47373 Mozilla Firefox 62, Mozilla Firefox ESR 60.2, Mozilla Thunderbird 60.2.1 : A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by JavaScript code that is providing payload values to be stored. This results in a potentially exploitable crash. oval:org.secpod.oval:def:49790 Mozilla Firefox 64, Mozilla Firefox ESR 60.4, Mozilla Thunderbird 60.4 : A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries(). This is a same-origin policy viola ... oval:org.secpod.oval:def:47372 Mozilla Firefox 62, Mozilla Firefox ESR 60.2, Mozilla Thunderbird 60.2.1 : A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exploitable crash. oval:org.secpod.oval:def:47374 Mozilla Firefox 62, Mozilla Firefox ESR 60.2, Mozilla Thunderbird 60.2.1 : When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running the Mozilla Updater manuall ... oval:org.secpod.oval:def:49794 Mozilla Firefox 64, Mozilla Firefox ESR 60.4, Mozilla Thunderbird 60.4 : A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when a raw value is used instead of the checked value. This can lead to an out-of-bounds write. oval:org.secpod.oval:def:46114 Mozilla Firefox 61, Mozilla Firefox ESR 60.1, Mozilla Thunderbird 60.0: An integer overflow can occur in the SwizzleData while calculating buffer sizes. The overflowed value is used for subsequent graphics computations when their inputs are not sanitized which results in a potentially exploitable cr ... oval:org.secpod.oval:def:46113 Mozilla Firefox 61, Mozilla Thunderbird 60.0, Mozilla Firefox ESR 52.9 and 60.1: A use-after-free vulnerability can occur when deleting an code input/code element during a mutation event handler triggered by focusing that element. This results in a potentially exploitable crash. oval:org.secpod.oval:def:46116 Mozilla Firefox 61, Mozilla Thunderbird 60.0, Mozilla Firefox ESR 52.9 and 60.1: A use-after-free vulnerability can occur when script uses mutation events to move DOM nodes between documents, resulting in the old document that held the node being freed but the node still having a pointer referencing ... oval:org.secpod.oval:def:46115 Mozilla Firefox 61, Mozilla Thunderbird 60.0, Mozilla Firefox ESR 52.9 and 60.1: An integer overflow can occur during graphics operations done by the Supplemental Streaming SIMD Extensions 3 (SSSE3) scaler, resulting in a potentially exploitable crash. oval:org.secpod.oval:def:46112 Mozilla Firefox 61, Mozilla Thunderbird 60.0, Mozilla Firefox ESR 52.9 and 60.1: A buffer overflow can occur when rendering canvas content while adjusting the height and width of the 'canvas' element dynamically, causing data to be written outside of the currently computed boundaries. This results i ... oval:org.secpod.oval:def:46118 Mozilla Firefox 61, Mozilla Thunderbird 60.0, Mozilla Firefox ESR 52.9 and 60.1: A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. This could result in exposure of private local files. oval:org.secpod.oval:def:46117 Mozilla Firefox 61, Mozilla Thunderbird 60.0, Mozilla Firefox ESR 52.9 and 60.1: NPAPI plugins, such as Adobe Flash, can send non-simple cross-origin requests, bypassing CORS by making a same-origin POST that does a 307 redirect to the target site. This allows for a malicious site to engage in cross ... oval:org.secpod.oval:def:46119 Mozilla Firefox 61, Mozilla Thunderbird 60.0, Mozilla Firefox ESR 52.9 and 60.1: An invalid grid size during QCMS (color profile) transformations can result in the out-of-bounds read interpreted as a float value. This could leak private data into the output. oval:org.secpod.oval:def:46125 Mozilla Firefox 61, Mozilla Thunderbird 60.0, Mozilla Firefox ESR 52.9 and 60.1: A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occuring. This can result in stream data being cast to the wrong type causing a potentially exploitable cra ... oval:org.secpod.oval:def:46124 Mozilla Firefox 61, Mozilla Thunderbird 60.0, Mozilla Firefox ESR 60.1 : An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 16 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable ... oval:org.secpod.oval:def:46127 Mozilla Firefox 61, Mozilla Thunderbird 60.0, Mozilla Firefox ESR 60.1: Mozilla developers and community members Christian Holler, Sebastian Hengst, Nils Ohlmeier, Jon Coppeard, Randell Jesup, Ted Campbell, Gary Kwong, and Jean-Yves Avenard reported memory safety bugs present in Firefox 60 and Firef ... oval:org.secpod.oval:def:46121 Mozilla Firefox 61, Mozilla Thunderbird 60.0, Mozilla Firefox ESR 52.9 and 60.1: Windows 10 does not warn users before opening executable files with the code SettingContent-ms/code extension even when they have been downloaded from the internet and have the "Mark of the Web." Without the warning, u ... oval:org.secpod.oval:def:46120 Mozilla Firefox 61, Mozilla Thunderbird 60.0, Mozilla Firefox ESR 60.1: In the previous mitigations for Spectre, the resolution or precision of various