This results in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.Ī use-after-free vulnerability can occur in design mode when image objects are resized if objects referenced during the resizing have been freed from memory. This could allow a Cross-Site Scripting (XSS) attack to be launched from unsafe content. The content security policy (CSP) "sandbox" directive did not create a unique origin for the document, causing it to behave as if the "allow-same-origin" keyword were always specified. This vulnerability affects Firefox ESR < 52.6 and Firefox < 58.ĩ Debian Linux, Firefox, Firefox Esr and 6 more This vulnerability affects Firefox ESR < 45.6 and Firefox < 50.1.ġ0 Ubuntu Linux, Debian Linux, Firefox and 7 moreĪ use-after-free vulnerability can occur during WebRTC connections when interacting with the DTMF timers. Note: this issue does not affect users with e10s enabled. This allows content from other origins to fire events and inject content and commands into the Pocket context. The Pocket toolbar button, once activated, listens for events fired from it's own pages but does not verify the origin of incoming events. The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.ħ Firefox, Firefox Esr, Enterprise Linux Desktop and 4 more The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image. The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image. The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image. Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository.ġ0 Ubuntu Linux, Imagemagick, Enterprise Linux Desktop and 7 more 6 Debian, Fedoraproject, Mercurial and 3 moreġ4 Debian Linux, Fedora, Mercurial and 11 more
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |