Posts Tagged ‘Mozilla Firefox’


Vulnerabilities in Mozilla Firefox and ThunderbirdMultiple vulnerabilities in Mozilla Firefox, Firefox ESR and Thunderbird

The remote user can bypass certain security restrictions, gain access to sensitive information and compromise a vulnerable system.

Danger level: High
Availability of corrections: Yes
Quantity of vulnerabilities: 10

CVSSv2 Rating:

(AV:N/AC:M/Au:N/C:C/I:C/A:N/E:U/RL:W/RC:C) = Base:8.8/Temporal:7.1
(AV:N/AC:M/Au:N/C:C/I:C/A:N/E:U/RL:W/RC:C) = Base:8.8/Temporal:7.1
(AV:N/AC:M/Au:N/C:P/I:C/A:N/E:U/RL:W/RC:C) = Base:7.8/Temporal:6.3
(AV:N/AC:M/Au:N/C:C/I:C/A:N/E:U/RL:W/RC:C) = Base:8.8/Temporal:7.1
(AV:N/AC:M/Au:N/C:C/I:C/A:N/E:U/RL:W/RC:C) = Base:8.8/Temporal:7.1
(AV:N/AC:M/Au:N/C:P/I:C/A:N/E:U/RL:W/RC:C) = Base:7.8/Temporal:6.3
(AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:W/RC:C) = Base:4.3/Temporal:3.5
(AV:N/AC:M/Au:N/C:C/I:C/A:N/E:U/RL:W/RC:C) = Base:8.8/Temporal:7.1
(AV:N/AC:M/Au:N/C:P/I:C/A:N/E:U/RL:W/RC:C) = Base:7.8/Temporal:6.3 (more…)

Firefox logo

Multiple vulnerabilities

The new version was implemented regime Firefox Health Report, which allows to monitor the performance of the browser.

According to the developers of the browser from the Mozilla, users have available the new version, Firefox 21, which was removed a number of vulnerabilities, including three critical.

Experts was eliminated a totalĀ  of eight gaps. It should be noted that two of the critical vulnerabilities affect only Firefox, Thunderbird, and since the other company’s products are no vulnerable components.

Among the updates that are not related to security, it is worth noting the expansion of the user interface to configure the Do Not Track, an increase in graphics performance and support for the implementation of the default technology WebRTC, designed to work with multi-user web-applications. (more…)

Google Chrome and Mozilla products

Google Chrome and Mozilla products

Vulnerability: System compromise in Google Chrome

Danger level: High
Patch: Yes
Number of vulnerabilities: 1

CVE ID: CVE-2013-0912
Vector of operation: Remote
Impact: System Compromise

Affected products: Google Chrome 25.x
Affected versions: Google Chrome 25.C

Description:

Which can be exploited by malicious people to compromise a vulnerable system.
An error such as confusion in WebKit. A remote user can bypass the sandbox and execute arbitrary code on the target system.
Solution: To resolve the vulnerability patch from the manufacturer. (more…)

Vulnerability

Vulnerabilities in Mozilla

Vulnerability: Multiple vulnerabilities in Mozilla products

Danger: High
Patch: Yes
Number of vulnerabilities: 25

Affected products: Mozilla Firefox 17.x, Mozilla SeaMonkey 2.x, Mozilla Thunderbird 17.x

Affected versions: Mozilla Firefox 17.x, Mozilla SeaMonkey 2.x, Mozilla Thunderbird 17.x

Description:

Which can be exploited by malicious people to execute arbitrary code on the target system.

1. An unspecified error in the browser engine. This can be exploited to corrupt memory and execute arbitrary code on the target system.

2. An unspecified error in the browser engine. This can be exploited to corrupt memory and execute arbitrary code on the target system.

3. An unspecified error in the browser engine. This can be exploited to corrupt memory and execute arbitrary code on the target system. (more…)

Mozilla FirefoxVulnerability: Disclosure of sensitive data in Mozilla Firefox

Danger: Low
Number of vulnerabilities: 1
Impact: Disclosure of sensitive data
Affected products: Mozilla Firefox 16.x

Affected versions: Mozilla Firefox 16.0

Description:

  • The vulnerability allows a remote user to gain access to sensitive data on the system. (more…)