methods was reduced to counteract the ability to measure precise time intervals. In that work, PerformanceNavigationTiming was not adjusted but it w ... oval:org.secpod.oval:def:46122 Mozilla Firefox 61 , Mozilla Firefox ESR 60.1: WebExtensions bundled with embedded experiments were not correctly checked for proper authorization. This allowed a malicious WebExtension to gain full browser permissions. oval:org.secpod.oval:def:46128 Mozilla Firefox 61, Mozilla Thunderbird 60.0, Mozilla Firefox ESR 52.9 and 60.1: Mozilla developers and community members Alex Gaynor, Christoph Diehl, Christian Holler, Jason Kratzer, David Major, Jon Coppeard, Nicolas B. Pierron, Jason Kratzer, Marcia Knous, and Ronald Crane reported memory safety ... oval:org.secpod.oval:def:45487 Mozilla Firefox before 60.0, Firefox or ESR before 52.8 : Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party ... oval:org.secpod.oval:def:45488 Mozilla Firefox before 60.0, Firefox or ESR before 52.8 : The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. oval:org.secpod.oval:def:53041 Mozilla Firefox 66, Mozilla Firefox ESR 60.6 : Mozilla developers and community members Bob Clary, Chun-Min Chang, Aral Yaman, Andreea Pavel, Jonathan Kew, Gary Kwong, Alex Gaynor, Masayuki Nakano, and Anne van Kesteren reported memory safety bugs present in Firefox 65 and Firefox ESR 60.5. Some of ... oval:org.secpod.oval:def:53044 Mozilla Firefox 66, Mozilla Firefox ESR 60.6 : The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time (JIT) compiler and when the constructor function is entered through on-stack replacem ... oval:org.secpod.oval:def:53043 Mozilla Firefox 66, Mozilla Firefox ESR 60.6 : A use-after-free vulnerability can occur when a raw pointer to a DOM element on a page is obtained using JavaScript and the element is then removed while still in use. This results in a potentially exploitable crash. oval:org.secpod.oval:def:53046 Mozilla Firefox 66, Mozilla Firefox ESR 60.6 : A mechanism was discovered that removes some bounds checking for string, array, or typed array accesses if Spectre mitigations have been disabled. This vulnerability could allow an attacker to create an arbitrary value in compiled JavaScript, for which ... oval:org.secpod.oval:def:53045 Mozilla Firefox 66, Mozilla Firefox ESR 60.6 : The IonMonkey just-in-time (JIT) compiler can leak an internal codeJS_OPTIMIZED_OUT/code magic value to the running script during a bailout. This magic value can then be used by JavaScript to achieve memory corruption, which results in a potentially exp ... oval:org.secpod.oval:def:53052 Mozilla Firefox 66, Mozilla Firefox ESR 60.6 : Firefox will accept any registered Program ID as an external protocol handler and offer to launch this local application when given a matching URL on Windows operating systems. This should only happen if the program has specifically registered itself as ... oval:org.secpod.oval:def:53048 Mozilla Firefox 66, Mozilla Firefox ESR 60.6 : A vulnerability where type-confusion in the IonMonkey just-in-time (JIT) compiler could potentially be used by malicious JavaScript to trigger a potentially exploitable crash. oval:org.secpod.oval:def:53047 Mozilla Firefox 66, Mozilla Firefox ESR 60.6 : A vulnerability was discovered where specific command line arguments are not properly discarded during Firefox invocation as a shell handler for URLs. This could be used to retrieve and execute files whose location is supplied through these command line ... oval:org.secpod.oval:def:53049 Mozilla Firefox 66, Mozilla Firefox ESR 60.6 : A use-after-free vulnerability can occur when the SMIL animation controller incorrectly registers with the refresh driver twice when only a single registration is expected. When a registration is later freed with the removal of the animation controller ... oval:org.secpod.oval:def:53070 Mozilla Firefox 66.0.1, Mozilla Firefox ESR 60.6.1 : Incorrect handling of __proto__ mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. oval:org.secpod.oval:def:53069 Mozilla Firefox 66.0.1, Mozilla Firefox ESR 60.6.1 : Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. oval:org.secpod.oval:def:44766 Mozilla Firefox before 59.0.1 or Firefox ESR before 52.7.2 : An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. oval:org.secpod.oval:def:44767 The host is missing a critical security update according to Mozilla advisory, MFSA2018-08. The update is required to fix out-of-bound memory write vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to crash the se ... oval:org.secpod.oval:def:44774 Mozilla Firefox before 59.0.2 or Firefox ESR before 52.7.3 : A use-after-free vulnerability can occur in the compositor during certain graphics operations when a raw pointer is used instead of a reference counted one. This results in a potentially exploitable crash. oval:org.secpod.oval:def:44775 The host is missing a important security update according to Mozilla advisory, MFSA2018-10. The update is required to fix use-after-free vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:62292 Mozilla Firefox 74.0.1, Mozilla Firefox ESR 68.6.1 and Mozilla Thunderbird 68.7.0 : Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. oval:org.secpod.oval:def:62291 Mozilla Firefox 74.0.1, Mozilla Firefox ESR 68.6.1 and Mozilla Thunderbird 68.7.0 : Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. oval:org.secpod.oval:def:62290 The host is missing a critical severity security update according to Mozilla advisory, MFSA2020-11. The update is required to fix use-after-free vulnerabilities. The flaws are present in the application, which fails to handle ReadableStream or running the nsDocShell destructor. Successful exploitati ... oval:org.secpod.oval:def:55532 The host is missing a critical security update according to Mozilla advisory, MFSA2019-18. The update is required to fix a type confusion vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to crash the application. oval:org.secpod.oval:def:62409 Mozilla Firefox 75, Mozilla Firefox ESR 68.7 and Mozilla Thunderbird 68.7.0 : When reading from areas partially or fully outside the source resource with WebGL's <code>copyTexSubImage</code> method, the specification requires the returned values be zero. Previously, this memory was uninitialized, le ... oval:org.secpod.oval:def:62413 Mozilla Firefox 75, Mozilla Firefox ESR 68.7 and Mozilla Thunderbird 68.7.0 : Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 74 and Firefox ESR 68.6. Some of these bugs showed evidence of memory corruption and we presume that ... oval:org.secpod.oval:def:55533 A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. oval:org.secpod.oval:def:54978 Mozilla Firefox 67, Mozilla Firefox ESR 60.7 and Mozilla Thunderbird 60.7: If a crafted hyperlink is dragged and dropped to the bookmark bar or sidebar and the resulting bookmark is subsequently dragged and dropped into the web content area, an arbitrary query of a user's browser history can be run ... oval:org.secpod.oval:def:54990 Mozilla Firefox 67, Mozilla Firefox ESR 60.7 and Mozilla Thunderbird 60.7: A vulnerability where a JavaScript compartment mismatch can occur while working with the <code>fetch</code> API, resulting in a potentially exploitable crash. oval:org.secpod.oval:def:54991 Mozilla Firefox 67, Mozilla Firefox ESR 60.7 and Mozilla Thunderbird 60.7: A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash. oval:org.secpod.oval:def:54985 Mozilla Firefox 67, Mozilla Firefox ESR 60.7 and Mozilla Thunderbird 60.7: Mozilla developers and community members Olli Pettay, Bogdan Tara, Jan de Mooij, Jason Kratzer, Jan Varga, Gary Kwong, Tim Guan-tin Chien, Tyson Smith, Ronald Crane, and Ted Campbell reported memory safety bugs present in Fir ... oval:org.secpod.oval:def:54989 Mozilla Firefox 67, Mozilla Firefox ESR 60.7 and Mozilla Thunderbird 60.7: A race condition is present in the crash generation server used to generate data for the crash reporter. This issue can lead to a use-after-free in the main process, resulting in a potentially exploitable crash and a sandbox ... oval:org.secpod.oval:def:54987 Mozilla Firefox 67, Mozilla Firefox ESR 60.7 and Mozilla Thunderbird 60.7: A possible vulnerability exists where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the bypassing of security checks within these groups. oval:org.secpod.oval:def:54988 Mozilla Firefox 67, Mozilla Firefox ESR 60.7 and Mozilla Thunderbird 60.7: Images from a different domain can be read using a canvas object in some circumstances. This could be used to steal image data from a different site in violation of same-origin policy. oval:org.secpod.oval:def:73106 Mozilla Firefox 89, Mozilla Firefox ESR 78.11, Mozilla Thunderbird 78.11: Mozilla developers Christian Holler, Anny Gakhokidze, Alexandru Michis, Gabriele Svelto reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11. Some of these bugs showed evidence of memory corruption and we pr ... oval:org.secpod.oval:def:73104 Mozilla Firefox 89, Mozilla Firefox ESR 78.11, Mozilla Thunderbird 78.11: A locally-installed hostile program could send WM_COPYDATA messages that Firefox would process incorrectly, leading to an out-of-bounds read. oval:org.secpod.oval:def:67832 Mozilla Firefox 84, Mozilla Firefox ESR 78.6, Mozilla Thunderbird 78.6: When <code>flex-basis</code> was used on a table wrapper, a <code>StyleGenericFlexBasis</code> object could have been incorrectly cast to the wrong type. This resulted in a heap user-after-free, memory corruption, and a potentia ... oval:org.secpod.oval:def:67831 Mozilla Firefox 84, Mozilla Firefox ESR 78.6, Mozilla Thunderbird 78.6: Certain input to the CSS Sanitizer confused it, resulting in incorrect components being removed. This could have been used as a sanitizer bypass. oval:org.secpod.oval:def:67834 Mozilla Firefox 84, Mozilla Firefox ESR 78.6, Mozilla Thunderbird 78.6: Using techniques that built on the slipstream research, a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. oval:org.secpod.oval:def:67836 Mozilla Firefox 84, Mozilla Firefox ESR 78.6, Mozilla Thunderbird 78.6: When an extension with the proxy permission registered to receive <code><all_urls></code>, the proxy.onRequest callback was not triggered for view-source URLs. While web content cannot navigate to such URLs, a user opening View ... oval:org.secpod.oval:def:67838 Mozilla Firefox 84, Mozilla Firefox ESR 78.6, Mozilla Thunderbird 78.6: Mozilla developer Christian Holler reported memory safety bugs present in Firefox 83 and Firefox ESR 78.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have b ... oval:org.secpod.oval:def:67837 Mozilla Firefox 84, Mozilla Firefox ESR 78.6, Mozilla Thunderbird 78.6: If a user downloaded a file lacking an extension on Windows, and then "Open"-ed it from the downloads panel, if there was an executable file in the downloads directory with the same name but with an executable extension (such as ... oval:org.secpod.oval:def:67829 Mozilla Firefox 84, Mozilla Firefox ESR 78.6, Mozilla Thunderbird 78.6: Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow on some video drivers. oval:org.secpod.oval:def:67828 Mozilla Firefox 84, Mozilla Firefox ESR 78.6, Mozilla Thunderbird 78.6: When a BigInt was right-shifted the backing store was not properly cleared, allowing uninitialized memory to be read. oval:org.secpod.oval:def:74354 Mozilla Firefox 91,Mozilla Firefox ESR 78.13 and Mozilla Thunderbird 78.13 : Firefox incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash. oval:org.secpod.oval:def:74355 Mozilla Firefox 91,Mozilla Firefox ESR 78.13 and Mozilla Thunderbird 78.13: Mozilla developers Christoph Kerschbaumer, Olli Pettay, Sandor Molnar, and Simon Giesecke reported memory safety bugs present in Firefox 90 and Firefox ESR 78.12. Some of these bugs showed evidence of memory corruption and w ... oval:org.secpod.oval:def:74349 Mozilla Firefox 91,Mozilla Firefox ESR 78.13 and Mozilla Thunderbird 78.13 : Uninitialized memory in a canvas object could have caused an incorrect free() leading to memory corruption and a potentially exploitable crash. oval:org.secpod.oval:def:74352 Mozilla Firefox 91,Mozilla Firefox ESR 78.13 and Mozilla Thunderbird 78.13 : Instruction reordering resulted in a sequence of instructions that would cause an object to be incorrectly considered during garbage collection. This led to memory corruption and a potentially exploitable crash. oval:org.secpod.oval:def:74353 Mozilla Firefox 91,Mozilla Firefox ESR 78.13 and Mozilla Thunderbird 78.13 : A use-after-free vulnerability in media channels could have led to memory corruption and a potentially exploitable crash. oval:org.secpod.oval:def:74782 Mozilla Firefox 92, Mozilla Firefox ESR 78.14, Mozilla Firefox ESR 91.1, Mozilla Thunderbird 78.14, Mozilla Thunderbird 91.1: When delegating navigations to the operating system, Thunderbird would accept the mk scheme which might allow attackers to launch pages and execute scripts in Internet Explor ... oval:org.secpod.oval:def:74783 Mozilla Firefox 92, Mozilla Firefox ESR 78.14, Mozilla Firefox ESR 91.1, Mozilla Thunderbird 78.14, Mozilla Thunderbird 91.1: Mozilla developers Gabriele Svelto and Tyson Smith reported memory safety bugs present in Firefox 91 and Firefox ESR 78.14. Some of these bugs showed evidence of memory corru ... oval:org.secpod.oval:def:70472 Mozilla Firefox 87, Mozilla Firefox ESR 78.9 and Mozilla Thunderbird 78.9: Mozilla developers and community members Matthew Gregan, Tyson Smith, Julien Wajsberg, and Alexis Beingessner reported memory safety bugs present in Firefox 86 and Firefox ESR 78.8. Some of these bugs showed evidence of memor ... oval:org.secpod.oval:def:70469 Mozilla Firefox 87, Mozilla Firefox ESR 78.9 and Mozilla Thunderbird 78.9: A malicious extension could have opened a popup window lacking an address bar. The title of the popup lacking an address bar should not be fully controllable, but in this situation was. This could have been used to spoof a we ... oval:org.secpod.oval:def:70466 Mozilla Firefox 87, Mozilla Firefox ESR 78.9 and Mozilla Thunderbird 78.9: A texture upload of a Pixel Buffer Object could have confused the WebGL code to skip binding the buffer used to unpack it, resulting in memory corruption and a potentially exploitable information leak or crash. oval:org.secpod.oval:def:70467 Mozilla Firefox 87, Mozilla Firefox ESR 78.9 and Mozilla Thunderbird 78.9: Using techniques that built on the slipstream research, a malicious webpage could have scanned both an internal network's hosts as well as services running on the user's local machine utilizing WebRTC connections. oval:org.secpod.oval:def:77249 Mozilla Firefox 96, Mozilla Firefox ESR 91.5 and Mozilla Thunderbird 91.5: Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of ... oval:org.secpod.oval:def:77247 Mozilla Firefox 96, Mozilla Firefox ESR 91.5 and Mozilla Thunderbird 91.5: Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a program and handling an external URL protocol. oval:org.secpod.oval:def:77239 Mozilla Firefox 96, Mozilla Firefox ESR 91.5 and Mozilla Thunderbird 91.5: Certain network request objects were freed too early when releasing a network request handle. This could have lead to a use-after-free causing a potentially exploitable crash. oval:org.secpod.oval:def:77238 Mozilla Firefox 96, Mozilla Firefox ESR 91.5 and Mozilla Thunderbird 91.5: Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. oval:org.secpod.oval:def:77237 Mozilla Firefox 96, Mozilla Firefox ESR 91.5 and Mozilla Thunderbird 91.5: Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-buffer-overflow causing a potentially exploitable crash. oval:org.secpod.oval:def:77236 Mozilla Firefox 96, Mozilla Firefox ESR 91.5 and Mozilla Thunderbird 91.5: Constructing audio sinks could have lead to a race condition when playing audio files and closing windows. This could have lead to a use-after-free causing a potentially exploitable crash. oval:org.secpod.oval:def:77246 Mozilla Firefox 96, Mozilla Firefox ESR 91.5 and Mozilla Thunderbird 91.5: After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable. oval:org.secpod.oval:def:77245 Mozilla Firefox 96, Mozilla Firefox ESR 91.5 and Mozilla Thunderbird 91.5: A race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed. oval:org.secpod.oval:def:77244 Mozilla Firefox 96, Mozilla Firefox ESR 91.5 and Mozilla Thunderbird 91.5: Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations oval:org.secpod.oval:def:77243 Mozilla Firefox 96, Mozilla Firefox ESR 91.5 and Mozilla Thunderbird 91.5: The constructed curl command from the "Copy as curl" feature in DevTools was not properly escaped for PowerShell. This could have lead to command injection if pasted into a Powershell prompt. oval:org.secpod.oval:def:77242 Mozilla Firefox 96, Mozilla Firefox ESR 91.5 and Mozilla Thunderbird 91.5: When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode. oval:org.secpod.oval:def:77241 Mozilla Firefox 96, Mozilla Firefox ESR 91.5 and Mozilla Thunderbird 91.5: When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash. oval:org.secpod.oval:def:77240 Mozilla Firefox 96, Mozilla Firefox ESR 91.5 and Mozilla Thunderbird 91.5: When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. oval:org.secpod.oval:def:77234 Mozilla Firefox 96, Mozilla Firefox ESR 91.5 and Mozilla Thunderbird 91.5: It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. oval:org.secpod.oval:def:86239 Mozilla Firefox ESR 102.6, Mozilla Thunderbird 102.6 and Mozilla Firefox 107.0 : A use-after-free in WebGL extensions could have led to a potentially exploitable crash. oval:org.secpod.oval:def:86238 Mozilla Firefox ESR 102.6, Mozilla Thunderbird 102.6 and Mozilla Firefox 106.0 : An optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a potentially exploitable crash. oval:org.secpod.oval:def:86235 Mozilla Firefox 108, Mozilla Firefox ESR 102.6, Mozilla Thunderbird 102.6 : Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 107 and Firefox ESR 102.5. Some of these bugs showed evidence of memory corruption and ... oval:org.secpod.oval:def:86233 Mozilla Firefox 108, Mozilla Firefox ESR 102.6, Mozilla Thunderbird 102.6.1: A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could have potentially led to user confusion and the execution of malicious c ... oval:org.secpod.oval:def:78012 The host is missing a critical severity security update according to the Mozilla advisory MFSA2022-09 and is prone to a use after free vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to cause un ... oval:org.secpod.oval:def:78013 Mozilla Firefox 97.0.2, Mozilla Firefox ESR 91.6.1 or Mozilla Thunderbird 91.6.2: Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. oval:org.secpod.oval:def:78014 Mozilla Firefox 97.0.2, Mozilla Firefox ESR 91.6.1 or Mozilla Thunderbird 91.6.2: An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. oval:org.secpod.oval:def:84313 Mozilla Firefox 105.0, Mozilla Firefox ESR 102.3 or Mozilla Thunderbird 102.3 : Concurrent use of the URL parser with non-UTF-8 data was not thread-safe. This could lead to a use-after-free causing a potentially exploitable crash. oval:org.secpod.oval:def:84314 Mozilla Firefox 105.0, Mozilla Firefox ESR 102.3 or Mozilla Thunderbird 102.3 : Mozilla developers Nika Layzell, Timothy Nikkel, Jeff Muizelaar, Sebastian Hengst, Andreas Pehrson, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 104 and Firefox ESR 102.2. Some of these bug ... oval:org.secpod.oval:def:84310 Mozilla Firefox 105.0, Mozilla Firefox ESR 102.3 or Mozilla Thunderbird 102.3 : When injecting an