[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

251625

 
 

909

 
 

196370

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 195632 Download | Alert*

Chiaki Ishikawa discovered a stack overflow in SMTP server status handling which could potentially result in the execution of arbitrary code.

The host is missing a high severity security update according to Mozilla advisory, MFSA2020-50. The update is required to fix a stack overflow vulnerability. The flaw is present in the application, which fails to handle incorrect parsing of SMTP server response codes. Successful exploitation can cause unspecified impact.

Mozilla Firefox 83 : Mozilla developers Tyson Smith, Aaron Klotz, David Major and Jason Kratzer reported memory safety bugs present in Firefox 82. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

Mozilla Firefox 83 : When listening for page changes with a Mutation Observer, a malicious web page could confuse Firefox Screenshots into interacting with elements other than those that it injected into the page. This would lead to internal errors and unexpected behavior in the Screenshots code.

Mozilla Firefox 83 : Repeated calls to the history and location interfaces could have been used to hang the browser. This was addressed by introducing rate-limiting to these API calls.

Mozilla Firefox 83 : Cross-origin iframes that contained a login form could have been recognized by the login autofill service, and populated. This could have been used in clickjacking attacks, as well as be read across partitions in dynamic first party isolation.

Mozilla Firefox 83 : Incorrect bookkeeping of functions inlined during JIT compilation could have led to memory corruption and a potentially exploitable crash when handling out-of-memory errors.

Mozilla Firefox 82: Mozilla developers Christian Holler, Sebastian Hengst, Bogdan Tara, and Tyson Smith reported memory safety bugs present in Firefox 81. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

Mozilla Firefox 82: When a link to an external protocol was clicked, a prompt was presented that allowed the user to choose what application to open it in. An attacker could induce that prompt to be associated with an origin they didn't control, resulting in a spoofing attack. This was fixed by changing external protocol prompts to be tab-modal while also ensuring they could not be incorrectly ass ...

Mozilla Firefox 82: When multiple WASM threads had a reference to a module, and were looking up exported functions, one WASM thread could have overwritten another's entry in a shared stub table, resulting in a potentially exploitable crash.


Pages:      Start    8764    8765    8766    8767    8768    8769    8770    8771    8772    8773    8774    8775    8776    8777    ..   19563

© SecPod Technologies