[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247621

 
 

909

 
 

194512

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 14840 Download | Alert*

Mozilla Firefox 102, Mozilla Firefox ESR 91.11, Mozilla Thunderbird 91.11 and Mozilla Thunderbird 102.0 : The Mozilla Fuzzing Team reported potential vulnerabilities present in Firefox 101 and Firefox ESR 91.10. Some of these bugs showed evidence of JavaScript prototype or memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

Mozilla Firefox 102 : Mozilla developers Bryce Seager van Dyk and the Mozilla Fuzzing Team reported potential vulnerabilities present in Firefox 101. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

Mozilla Firefox 80 : When processing a MAR update file, after the signature has been validated, an invalid name length could result in a heap overflow, leading to memory corruption and potentially arbitrary code execution. Within Firefox as released by Mozilla, this issue is only exploitable with the Mozilla-controlled signing key.

Mozilla Firefox 80 : A lock was missing when accessing a data structure and importing certificate information into the trust database.

Mozilla Firefox 80, Mozilla Firefox ESR 78.2 and Mozilla Thunderbird 78.2 : Mozilla developers Jason Kratzer, Christian Holler, Byron Campen, and Tyson Smith reported memory safety bugs present in Firefox 79 and Firefox ESR 78.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

Mozilla Firefox 80 : When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been computed.

Mozilla Firefox 84, Mozilla Firefox ESR 78.6, Mozilla Thunderbird 78.6: When a BigInt was right-shifted the backing store was not properly cleared, allowing uninitialized memory to be read.

Mozilla Firefox 84, Mozilla Firefox ESR 78.6, Mozilla Thunderbird 78.6: Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow on some video drivers.

Mozilla Firefox 84 : The lifecycle of IPC Actors allows managed actors to outlive their manager actors; and the former must ensure that they are not attempting to use a dead actor they have a reference to. Such a check was omitted in WebGL, resulting in a use-after-free and a potentially exploitable crash.

Mozilla Firefox 84, Mozilla Firefox ESR 78.6, Mozilla Thunderbird 78.6: Certain input to the CSS Sanitizer confused it, resulting in incorrect components being removed. This could have been used as a sanitizer bypass.


Pages:      Start    4    5    6    7    8    9    10    11    12    13    14    15    16    17    ..   1483

© SecPod Technologies