Page 102 of 535 results (0.018 seconds)

CVSS: 5.1EPSS: 18%CPEs: 93EXPL: 0

Mozilla Firefox before 3.0.6 and SeaMonkey do not block links to the (1) about:plugins and (2) about:config URIs from .desktop files, which allows user-assisted remote attackers to bypass the Same Origin Policy and execute arbitrary code with chrome privileges via vectors involving the URL field in a Desktop Entry section of a .desktop file, related to representation of about: URIs as jar:file:// URIs. NOTE: this issue exists because of an incomplete fix for CVE-2008-4582. Mozilla Firefox en versiones anteriores a v3.0.6 y SeaMonkey no bloquean enlaces a las URIs (1) about:plugins y (2) about:config desde ficheros .desktop, lo que permite a atacantes remotos eludir la Same Origin Policy y ejecutar código de su elección con privilegios chrome mediante vectores relacionados con el campo URL en una sección Desktop Entry de un fichero .desktop, en relación con una representación de: URIs como jar:file:// URIs. NOTA: este problema existe debido a una resolución incompleta de CVE-2008-4582. • http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00001.html http://rhn.redhat.com/errata/RHSA-2009-0256.html http://secunia.com/advisories/33799 http://secunia.com/advisories/33809 http://secunia.com/advisories/33831 http://secunia.com/advisories/33841 http://secunia.com/advisories/33846 http://support.avaya.com/elmodocs2/security/ASA-2009-040.htm http://www.mandriva.com/security/advisories?name=MDVSA-2009:044 http://www.mozilla.org/security/announce/2009/mfsa2009- • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 10.0EPSS: 48%CPEs: 70EXPL: 0

Unspecified vulnerability in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the JavaScript engine. Vulnerabilidad sin especificar en Mozilla Firefox v3.x anterior a v3.0.6, Thunderbird anterior a v2.0.0.21, y SeaMonkey anterior a v1.1.15 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de aplicación)o posiblemente ejecutar código de su elección a través de vectores relacionados con el motor JavaScript. • http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00009.html http://rhn.redhat.com/errata/RHSA-2009-0256.html http://secunia.com/advisories/33799 http://secunia.com/advisories/33802 http://secunia.com/advisories/33808 http://secunia.com/advisories/33809 http://secunia.com/advisories/33816 http://secunia.com/advisories/33831 http://secunia.com/advisories/33841 http://secunia.com/advisories/33846 • CWE-399: Resource Management Errors •

CVSS: 4.9EPSS: 0%CPEs: 58EXPL: 0

The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, uses a random number generator that is seeded only once per browser session, which makes it easier for remote attackers to track a user, or trick a user into acting upon a spoofed pop-up message, by calculating the seed value, related to a "temporary footprint" and an "in-session phishing attack." La función Math.random en la implementación de JavaScript en Mozilla Firefox versiones 3.5.x anteriores a 3.5.10 y versiones 3.6.x anteriores a 3.6.4, y SeaMonkey anterior a versión 2.0.5, usa un generador de números aleatorios que es insertado sólo una vez por sesión de navegador, lo que facilita a los atacantes remotos rastrear a un usuario, o engañar a un usuario para que actúe en base a un mensaje emergente falsificado, calculando el valor seed, en relación a una "temporary footprint" y un "in-session phishing attack." • http://arstechnica.com/news.ars/post/20090113-new-method-of-phishmongering-could-fool-experienced-users.html http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043369.html http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043405.html http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00005.html http://secunia.com/advisories/40326 http://secunia.com/advisories/40401 http://secunia.com/advisories/40481 http://support.avaya.com/css/P8/documents/100091069 http •

CVSS: 5.0EPSS: 0%CPEs: 144EXPL: 0

Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly change the source URI when processing a canvas element and an HTTP redirect, which allows remote attackers to bypass the same origin policy and access arbitrary images that are not directly accessible to the attacker. NOTE: this issue can be leveraged to enumerate software on the client by performing redirections related to moz-icon. Mozilla Firefox 2.x versiones anteriores a v2.0.0.18, Thunderbird 2.x versiones anteriores a v2.0.0.18, y SeaMonkey 1.x versiones anteriores a v1.1.13 no cambia apropiadamente la URI origen cuando procesa un elemento CANVAS y una redirección HTTP, lo cual permite a atacantes remotos evitar las mismas políticas de origen e imágenes aleatorias de acceso que no son directamente accesibles por el atacante. NOTA: esta cuestión se puede utilizar para enumerar software en un cliente mediante redirecciones realizadas con moz-icon. • http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html http://scary.beasts.org/security/CESA-2008-009.html http://scarybeastsecurity.blogspot.com/2008/11/firefox-cross-domain-image-theft-and.html http://secunia.com/advisories/32684 http://secunia.com/advisories/32693 http://secunia.com/advisories/32694 http://secunia.com/advisories/32714 http://secunia.com/advisories/32715 http://secunia.com/advisories/32778 http://secunia.com/advisories/32798 http://secunia.com&# • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.3EPSS: 45%CPEs: 91EXPL: 0

Mozilla Firefox 2.x before 2.0.0.18 and SeaMonkey 1.x before 1.1.13 do not properly check when the Flash module has been dynamically unloaded properly, which allows remote attackers to execute arbitrary code via a crafted SWF file that "dynamically unloads itself from an outside JavaScript function," which triggers an access of an expired memory address. Mozilla Firefox 2.x antes de 2.0.0.18 y SeaMonkey 1.x antes de 1.1.13 no comprueba correctamente cuando se ha descargado dinámicamente el módulo Flash, lo que permite a atacantes remotos ejecutar código de su elección mediante un archivo SWF manipulado que "se descarga dinámicamente de una función Javascript externa", lo que dispara un acceso a una dirección de memoria que ha expirado. This vulnerability allows remote attackers to execute code on vulnerable installations of Mozilla Firefox with Adobe's Flash Player. User interaction is required in that a user must visit a malicious web site. The specific flaw exists due to a failure to check whether the Flash module has been properly dynamically unloaded. If an SWF file dynamically unloads itself via an outside JavaScript function, the browser will return to an address no longer mapped to the Flash module. • http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html http://secunia.com/advisories/32684 http://secunia.com/advisories/32693 http://secunia.com/advisories/32694 http://secunia.com/advisories/32714 http://secunia.com/advisories/32778 http://secunia.com/advisories/32845 http://secunia.com/advisories/32853 http://secunia.com/advisories/33433 http://secunia.com/advisories/34501 http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1 http://ubuntu • CWE-399: Resource Management Errors •