exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 2 of 2 RSS Feed

CVE-2015-0802

Status Candidate

Overview

Mozilla Firefox before 37.0 relies on docshell type information instead of page principal information for Window.webidl access control, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via certain content navigation that leverages the reachability of a privileged window with an unintended persistence of access to restricted internal methods.

Related Files

Gentoo Linux Security Advisory 201512-10
Posted Dec 30, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201512-10 - Multiple vulnerabilities have been found in Mozilla Firefox and Thunderbird, the worst of which may allow user-assisted execution of arbitrary code. Versions less than 38.5.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-0798, CVE-2015-0799, CVE-2015-0801, CVE-2015-0802, CVE-2015-0803, CVE-2015-0804, CVE-2015-0805, CVE-2015-0806, CVE-2015-0807, CVE-2015-0808, CVE-2015-0810, CVE-2015-0811, CVE-2015-0812, CVE-2015-0813, CVE-2015-0814, CVE-2015-0815, CVE-2015-0816, CVE-2015-2706, CVE-2015-2721, CVE-2015-2722, CVE-2015-2724, CVE-2015-2725, CVE-2015-2726, CVE-2015-2727, CVE-2015-2728, CVE-2015-2729, CVE-2015-2730, CVE-2015-2731
SHA-256 | 8b345c71a57deda9f0a8d7eb50719b94a327aadac84155e9eb75aa9517d6449e
Ubuntu Security Notice USN-2550-1
Posted Apr 1, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2550-1 - Olli Pettay and Boris Zbarsky discovered an issue during anchor navigations in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin policy restrictions. Bobby Holley discovered that windows created to hold privileged UI content retained access to privileged internal methods if navigated to unprivileged content. An attacker could potentially exploit this in combination with another flaw, in order to execute arbitrary script in a privileged context. Various other issues were also addressed.

tags | advisory, arbitrary
systems | linux, windows, ubuntu
advisories | CVE-2015-0801, CVE-2015-0802, CVE-2015-0803, CVE-2015-0804, CVE-2015-0805, CVE-2015-0806, CVE-2015-0807, CVE-2015-0808, CVE-2015-0811, CVE-2015-0812, CVE-2015-0813, CVE-2015-0814, CVE-2015-0815, CVE-2015-0816
SHA-256 | 7a4778580cea3216629da61c7d110c82995a0a2ca6fbe876e5ada7c5c46b1841
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close