424733
|
|
[FIX]CSS -moz-binding property bypasses security checks on codebase principals
|
Core
|
Security: CAPS
|
bzbarsky
|
RESO
|
FIXE
|
2009-01-08
|
455311
|
|
[FIX]mid-autumn festival vulnerability
|
Core
|
Networking: File
|
bzbarsky
|
RESO
|
FIXE
|
2013-08-27
|
355567
|
|
Firefox stores corrupted version of cached JavaScript file (merges two files together)
|
Core
|
Networking: Cache
|
michal.novotny
|
RESO
|
FIXE
|
2009-04-20
|
141606
|
|
tags applied (IMAP) when offline not available after going online
|
MailNews Core
|
Backend
|
mozilla
|
RESO
|
FIXE
|
2008-11-04
|
416284
|
|
Detached attachments should not be able to be re-detached
|
MailNews Core
|
Attachments
|
mkmelin+mozilla
|
RESO
|
FIXE
|
2012-06-20
|
457411
|
|
[1.8 branch] Crash while uploading files to MediaFire.com [@ nsXMLHttpRequest::ConvertBodyToText]
|
Core
|
General
|
bzbarsky
|
RESO
|
DUPL
|
2011-06-09
|
355126
|
|
stealing pictures via canvas and http redirect
|
Core
|
Graphics: Canvas2D
|
joe
|
RESO
|
FIXE
|
2020-10-25
|
390219
|
|
Trunk topcrash [@ nsXMLHttpRequest::OnStartRequest]
|
Core
|
DOM: Core & HTML
|
jonas
|
RESO
|
FIXE
|
2019-03-13
|
370118
|
|
Thunderbird refuses to start: "Cannot find mozilla runtime directory. Exiting."
|
Thunderbird
|
Build Config
|
standard8
|
RESO
|
FIXE
|
2008-10-23
|
450909
|
|
missing support for AIX target in configure.in
|
Firefox Build System
|
General
|
ul.mcamafia
|
RESO
|
FIXE
|
2018-03-02
|
352604
|
|
"Assertion failure: !OBJ_GET_PROTO(cx, ctor)" after deleting Function
|
Core
|
JavaScript Engine
|
crowderbt
|
VERI
|
FIXE
|
2011-02-12
|
89419
|
|
[PATCH] Caching of images loaded from a 302 is broken
|
Core
|
Graphics: ImageLib
|
joe
|
VERI
|
FIXE
|
2014-04-26
|
462034
|
|
[FIX]Should consider .desktop files executable on Linux
|
Core
|
XPCOM
|
bzbarsky
|
VERI
|
FIXE
|
2010-02-13
|
455663
|
|
[fr] Correcteur d'orthographe dans le champ 'Sujet"
|
Mozilla Localization
|
fr / French
|
cedric.corazza
|
VERI
|
FIXE
|
2009-04-24
|
453915
|
|
XML injection possible in E4X parsing via "default xml namespace"
|
Core
|
JavaScript Engine
|
crowderbt
|
VERI
|
FIXE
|
2009-01-14
|
454113
|
|
e4x/extensions/regress-374025.js - invalid write
|
Core
|
JavaScript Engine
|
crowderbt
|
VERI
|
FIXE
|
2014-10-11
|
457093
|
|
toString on js function w/ try catch silently hangs js execution
|
Core
|
JavaScript Engine
|
crowderbt
|
VERI
|
FIXE
|
2008-09-30
|
452689
|
|
Crash in [@ nsPrefBranch::SetComplexValue] passing RSS feed URL to FeedDemon
|
Firefox Graveyard
|
RSS Discovery and Pr
|
gavin.sharp
|
VERI
|
FIXE
|
2018-12-20
|
451619
|
|
Redirects permit cross-domain and local-system image disclosure via CANVAS
|
Firefox
|
Security
|
joe
|
VERI
|
FIXE
|
2009-01-05
|
433610
|
|
Mozilla Firefox Flash Player Dynamic Module Unloading Vulnerability (ZDI-CAN-259)
|
Core Graveyard
|
Plug-ins
|
jstenback+bmo
|
VERI
|
FIXE
|
2022-05-16
|
436741
|
|
"Assertion failure: OBJ_IS_NATIVE(obj)" with __proto__ mangling
|
Core
|
JavaScript Engine
|
mrbkap
|
VERI
|
FIXE
|
2009-05-07
|
452295
|
|
segfault: echo 'eval("1")' | ./js
|
Core
|
JavaScript Engine
|
mrbkap
|
VERI
|
FIXE
|
2008-10-23
|
459906
|
|
XSS vulnerability in session restore
|
Firefox
|
Session Restore
|
mrbkap
|
VERI
|
FIXE
|
2011-06-29
|
460983
|
|
Arbitrary code execution using bug 459906
|
Firefox
|
Session Restore
|
mrbkap
|
VERI
|
FIXE
|
2009-07-22
|
458883
|
|
Make Document.documentURI and .textContent noAccess in mailnews
|
MailNews Core
|
Security
|
philringnalda
|
VERI
|
FIXE
|
2009-01-05
|
460002
|
|
It's possible to circumvent the inner window check in nsXMLHttpRequest::NotifyEventListeners()
|
Core
|
Security
|
smaug
|
VERI
|
FIXE
|
2009-01-05
|
450864
|
|
c++ style comment in parser/expat/lib/moz_extensions.c
|
Core
|
XML
|
ul.mcamafia
|
VERI
|
FIXE
|
2008-10-21
|
454908
|
|
sessionstore.js stores contents of password fields in plaintext
|
Firefox
|
Session Restore
|
zeniko
|
VERI
|
FIXE
|
2008-11-04
|