CVE-2008-7293
https://notcve.org/view.php?id=CVE-2008-7293
Mozilla Firefox before 4 cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue. Mozilla Firefox en versiones anteriores a la versión 4 no restringe apropiadamente las modificaciones a las cookies establecidas en las sesiones HTTPS, lo que facilita a atacantes "man-in-the-middle" sobreescribir o borrar cookies arbitrarias a través de una cabecera Set-Cookie en una respuesta HTTP, relacionado con una fallo en la funcionalidad HTTP Strict Transport Security (HSTS) includeSubDomains. También conocido como un problema "cookie forcing". • http://code.google.com/p/browsersec/wiki/Part2#Same-origin_policy_for_cookies http://hacks.mozilla.org/2010/08/firefox-4-http-strict-transport-security-force-https http://michael-coates.blogspot.com/2010/01/cookie-forcing-trust-your-cookies-no.html http://scarybeastsecurity.blogspot.com/2008/11/cookie-forcing.html http://scarybeastsecurity.blogspot.com/2011/02/some-less-obvious-benefits-of-hsts.html https://bugzilla.mozilla.org/show_bug.cgi?id=660053 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2011-2605 – Mozilla Miscellaneous memory safety hazards (MFSA 2011-19)
https://notcve.org/view.php?id=CVE-2011-2605
CRLF injection vulnerability in the nsCookieService::SetCookieStringInternal function in netwerk/cookie/nsCookieService.cpp in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, and Thunderbird before 3.1.11, allows remote attackers to bypass intended access restrictions via a string containing a \n (newline) character, which is not properly handled in a JavaScript "document.cookie =" expression, a different vulnerability than CVE-2011-2374. Inyección CRLF en la función nsCookieService::SetCookieStringInternal en netwerk/cookie/nsCookieService.cpp de Mozilla Firefox antes de v3.6.18 y v4.x hasta 4.0.1 y Thunderbird antes de v3.1.11, permite a atacantes remotos evitar las restricciones de acceso a través de una cadena que contiene un carácter \n (nueva línea) , que no se maneja en una expresion "document.cookie =" de JavaScript es una vulnerabilidad diferente a CVE-2011-2374. • http://www.mozilla.org/security/announce/2011/mfsa2011-19.html http://www.redhat.com/support/errata/RHSA-2011-0885.html http://www.redhat.com/support/errata/RHSA-2011-0886.html http://www.redhat.com/support/errata/RHSA-2011-0887.html http://www.redhat.com/support/errata/RHSA-2011-0888.html https://bugzilla.mozilla.org/show_bug.cgi?id=643051 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14401 https://access.redhat.com/security/cve/CVE-2 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2011-2366
https://notcve.org/view.php?id=CVE-2011-2366
Mozilla Gecko before 5.0, as used in Firefox before 5.0 and Thunderbird before 5.0, does not block use of a cross-domain image as a WebGL texture, which allows remote attackers to obtain approximate copies of arbitrary images via a timing attack involving a crafted WebGL fragment shader. Mozilla Gecko usado en Firefox v5.0 y Thunderbird antes de v5.0, no bloquea el uso de una imagen como textura WebGL en dominios cruzados, lo que permite a atacantes remotos obtener copias aproximadas de imágenes arbitrarias mediante un ataque de temporizacion mediante la participación de un fragmento sombreado manipulado en WebGL. • http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00001.html http://lists.whatwg.org/pipermail/whatwg-whatwg.org/2011-March/030882.html http://www.contextis.co.uk/resources/blog/webgl http://www.mozilla.org/security/announce/2011/mfsa2011-25.html https://bugzilla.mozilla.org/show_bug.cgi?id=655987 https://bugzilla.mozilla.org/show_bug.cgi?id=656277 https://bugzilla.mozilla.org/show_bug.cgi?id=659349 https://developer.mozilla.org/en/WebGL/Cross-Domain_Textures https: • CWE-20: Improper Input Validation •
CVE-2011-2370
https://notcve.org/view.php?id=CVE-2011-2370
Mozilla Firefox before 5.0 does not properly enforce the whitelist for the xpinstall functionality, which allows remote attackers to trigger an installation dialog for a (1) add-on or (2) theme via unspecified vectors. Mozilla Firefox antes de v5.0 no aplica correctamente la lista blanca para la funcionalidad xpinstall, lo que permite a atacantes remotos para provocar un cuadro de diálogo de instalación de un (1) add-on o (2) el tema a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00001.html http://www.mozilla.org/security/announce/2011/mfsa2011-28.html https://bugzilla.mozilla.org/show_bug.cgi?id=645699 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14278 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2011-2374 – Mozilla Miscellaneous memory safety hazards (MFSA 2011-19)
https://notcve.org/view.php?id=CVE-2011-2374
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, and Thunderbird before 3.1.11, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades no especificadas en el motor del navegador de Mozilla Firefox antes de v3.6.18 y v4.x hasta v4.0.1 permite a atacantes remotos causar una denegación de servicio (corrupción de memoria y caída de aplicación) o posiblemente ejecutar código de su elección a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00001.html http://secunia.com/advisories/45002 http://support.avaya.com/css/P8/documents/100144854 http://support.avaya.com/css/P8/documents/100145333 http://www.debian.org/security/2011/dsa-2268 http://www.debian.org/security/2011/dsa-2269 http://www.debian.org/security/2011/dsa-2273 http://www.mandriva.com/security/advisories?name=MDVSA-2011:111 http://www.mozilla.org/security/announce/2011/mfsa2011-19.html h •