![]() ![]() Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. This vulnerability affects Firefox < 93, Thunderbird < 91.2, and Firefox ESR < 91.2. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3. The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame. When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-free could have resulted, leading to memory corruption and a potentially exploitable crash.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |