[Forgot Password]
Login  Register Subscribe

23631

 
 

126998

 
 

101924

 
 

909

 
 

80911

 
 

121

 
 
Paid content will be excluded from the download.

Filter
Matches : 11866 Download | Alert*

The Alarm API in Mozilla Firefox before 33.0 and Firefox ESR 31.x before 31.2 does not properly restrict toJSON calls, which allows remote attackers to bypass the Same Origin Policy via crafted API calls that access sensitive information within the JSON data of an alarm.

The host is installed with Mozilla Firefox before 50.0, Firefox ESR before 45.5 or Thunderbird 45.x before 45.5 and is prone to a heap-buffer-overflow vulnerability. A flaw is present in the applications, which fail to properly process SVG content. Successful exploitation allows remote attackers to crash the service.

The host is installed with Mozilla Firefox before 50.0 or Firefox ESR before 45.5 and is prone to an arbitrary local file write vulnerability. A flaw is present in the applications, which fail to handle Updater's log file in the working directory points to a hardlink. Successful exploitation allows attackers to append data to an arbitrary local file.

The host is installed with Mozilla Firefox before 50.0, Firefox ESR before 45.5 or Thunderbird 45.x before 45.5 and is prone to an unspecified vulnerability. A flaw is present in the applications, which fail to handle a unknown vector. Successful exploitation allows attackers to choose an arbitrary target working directory for output files resulting from the update process.

The host is installed with Mozilla Firefox before 50.0, Firefox ESR before 45.5 or Thunderbird 45.x before 45.5 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fail to handle argument length checking in JavaScript. Successful exploitation allows remote attackers to cause potential integer overflows or other bounds checking issues.

The host is installed with Mozilla Firefox before 50.0 or Firefox ESR before 45.5 and is prone to a man-in-the-middle attack vulnerability. A flaw is present in the applications, which fail to verify that the add-on ID inside the signed package matched the ID of the add-on being updated. Successful exploitation allows man-in-the-middle attackers to provide a malicious signed add-on instead of a va ...

The host is installed with Mozilla Firefox before 50.0, Firefox ESR before 45.5 or Thunderbird 45.x before 45.5 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fail to handle large amounts of incoming data. Successful exploitation allows remote attackers to crash the service.

The host is installed with Mozilla Firefox before 50.0, Firefox ESR before 45.5 or Thunderbird 45.x before 45.5 and is prone to a same-origin policy bypass vulnerability. A flaw is present in the applications, which fail to handle local HTML file and saved shortcut file. Successful exploitation allows attackers to load arbitrary local content from disk.

The host is installed with Mozilla Firefox before 50.0, Firefox ESR before 45.5 or Thunderbird 45.x before 45.5 and is prone to a unspecified vulnerability. A flaw is present in the applications, which is due to an existing mitigation of timing side-channel attacks is insufficient in some circumstances. Successful exploitation allows attackers to have unknown impact.

The host is installed with Mozilla Firefox before 50.0, Firefox ESR before 45.5 or Thunderbird 45.x before 45.5 and is prone to a memory corruption vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation allows remote attackers to run arbitrary code.


Pages:      Start    1137    1138    1139    1140    1141    1142    1143    1144    1145    1146    1147    1148    1149    1150    ..   1186

© 2013 SecPod Technologies