Debian Linux Security Advisory 3345-1 - Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser.
24e00d0d8a4aa48074979e8bfa8b317c0e56f053929afcf2a9f45eb65eb335e9Red Hat Security Advisory 2015-1693-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. A flaw was found in the way Firefox handled installation of add-ons. An attacker could use this flaw to bypass the add-on installation prompt, and trick the user into installing an add-on from a malicious source.
9b2e9a060e33cc0a2687081a2c395aa46ddf9b9ec1e52e6502df3079ce61d110Ubuntu Security Notice 2723-1 - A use-after-free was discovered when resizing a canvas element during restyling in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Bas Venis discovered that the addon install permission prompt could be bypassed using data: URLs in some circumstances. It was also discovered that the installation notification could be made to appear over another site. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to install a malicious addon. Various other issues were also addressed.
4d49a8932c386a3626af418e26cce00ed96770da2972b0601cb7c78619dbe836
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed