PLEASE SEE and for more details about OVAL language and definitions. This site will NOT BE LIABLE FOR ANY DIRECT, It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content.ĮACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site.ĪLL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED.
Use any information provided on this site at your own risk.īy using this site you accept that you know that these data are provided as is and not guaranteed to be accurate, correct or complete.Īll trademarks appearing on this site are the property of their respective owners in the US or other countries. It is not guaranteed that all information is accurate and complete. Warning: This site and all data are provided as is. Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 1. Heap-based buffer overflow in the nsHTMLEditor::IsPrevCharInNodeWhitespace function in Mozilla Firefox before 16.0, Fire. Heap-based buffer overflow in the nsSaveAsCharseterbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey. Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x befo. Heap-based buffer overflow in the gfxTextRun::ShrinkToLigatureBoundaries function in Mozilla Firefox before 18.0, Firefo. Heap-based buffer overflow in the nsSVGFEDiffuseLightingElement::LightPixel function in Mozilla Firefox 4.x through 11.0. Heap-based buffer overflow in the nsWindow::OnExposeEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x befo. Heap-based buffer overflow in the nsHTMLReflowState::CalculateHypotheticalBox function in Mozilla Firefox 4.x through 12. Heap-based buffer overflow in the nsBlockFrame::MarkLineDirty function in Mozilla Firefox before 15.0, Firefox ESR 10.x. Heap-based buffer overflow in the gfxShapedWord::CompressedGlyph::IsClusterStart function in Mozilla Firefox before 17.0. ĭEPRECATED: Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird be.ĭocument URI misrepresentation and masqueradingįurther Privilege escalation through Mozilla Updater
ĬRLF injection vulnerability in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 throug.ĬRMF requests allow for code execution and XSS attacksĬross-site scripting (XSS) using history navigationsĬross-site scripting (XSS) vulnerability in the docshell implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR.Ĭross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbir.ĭEPRECATED: Mozilla Firefox before 15.0 on Android does not properly implement unspecified callers of the _android_log_.ĭEPRECATED: The WebGL subsystem in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.ĭEPRECATED: The WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before.
OVAL Classes Compliance Inventory Miscellaneous Patch VulnerabilityĬompliance Inventory Patch Vulnerability AllĪn unspecified parser-utility class in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0.Īvoid unsigned integer wrapping in PL_ArenaAllocateīuffer overflow in the nsFloatManager::GetFlowArea function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.īuffer overflow in the nsCharTraits::length function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thu.īuffer overflow when using non-XBL object as XBLīuffer overflow in Mozilla Maintenance Service and Mozilla Updaterīuffer overflow in the Mozilla Maintenance Service in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thund.īuffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox.
OVAL Definitions Windows Compliance Inventory Patches Vulnerabilities Unix/Linux Compliance Inventory Patches Vulnerabilities Red Hat Advisories Suse Linux Advisories IOS PixOS Browse OVAL Objects OVAL Sources By Release Dates