VuXML ID | Description |
5e4d7172-66b8-11ef-b104-b42e991fc52e | firefox -- multiple vulnerabilities
security@mozilla.org reports:
- Firefox adds web-compatibility shims in place of some
tracking scripts blocked by Enhanced Tracking Protection.
On a site protected by Content Security Policy in
"strict-dynamic" mode, an attacker able to
inject an HTML element could have used a DOM
Clobbering attack on some of the shims and achieved XSS,
bypassing the CSP strict-dynamic protection.
- Form validation popups could capture escape key presses.
Therefore, spamming form validation messages could be used
to prevent users from exiting full-screen mode.
- When almost out-of-memory an elliptic curve key which
was never allocated could have been freed again.
- It was possible to move the cursor using pointerlock
from an iframe. This allowed moving the cursor outside
of the viewport and the Firefox window.
Discovery 2024-08-06 Entry 2024-08-30 firefox
< 129.0,2
CVE-2024-7524
https://nvd.nist.gov/vuln/detail/CVE-2024-7524
CVE-2024-6610
https://nvd.nist.gov/vuln/detail/CVE-2024-6610
CVE-2024-6609
https://nvd.nist.gov/vuln/detail/CVE-2024-6609
CVE-2024-6608
https://nvd.nist.gov/vuln/detail/CVE-2024-6608
|
a3a1caf5-6ba1-11ef-b9e8-b42e991fc52e | firefox -- multiple vulnerabilities
security@mozilla.org reports:
This entry contains 8 vulnerabilities:
- CVE-2024-8381: A potentially exploitable type
confusion could be triggered when looking up a property
name on an object being used as the `with` environment.
- CVE-2024-8382: Internal browser event interfaces were
exposed to web content when privileged EventHandler listener
callbacks ran for those events. Web content that tried to
use those interfaces would not be able to use them with
elevated privileges, but their presence would indicate
certain browser features had been used, such as when a user
opened the Dev Tools console.
- CVE-2024-8383: Firefox normally asks for confirmation
before asking the operating system to find an application to
handle a scheme that the browser does not support. It did not
ask before doing so for the Usenet-related schemes news: and
snews:. Since most operating systems don't have a
trusted newsreader installed by default, an unscrupulous
program that the user downloaded could register itself as a
handler. The website that served the application download
could then launch that application at will.
- CVE-2024-8384: The JavaScript garbage collector could
mis-color cross-compartment objects if OOM conditions were
detected at the right point between two passes. This could have
led to memory corruption.
- CVE-2024-8385: A difference in the handling of
StructFields and ArrayTypes in WASM could be used to trigger
an exploitable type confusion vulnerability.
- CVE-2024-8386: If a site had been granted the permission
to open popup windows, it could cause Select elements to
appear on top of another site to perform a spoofing attack.
- CVE-2024-8387: Memory safety bugs present in Firefox 129,
Firefox ESR 128.1, and Thunderbird 128.1. Some of these bugs
showed evidence of memory corruption and we presume that with
enough effort some of these could have been exploited to run
arbitrary code.
- CVE-2024-8389: Memory safety bugs present in Firefox 129.
Some of these bugs showed evidence of memory corruption and we
presume that with enough effort some of these could have been
exploited to run arbitrary code.
Discovery 2024-09-03 Entry 2024-09-05 firefox
< 130.0_1,2
CVE-2024-8381
https://nvd.nist.gov/vuln/detail/CVE-2024-8381
CVE-2024-8382
https://nvd.nist.gov/vuln/detail/CVE-2024-8382
CVE-2024-8383
https://nvd.nist.gov/vuln/detail/CVE-2024-8383
CVE-2024-8384
https://nvd.nist.gov/vuln/detail/CVE-2024-8384
CVE-2024-8385
https://nvd.nist.gov/vuln/detail/CVE-2024-8385
CVE-2024-8386
https://nvd.nist.gov/vuln/detail/CVE-2024-8386
CVE-2024-8387
https://nvd.nist.gov/vuln/detail/CVE-2024-8387
CVE-2024-8389
https://nvd.nist.gov/vuln/detail/CVE-2024-8389
|
d0ac9a17-5e68-11ef-b8cc-b42e991fc52e | mozilla products -- spoofing attack
security@mozilla.org reports:
Select options could obscure the fullscreen notification dialog.
This could be used by a malicious site to perform a spoofing attack.
This vulnerability affects Firefox < 129, Firefox ESR < 128.1,
and Thunderbird < 128.1.
Discovery 2024-08-06 Entry 2024-08-19 firefox
< 129,2
CVE-2024-7518
https://nvd.nist.gov/vuln/detail/CVE-2024-7518
|