Vulnerability & Exploit Database

Displaying entries 161 - 170 of 135924 in total

MFSA2018-21 Firefox: Security vulnerabilities fixed in Firefox ESR 60.2 (CVE-2018-12381) Vulnerability

  • Severity: 4
  • Published: September 05, 2018

Manually dragging and dropping an Outlook email message into the browser will trigger a page navigation when the message's mail columns are incorrectly interpreted as a URL. Note: this issue only affects Windows operating systems with Outlook installed. Other operating systems are not affected.

MFSA2018-21 Firefox: Security vulnerabilities fixed in Firefox ESR 60.2 (CVE-2018-12379) Vulnerability

  • Severity: 4
  • Published: September 05, 2018

When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running the Mozilla Updater manually on the local system with the malicious MAR file in order to occur.

MFSA2018-21 Firefox: Security vulnerabilities fixed in Firefox ESR 60.2 (CVE-2018-12376) Vulnerability

  • Severity: 4
  • Published: September 05, 2018

Mozilla developers and community members Alex Gaynor, Boris Zbarsky, Christoph Diehl, Christian Holler, Jason Kratzer, Jed Davis, Tyson Smith, Bogdan Tara, Karl Tomlinson, Mats Palmgren, Nika Layzell, Ted Campbell, and Andrei Cristian Petcu reported memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of these bugs showed ...

MFSA2018-20 Firefox: Security vulnerabilities fixed in Firefox 62 (CVE-2018-12383) Vulnerability

  • Severity: 4
  • Published: September 05, 2018

If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not deleted when the data was copied to a new format starting in Firefox 58. The new master password is added only on the new file. This could all...

MFSA2018-20 Firefox: Security vulnerabilities fixed in Firefox 62 (CVE-2018-12381) Vulnerability

  • Severity: 4
  • Published: September 05, 2018

Manually dragging and dropping an Outlook email message into the browser will trigger a page navigation when the message's mail columns are incorrectly interpreted as a URL. Note: this issue only affects Windows operating systems with Outlook installed. Other operating systems are not affected.

MFSA2018-20 Firefox: Security vulnerabilities fixed in Firefox 62 (CVE-2018-12379) Vulnerability

  • Severity: 4
  • Published: September 05, 2018

When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running the Mozilla Updater manually on the local system with the malicious MAR file in order to occur.