HTML base element, some requests would ignore the CSP's base-uri settings and accept the injected element's base instead. oval:org.secpod.oval:def:84311 Mozilla Firefox 105.0, Mozilla Firefox ESR 102.3 or Mozilla Thunderbird 102.3 : By injecting a cookie with certain special characters, an attacker on a shared subdomain which is not a secure context could set and thus overwrite cookies from a secure context, leading to session fixation and other att ... oval:org.secpod.oval:def:84312 Mozilla Firefox 105.0, Mozilla Firefox ESR 102.3 or Mozilla Thunderbird 102.3 : During iframe navigation, certain pages did not have their FeaturePolicy fully initialized leading to a bypass that leaked device permissions into untrusted subdocuments. oval:org.secpod.oval:def:93427 Mozilla Firefox 118 Mozilla Firefox ESR 115.3 : If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash. oval:org.secpod.oval:def:93429 Mozilla Firefox 118 Mozilla Firefox ESR 115.3 : Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. oval:org.secpod.oval:def:93424 Mozilla Firefox 118 Mozilla Firefox ESR 115.3 : During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash. oval:org.secpod.oval:def:93421 Mozilla Firefox 118 Mozilla Firefox ESR 115.3 : A compromised content process could have provided malicious data to code FilterNodeD2D1code resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. oval:org.secpod.oval:def:93422 Mozilla Firefox 118 Mozilla Firefox ESR 115.3 : A compromised content process could have provided malicious data in a code PathRecording code resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. oval:org.secpod.oval:def:89114 Mozilla Firefox 112, Mozilla Firefox ESR 102.10, Mozilla Thunderbird 102.10 : Similar to CVE-2023-28163, this time when choosing 'Save Link As', suggested filenames containing environment variable names would have resolved those in the context of the current user. oval:org.secpod.oval:def:89111 Mozilla Firefox 112, Mozilla Firefox ESR 102.10, Mozilla Thunderbird 102.10 : A newline in a filename could have been used to bypass the file extension security mechanisms that replace malicious file extensions such as .lnk with .download. This could have led to accidental execution of malicious co ... oval:org.secpod.oval:def:89109 Mozilla Firefox 112, Mozilla Firefox ESR 102.10, Mozilla Thunderbird 102.10 : When handling the filename directive in the Content-Disposition header, the filename would be truncated if the filename contained a NULL character. This could have led to reflected file download attacks potentially trickin ... oval:org.secpod.oval:def:89105 Mozilla Firefox 112, Mozilla Firefox ESR 102.10, Mozilla Thunderbird 102.10 : Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash. oval:org.secpod.oval:def:89106 Mozilla Firefox 112, Mozilla Firefox ESR 102.10, Mozilla Thunderbird 102.10 : An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash. oval:org.secpod.oval:def:89103 Mozilla Firefox 112, Mozilla Firefox ESR 102.10, Mozilla Thunderbird 102.10 : A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature chec ... oval:org.secpod.oval:def:89104 Mozilla Firefox 112, Mozilla Firefox ESR 102.10, Mozilla Thunderbird 102.10 : A website could have obscured the fullscreen notification by using a combination of codewindow.open/code, fullscreen requests, codewindow.name/code assignments, and codesetInterval/code calls. This could have led to user c ... oval:org.secpod.oval:def:89101 The host is missing a high severity security update according to the Mozilla advisory MFSA2023-14 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified imp ... oval:org.secpod.oval:def:89118 Mozilla Firefox 112, Mozilla Firefox ESR 102.10, Mozilla Thunderbird 102.10 : Mozilla developers Randell Jesup, Andrew Osmond, Sebastian Hengst, Andrew McCreight, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 111 and Firefox ESR 102.9. Some of these bugs showed evidence ... oval:org.secpod.oval:def:89116 Mozilla Firefox 112, Mozilla Firefox ESR 102.10, Mozilla Thunderbird 102.10 : A wrong lowering instruction in the ARM64 Ion compiler resulted in a wrong optimization result. oval:org.secpod.oval:def:90301 The host is missing a high severity security update according to the Mozilla advisory MFSA2023-19 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to cause multiple impac ... oval:org.secpod.oval:def:90302 Mozilla Firefox 114, Mozilla Firefox ESR 102.12 and Mozilla Thunderbird 102.12.0 : The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from attacks that exploit human response time delays. If a malicious page ... oval:org.secpod.oval:def:90304 Mozilla Firefox 114, Mozilla Firefox ESR 102.12 and Mozilla Thunderbird 102.12.0 : Mozilla developers and community members Gabriele Svelto, Andrew McCreight, the Mozilla Fuzzing Team, Sean Feng, and Sebastian Hengst reported memory safety bugs present in Firefox 113 