[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248678

 
 

909

 
 

195426

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 17037 Download | Alert*

The host is installed with Mozilla Thunderbird before 102.3.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle input validation in Matrix Javascript SDK. Successful exploitation allow attackers to perform a denial of service (DoS) attack.

Mozilla Firefox 105.0, Mozilla Firefox ESR 102.3 or Mozilla Thunderbird 102.3 : An out-of-bounds read can occur when decoding H264 video. This results in a potentially exploitable crash.

Mozilla Thunderbird 102.3 : When saving or opening an email attachment on macOS, Thunderbird did not set attribute com.apple.quarantine on the received file. If the received file was an application and the user attempted to open it, then the application was started immediately without asking the user to confirm.

Mozilla Firefox 105.0, Mozilla Firefox ESR 102.3 or Mozilla Thunderbird 102.3 : Mozilla developers Nika Layzell, Timothy Nikkel, Jeff Muizelaar, Sebastian Hengst, Andreas Pehrson, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 104 and Firefox ESR 102.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could ha ...

Mozilla Firefox 105.0, Mozilla Firefox ESR 102.3 or Mozilla Thunderbird 102.3 : Concurrent use of the URL parser with non-UTF-8 data was not thread-safe. This could lead to a use-after-free causing a potentially exploitable crash.

Mozilla Firefox 105.0, Mozilla Firefox ESR 102.3 or Mozilla Thunderbird 102.3 : During iframe navigation, certain pages did not have their FeaturePolicy fully initialized leading to a bypass that leaked device permissions into untrusted subdocuments.

Mozilla Firefox 105.0, Mozilla Firefox ESR 102.3 or Mozilla Thunderbird 102.3 : By injecting a cookie with certain special characters, an attacker on a shared subdomain which is not a secure context could set and thus overwrite cookies from a secure context, leading to session fixation and other attacks.

Mozilla Firefox 105.0, Mozilla Firefox ESR 102.3 or Mozilla Thunderbird 102.3 : When injecting an HTML base element, some requests would ignore the CSP's base-uri settings and accept the injected element's base instead.

Mozilla Thunderbird 102.2.1 : Thunderbird users who use the Matrix chat protocol were vulnerable to a denial-of-service attack. An adversary sharing a room with a user had the ability to carry out an attack against affected clients, making it not show all of a user's rooms or spaces and/or causing minor temporary corruption.

Mozilla Thunderbird 102.2.1 : When receiving an HTML email that specified to load an iframe element from a remote location, a request to the remote document was sent. However, Thunderbird didn't display the document.


Pages:      Start    870    871    872    873    874    875    876    877    878    879    880    881    882    883    ..   1703

© SecPod Technologies