![]() Multiple unspecified vulnerabilities in the browser engine in Mozillaįirefox before 38.0 allow remote attackers to cause a denial of service Heap-based buffer overflow in the SVGTextFrame class in Mozilla FirefoxĪllows remote attackers to execute arbitrary code via crafted SVG graphicsĭata in conjunction with a crafted Cascading Style Sheets (CSS) token Information by reading web-server Referer logs that contain private data inĪ URL, as demonstrated by a private path component. Middle-click navigation, which allows remote attackers to obtain sensitive Mozilla Firefox before 38.0 does not recognize a referrer policy deliveredīy a referrer META element in cases of context-menu navigation and Information from process memory, via crafted JavaScript. Trigger out-of-bounds read operations and possibly obtain sensitive Out-of-bounds write operations and possibly execute arbitrary code, or The asm.js implementation in Mozilla Firefox before 38.0 does not properlyĭetermine heap lengths during identification of cases in which boundsĬhecking may be safely skipped, which allows remote attackers to trigger ![]() Service (heap memory corruption) via a document containing crafted text inĬonjunction with a Cascading Style Sheets (CSS) token sequence containing Use-after-free vulnerability in the SetBreaks function in Mozilla Firefoxīefore 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7Īllows remote attackers to execute arbitrary code or cause a denial of Permission for reading a log, as demonstrated by the READ_LOGS permissionįor the mixed-content violation log on Android 4.0 and earlier. Sensitive information via a crafted application that has a required URL data to the Android logging system, which allows attackers to obtain Mozilla Firefox before 38.0 on Android does not properly restrict writing Mozilla Firefox before 38.0 allows remote attackers to execute arbitraryĬode or cause a denial of service (use-after-free and heap memoryĬorruption) by leveraging improper Media Decoder Thread creation at the time Race condition in the nsThreadManager::RegisterCurrentThread function in (heap-based buffer overflow and out-of-bounds read) via an MP4 video fileīuffer overflow in the XML parser in Mozilla Firefox before 38.0, FirefoxĮSR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers toĮxecute arbitrary code by providing a large amount of compressed XML data. Remote attackers to execute arbitrary code or cause a denial of service Integer overflow in libstagefright in Mozilla Firefox before 38.0 allows Referencing a different web site that is intended to read this data. Webchannel-response data via a crafted web site containing an IFRAME element The WebChannel.jsm module in Mozilla Firefox before 38.0 allows remoteĪttackers to bypass the Same Origin Policy and obtain sensitive
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |