Articles récents

Catégories

Protégé : icon_firefoxCross-Browser Issue CVE-2019-11695: Custom cursor can render over user interface outside of web content

Il n’y a pas d’extrait, car cette publication est protégée.

icon_firefoxSimilar vulerability in Firefox 51.0.1 fixed in Firefox 52 than CVE-2017-5387 Ability to determine the existence of a file in the local filesystem using tag with onerror event

BUG 1342693 Similar vulerability in Firefox 51.0.1 fixed in Firefox 52 than CVE-2017-5387 Ability to determine the existence of a file in the local filesystem using tag with onerror event Advisories URL to similar vulnerability fixed Firefox 51: https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5387 Announced: March 7, 2017 Reporter: Jordi Chancel Impact: Moderate / Low Products: Firefox Fixed in: Firefox 52 Description : The existence of a specifically requested local file can be found due

icon_firefox[CVE-2018-12382] Addressbar spoofing with javascript URI on Firefox for Android

https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12382 CVE-2018-12382: Addressbar spoofing with javascript URI on Firefox for Android Announced: September 5, 2018Reporter: Jordi ChancelImpact: LowProducts: FirefoxFixed in: Firefox 62 Description : The displayed addressbar URL can be spoofed on Firefox for Android using a javascript: URI in concert with JavaScript to insert text before the loaded domain name, scrolling the loaded domain out of view to the right. This can lead to user confusion.This vulnerability only affects

icon_firefox[CVE-2018-5182] Local file can be displayed from hyperlink dragged and dropped on Addressbar

https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5182   Local file can be displayed from hyperlink dragged and dropped on Addressbar Announced: May 9, 2018 Reporter: Jordi Chancel Impact: Low Products: Firefox Fixed in: Firefox 60 Description : If a text string that happens to be a filename in the operating system’s native format is dragged and dropped onto the addressbar the specified local file will be opened. This is contrary to policy and is what would

icon_firefox[CVE-2017-7834] Data: URLs opened in new tabs bypass CSP protections

https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/#CVE-2017-7834 data: URLs opened in new tabs bypass CSP protections Announced: November 14, 2017 Reporter: Jordi Chancel Impact: Moderate Products: Firefox Fixed in: Firefox 57 Description : A data: URL loaded in a new tab did not inherit the Content Security Policy (CSP) of the original page, allowing for bypasses of the policy including the execution of JavaScript. In prior versions when data: documents also inherited the context of the

icon_firefox[CVE-2017-7770] Addressbar spoofing with JavaScript events and fullscreen mode on Firefox for Android

https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7770 Addressbar spoofing with JavaScript events and fullscreen mode Announced: June 13, 2017 Reporter: Jordi Chancel Impact: Moderate Products: Firefox Fixed in: Firefox 54 Description : Security researcher Jordi Chancel reported a mechanism where when a new tab is loaded through JavaScript events, if fullscreen mode is then entered, the addressbar will not be rendered. This would allow a malicious site to displayed a spoofed addressbar, showing the location of

icon_firefox[CVE-2017-5451] Addressbar spoofing with onblur event

Addressbar spoofing with onblur event https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/#CVE-2017-5451 Announced: April 19, 2017 Reporter: Jordi Chancel Impact: Moderate Products: Firefox Fixed in: Firefox 53 Description : Security researcher Jordi Chancel reported a mechanism to spoof the addressbar through the user interaction on the addressbar and the onblur event. The event could be used by script to affect text display to make the loaded site appear to be different from the one actually loaded

icon_firefox[CVE-2017-5452] Addressbar spoofing during scrolling with editable content on Firefox for Android

Addressbar spoofing during scrolling with editable content on Firefox for Android https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/#CVE-2017-5452 Announced: April 19, 2017 Reporter: Jordi Chancel Impact: Low Products: Firefox Fixed in: Firefox 53 Description : Malicious sites can display a spoofed addressbar on a page when the existing location bar on the new page is scrolled out of view if an HTML editable page element is user selected. Note: This attack only affects Firefox for Android.

[CVE-2017-5041] Google Chrome Location Bar URL & SSL Spoofing in Omnibox

Address spoofing in Omnibox (URL & SSL Spoofing) Announced: March 9, 2017 Reporter: Jordi Chancel Impact: Moderate Products: Google Chrome Fixed in: Google Chrome 57.0.2987.98 Description : Google Chrome before 57.0.2987.98 does not properly handle ********, which allows remote attackers to spoof the Location Bar (URL and SSL indicator) via unspecified vectors. Note: This issue also affects Google Chrome for iOS. Vulnerability demonstration (video):

icon_firefox[CVE-2017-5394] Android location bar spoofing using fullscreen and JavaScript events

Android location bar spoofing using fullscreen and JavaScript events Announced: January 24, 2017 Reporter: Jordi Chancel Impact: Moderate Products: Firefox Fixed in: Firefox 51 Description : A location bar spoofing attack where the location bar of loaded page will be shown over the content of another tab due to a series of JavaScript events combined with fullscreen mode. Note: This issue only affects Firefox for Android. Other operating systems are

icon_firefox[CVE-2017-5395] Android location bar spoofing during scrolling

Android location bar spoofing during scrolling Announced: January 24, 2017 Reporter: Jordi Chancel Impact: Low Products: Firefox Fixed in: Firefox 51 Description : Malicious sites can display a spoofed location bar on a subsequently loaded page when the existing location bar on the new page is scrolled out of view if navigations between pages can be timed correctly. Note: This issue only affects Firefox for Android. Other operating systems are

icon_firefox[CVE-2016-5298] SSL indicator can mislead the user about the real URL visited

SSL indicator can mislead the user about the real URL visited Announced: November 15, 2016 Reporter: Jordi Chancel Impact: Moderate Products: Firefox Fixed in: Firefox 50 Description : Security researcher Jordi Chancel reported a mechanism where disruption of the loading of a new web page can cause the previous page’s favicon and SSL indicator to not be reset when the new page is loaded. Note: this issue only affects Firefox

icon_firefox[CVE-2016-2822] Addressbar spoofing though the SELECT element

Addressbar spoofing though the SELECT element Announced: June 7, 2016 Reporter: Jordi Chancel Impact: Moderate Products: Firefox, Firefox ESR Fixed in: Firefox 47, Firefox ESR 45.2 Description : Security researcher Jordi Chancel reported a method to spoof the contents of the addressbar. This uses a persistent menu within a <select> element, which acts as a container for HTML content and can be placed in an arbitrary location. When placed over

icon_firefox[CVE-2016-1967] Same-origin policy violation using perfomance.getEntries and history navigation with session restore

Same-origin policy violation using perfomance.getEntries and history navigation with session restore Announced: March 8, 2016 Reporter: Jordi Chancel Impact: High Products: Firefox Fixed in: Firefox 45 Description Security researcher Jordi Chancel discovered a variant of Mozilla Foundation Security Advisory 2015-136 which was fixed in Firefox 43. In the original bug, it was possible to read cross-origin URLs following a redirect if perfomance.getEntries() was used along with an iframe to host

icon_firefox[CVE-2016-1941] Delay following click events in file download dialog too short on OS X

Delay following click events in file download dialog too short on OS X Announced: January 26, 2016 Reporter: Jordi Chancel Impact: Moderate Products: Firefox Fixed in: Firefox 44 Description Security researcher Jordi Chancel reported an issue on OS X where the delay between the download dialog getting focus and the button getting enabled was too short. If an attacker is able to induce the user to double-click in a specific

icon_firefox[CVE-2016-1943] Location Bar Spoofing Risk – scrollto leads to that the location bar is hidden

Location Bar Spoofing Risk – scrollto leads to that the location bar is hidden Announced: January 26, 2016 Reporter: Jordi Chancel Impact: High Products: Firefox Fixed in: Firefox 44 Description Security researcher Jordi Chancel reported two issues involving addressbar spoofing. The first of these is a « high » rated security issue on on Firefox for Android involving the scrollTo() method to scroll a page. In this attack, scrollTo() is used to

icon_firefox[CVE-2016-1942] Location bar continues displaying wyciwyg URI and resource URI if user tries to navigate to it manually

Location bar continues displaying wyciwyg URI and resource URI if user tries to navigate to it manually Announced: January 26, 2016 Reporter: Jordi Chancel Impact: Low Products: Firefox Fixed in: Firefox 44 Description Security researcher Jordi Chancel reported two issues involving addressbar spoofing. The second flaw is a « low » rated security issue affecting Desktop Firefox. In this attack, when a URL which is invalid for an internal protocol is pasted

icon_firefox[CVE 2015-7186] Reading sensitive profile files through local HTML file on Android

Reading sensitive profile files through local HTML file on Android Announced: November 3, 2015 Reporter: Jordi Chancel Impact: Moderate Products: Firefox Fixed in: Firefox 42 Description Security researcher Jordi Chancel reported an issue in Firefox for Android where a locally saved HTML file could use file: URIs to trigger the download of additional files or opening of cached profile data without user awareness. This issue only affects Firefox for Android.