|
VCID-1enu-fnuh-5qcv
|
Multiple vulnerabilities have been found in Mozilla Firefox,
Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
allow execution of arbitrary code or local privilege escalation.
|
CVE-2011-2373
|
|
VCID-3h7f-45eq-auh1
|
Multiple vulnerabilities have been found in Mozilla Firefox,
Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
allow execution of arbitrary code or local privilege escalation.
|
CVE-2011-2370
|
|
VCID-ab7e-t6q5-q3d4
|
Multiple vulnerabilities have been found in Mozilla Firefox,
Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
allow execution of arbitrary code or local privilege escalation.
|
CVE-2011-2369
|
|
VCID-g8br-k7np-kqce
|
Mozilla security researcher Christoph Diehl reported two
crashes in WebGL code. One crash was the result of an out-of-bounds
read and could be used to read data from other processes who had
stored data in the GPU. The severity of this issue was determined to
be high. The second crash was the result of an invalid write and could
be used to execute arbitrary code. The severity of this issue was
determined to be critical.The WebGL functionality was introduced in the browser engine used
by Firefox 4 and SeaMonkey 2.1; the vulnerability does not affect earlier versions.
|
CVE-2011-2367
|
|
VCID-pekr-h59g-7bfj
|
Multiple vulnerabilities have been found in Mozilla Firefox,
Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
allow execution of arbitrary code or local privilege escalation.
|
CVE-2011-2377
|
|
VCID-r7nh-efjt-5qg1
|
Multiple vulnerabilities have been found in Mozilla Firefox,
Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
allow execution of arbitrary code or local privilege escalation.
|
CVE-2011-2374
|
|
VCID-u7rd-j8cp-cbe8
|
Multiple vulnerabilities have been found in Mozilla Firefox,
Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
allow execution of arbitrary code or local privilege escalation.
|
CVE-2011-2371
|
|
VCID-urpm-48cc-hkaw
|
Security research firm Context IS discovered that
an image from a different domain could be loaded into a WebGL texture,
and then each pixel could be rendered into a canvas element with a
shader program, creating an approximation of the image in a form that
was readable by the creator of the WebGL texture. This could be used
to steal image data from a different site and is considered a
violation of the same-origin policy.The WebGL functionality was introduced in the browser engine used
by Firefox 4 and SeaMonkey 2.1; the vulnerability does not affect earlier versions.
|
CVE-2011-2366
|