The host is missing a security update according to Mozilla advisory, MFSA2015-135. The update is required to fix an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle crafted javascript variable assignments. Successful exploitation allows remote attackers to execute arbitrary code.
The host is missing a security update according to Mozilla advisory, MFSA2015-136. The update is required to fix an information disclosure vulnerability. A flaw is present in the application, which fails to handle a crafted javascript code that leverages history. Successful exploitation allows remote attackers to bypass the same origin policy and obtain sensitive information.
The host is missing a security update according to Mozilla advisory, MFSA2015-137. The update is required to fix an information disclosure vulnerability. A flaw is present in the application, which fails to handle HTTP Cookie headers. Successful exploitation allows remote attackers to obtain sensitive information.
The host is missing a security update according to Mozilla advisory, MFSA2015-138. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fail to handle data channel that has been closed by a WebRTC function. Successful exploitation allows remote attackers to execute arbitrary code.
The host is missing an important security update according to Mozilla advisory, MFSA2015-140. The update is required to fix a same origin policy bypass vulnerability. A flaw is present in the application, which fails to handle the fetch API while attempting to access resource which throws an exception. Successful exploitation allows remote attackers to cause a denial of service or possibly have un ...
The host is missing security update according to Mozilla advisory, MFSA2015-141. The update is required to fix a data mishandling vulnerability. A flaw is present in the application, which fails to handle # (number sign) character in a data: URI. Successful exploitation allows remote attackers to spoof web sites.
The host is missing security update according to Mozilla advisory, MFSA2015-142. The update is required to fix a denial of service vulnerability. A flaw is present in the application, which fails to handle a single-byte header frame that triggers incorrect memory allocation. Successful exploitation allows remote attackers to cause a denial of service (integer underflow, assertion failure and appli ...
The host is missing an important security update according to Mozilla advisory, MFSA2015-144. The update is required to fix a buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted javascript code. Successful exploitation allows remote attackers to cause a denial of service or possibly have unspecified other impact.
The host is missing an important security update according to Mozilla advisory, MFSA2015-147. The update is required to fix an arbitrary code execution vulnerability. A flaw is present in the applications, which fail to handle MP4 video file with crafted covr metadata that triggers a buffer overflow. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial of ser ...
The host is missing a critical security update according to Mozilla advisory, MFSA2015-148. The update is required to fix a cross-site scripting (XSS) vulnerability. A flaw is present in the application, which fails to handle a crafted web site. Successful exploitation allows remote attackers to gain privileges, and possibly obtain sensitive information.