and Firefox ESR 102.11. Some of ... oval:org.secpod.oval:def:93027 The host is installed with Google Chrome before 117.0.5938.62, Microsoft Edge before 117.0.2045.31, Mozilla Firefox before 117.0.1, Mozilla Firefox ESR 102.15.1 or 115.0 before 115.2.1, Mozilla Thunderbird 102.15.1 or 115.0 before 115.2.1, Opera Browser before 102.0.4880.51, Brave Browser before 1.5 ... oval:org.secpod.oval:def:93025 The host is missing a critical severity security update according to the Mozilla advisory MFSA2023-40 and is prone to a heap buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could lead to a heap buffer ov ... oval:org.secpod.oval:def:95994 Mozilla Firefox 121, Mozilla Firefox ESR 115.6, Mozilla Thunderbird 115.6 : Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to r ... oval:org.secpod.oval:def:95993 Mozilla Firefox 121, Mozilla Firefox ESR 115.6, Mozilla Thunderbird 115.6 : The "ShutdownObserver()" was susceptible to potentially undefined behavior due to its reliance on a dynamic type that lacked a virtual destructor. oval:org.secpod.oval:def:95991 Mozilla Firefox 121, Mozilla Firefox ESR 115.6, Mozilla Thunderbird 115.6 : The "nsWindow::PickerOpen(void)" method was susceptible to a heap buffer overflow when running in headless mode. oval:org.secpod.oval:def:95997 Mozilla Firefox 121, Mozilla Firefox ESR 115.6 : The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant but ... oval:org.secpod.oval:def:95995 Mozilla Firefox 121, Mozilla Firefox ESR 115.6 : "EncryptingOutputStream" was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. oval:org.secpod.oval:def:95989 Mozilla Firefox 121, Mozilla Firefox ESR 115.6, Mozilla Thunderbird 115.6 : A use-after-free condition affected TLS socket creation when under memory pressure. oval:org.secpod.oval:def:95988 Mozilla Firefox 121, Mozilla Firefox ESR 115.6, Mozilla Thunderbird 115.6 : Firefox was susceptible to a heap buffer overflow in "nsTextFragment" due to insufficient OOM handling. oval:org.secpod.oval:def:95987 Mozilla Firefox 121, Mozilla Firefox ESR 115.6, Mozilla Thunderbird 115.6 : The WebGL "DrawElementsInstanced" method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. oval:org.secpod.oval:def:95990 Mozilla Firefox 121, Mozilla Firefox ESR 115.6, Mozilla Thunderbird 115.6 : The "VideoBridge" allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. oval:org.secpod.oval:def:98151 Mozilla Firefox 123, Mozilla Firefox ESR 115.8, Mozilla Thunderbird 115.8 : When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read. oval:org.secpod.oval:def:98152 Mozilla Firefox 123, Mozilla Firefox ESR 115.8, Mozilla Thunderbird 115.8 : Through a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website (with the victim website's URL shown). oval:org.secpod.oval:def:98153 Mozilla Firefox 123, Mozilla Firefox ESR 115.8, Mozilla Thunderbird 115.8 : A website could have obscured the fullscreen notification by using a dropdown select input element. This could have led to user confusion and possible spoofing attacks. oval:org.secpod.oval:def:98154 Mozilla Firefox 123, Mozilla Firefox ESR 115.8, Mozilla Thunderbird 115.8 : If a website set a large custom cursor, portions of the cursor could have overlapped with the permission dialog, potentially resulting in user confusion and unexpected granted permissions. oval:org.secpod.oval:def:98155 Mozilla Firefox 123, Mozilla Firefox ESR 115.8, Mozilla Thunderbird 115.8 : A malicious website could have used a combination of exiting fullscreen mode and requestPointerLock to cause the user's mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently grantin ... oval:org.secpod.oval:def:98156 Mozilla Firefox 123, Mozilla Firefox ESR 115.8, Mozilla Thunderbird 115.8 : Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cooki ... oval:org.secpod.oval:def:98157 Mozilla Firefox 123, Mozilla Firefox ESR 115.8, Mozilla Thunderbird 115.8 : Memory safety bugs present in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to r ... oval:org.secpod.oval:def:16083 The host is installed with Google Chrome before 31.0.1650.48, Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, SeaMonkey before 2.23, Java SE 5.0 through 5.0u61, 6.0 through 6u71, 7.0 through 7u51, 8.0, Windows vista, server 2008, server 2008 R2, win 7, win server ... oval:org.secpod.oval:def:54971 The host is missing a critical security update according to Mozilla advisory, MFSA2019-14. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:54983 Mozilla Firefox 67, Mozilla Firefox ESR 60.7, Mozilla Thunderbird 60.7, Java 7u221, 8u212, 11.0.3 and 12.0.2: A use-after-free vulnerability was discovered in the <code>png_image_free</code> function in the libpng library. This could lead to denial of service or a potentially exploitable crash when ... oval:org.secpod.oval:def:45513 The host is missing a critical security update according to Mozilla advisory, MFSA2018-12. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code, ... oval:org.secpod.oval:def:45486 Mozilla Firefox before 60.0, Firefox, Thunderbird or ESR before 52.8 : A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. oval:org.secpod.oval:def:45489 Mozilla Firefox before 60.0, Firefox, Thunderbird or ESR before 52.8 : An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable b ... oval:org.secpod.oval:def:45485 Mozilla Firefox before 60.0, Firefox, Thunderbird or ESR before 52.8 : Mozilla developers and community members Christoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald Crane, Julian Hector, Kannan Vijayan, and Jason Kratzer reported memory safety bugs present in Firefox and Firefox ESR. Som ... oval:org.secpod.oval:def:45490 Mozilla Firefox before 60.0, Firefox, Thunderbird or ESR before 52.8 : Sites can bypass security checks on permissions to install lightweight themes by manipulating the baseURI property of the theme element. This could allow a malicious site to install a theme without user interaction which could co ... oval:org.secpod.oval:def:45491 Mozilla Firefox ESR before 52.8 or Thunderbird before 52.8: A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. oval:org.secpod.oval:def:45492 Mozilla Firefox ESR or Thunderbird before 52.8 :A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. oval:org.secpod.oval:def:45493 Mozilla Firefox ESR or Thunderbird before 52.8 : Mozilla developers backported selected changes in the Skia library to the ESR52 branch of Firefox. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. oval:org.secpod.oval:def:59326 The host is missing a critical security update according to Mozilla advisory, MFSA2019-33. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to steal stored passwords. oval:org.secpod.oval:def:59327 Mozilla Firefox 70, Mozilla Firefox ESR 68.2 and Mozilla Thunderbird 68.2: When storing a value in IndexedDB, the value's prototype chain is followed and it was possible to retain a reference to a locale, delete it, and subsequently reference it. This resulted in a use-after-free and a potentially e ... oval:org.secpod.oval:def:59330 Mozilla Firefox 70, Mozilla Firefox ESR 68.2 and Mozilla Thunderbird 68.2: A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances. oval:org.secpod.oval:def:59336 Mozilla Firefox 70, Mozilla Firefox ESR 68.2, Mozilla Thunderbird 68.2, Google Chrome, Apple iTunes and iCloud: In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early. A subsequent call to code XML_GetCurrentLineNumber/code or c ... oval:org.secpod.oval:def:59331 Mozilla Firefox 70, Mozilla Firefox ESR 68.2 and Mozilla Thunderbird 68.2: By using a form with a data URI it was possible to gain access to the privileged codeJSONView/code object that had been cloned into content. Impact from exposing this object appears to be minimal, however it was a bypass of e ... oval:org.secpod.oval:def:59332 Mozilla Firefox 70, Mozilla Firefox ESR 68.2 and Mozilla Thunderbird 68.2: If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. oval:org.secpod.oval:def:59333 Mozilla Firefox 70, Mozilla Firefox ESR 68.2 and Mozilla Thunderbird 68.2: Failure to correctly handle null bytes when processing HTML entities resulted in Firefox incorrectly parsing these entities. This could have led to HTML comment text being treated as HTML which could have led to XSS in a web ... oval:org.secpod.oval:def:59334 Mozilla Firefox 70, Mozilla Firefox ESR 68.2 and Mozilla Thunderbird 68.2: Mozilla developers and community members Bob Clary, Jason Kratzer, Aaron Klotz, Iain Ireland, Tyson Smith, Christian Holler, Steve Fink, Honza Bambas, Byron Campen, and Cristian Brindusan reported memory safety bugs present i ... oval:org.secpod.oval:def:59328 Mozilla Firefox ESR 68.2 : Mozilla community member Philipp reported a memory safety bug present in Firefox 68 when 360 Total Security was installed. This bug showed evidence of memory corruption in the accessibility engine and we presume that with enough effort that it could be exploited to run arb ... oval:org.secpod.oval:def:59329 Mozilla Firefox 70, Mozilla Firefox ESR 68.2 and Mozilla Thunderbird 68.2: An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a crash. oval:org.secpod.oval:def:55561 Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitra ... oval:org.secpod.oval:def:58068 Mozilla Firefox 68.0.2, Mozilla Firefox ESR 68.0.2: When a master password is set, it is required to be entered before stored passwords can be accessed in the 'Saved Logins' dialog. It was found that locally stored passwords can be copied to the clipboard thorough the 'copy password' context menu it ... oval:org.secpod.oval:def:58069 The host is missing a moderate severity security update according to Mozilla advisory, MFSA2019-24. The update is required to fix an information disclosure vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to stea ... |