Download
| Alert*
|
oval:org.secpod.oval:def:16333
Mozilla Developer Bobby Holley and Mozilla security researcher moz_bug_r_a4 discovered a mechanism where XBL scopes can be be used to circumvent XrayWrappers from within the Chrome on unprivileged objects. This allows web content to potentially confuse privileged code and weaken invariants and can ... oval:org.secpod.oval:def:16365 The XrayWrapper implementation in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 does not properly address the possibility of an XBL scope bypass resulting from non-native arguments in XBL function calls, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks ... oval:org.secpod.oval:def:701382 ubufox: Ubuntu Firefox specific configuration defaults and apt support - unity-firefox-extension: Unity Integration for Firefox Details: USN-1924-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Ubufox and Unity Firefox Extension. Original advisory This update p ... oval:org.secpod.oval:def:701383 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:15019 Mozilla Developer Bobby Holley and Mozilla security researcher moz_bug_r_a4 discovered a mechanism where XBL scopes can be be used to circumvent XrayWrappers from within the Chrome on unprivileged objects. This allows web content to potentially confuse privileged code and weaken invariants and can l ... oval:org.secpod.oval:def:15051 The XrayWrapper implementation in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 does not properly address the possibility of an XBL scope bypass resulting from non-native arguments in XBL function calls, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks ... |
