[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Mozilla Products: Debugger can bypass XrayWrappers with JavaScript - mfsa2014-47 (Mac OS X)

ID: oval:org.secpod.oval:def:17844Date: (C)2014-05-08   (M)2023-11-18
Class: PATCHFamily: macos




Mozilla developer Boris Zbarsky discovered that the debugger will work with some objects while bypassing XrayWrappers. This could lead to privilege escalation if the victim used the debugger to interact with a malicious page.

Platform:
Apple Mac OS 14
Apple Mac OS 13
Apple Mac OS 12
Apple Mac OS 11
Apple Mac OS X 10.15
Apple Mac OS X 10.14
Apple Mac OS X 10.13
Apple Mac OS X 10.11
Apple Mac OS X 10.12
Product:
Mozilla SeaMonkey
Mozilla Firefox
Reference:
MFSA 2014-47
CVE-2014-1526
CVE    1
CVE-2014-1526
CPE    383
cpe:/a:mozilla:firefox:14.0
cpe:/a:mozilla:firefox:20.0.1
cpe:/a:mozilla:firefox:3.6.26
cpe:/a:mozilla:firefox:3.6.27
...

© SecPod Technologies