504862
|
|
XSS due to window.dialogArguments accessible cross-domain (MSVR-09-0047 / ZDI-CAN-535)
|
Core
|
DOM: Core & HTML
|
jstenback+bmo
|
RESO
|
FIXE
|
2010-03-18
|
526500
|
|
Use-after-free error in HTML parser when handling out-of-memory conditions (SA37242)
|
Core
|
XPCOM
|
jonas
|
RESO
|
FIXE
|
2020-12-09
|
501934
|
|
Crash [@ nsXBLBinding::GenerateAnonymousContent] with DOMAttrModified and oncommand removing element and xbl:inherits="xbl:text"
|
Core
|
XBL
|
MatsPalmgren_bugz
|
RESO
|
FIXE
|
2011-06-13
|
455472
|
|
[FIX]code injection with Content-Type: application/octet-stream, embed and svg - no plugins required
|
Core
|
DOM: Core & HTML
|
bzbarsky
|
RESO
|
FIXE
|
2019-03-13
|
467005
|
|
Double items in layout when alert() called from mutation event handler
|
Core
|
DOM: Events
|
bzbarsky
|
RESO
|
FIXE
|
2010-06-20
|
535806
|
|
XUL cache lets HTML and XUL share stylesheets, can allow remote webpages to break browser UI
|
Core
|
XUL
|
bzbarsky
|
RESO
|
FIXE
|
2010-03-24
|
528300
|
|
Crash [@ txExecutionState::~txExecutionState]
|
Core
|
XSLT
|
peterv
|
RESO
|
FIXE
|
2011-06-13
|
536124
|
|
Update browser/toolkit copyright dates to 2010
|
Firefox
|
General
|
philringnalda
|
RESO
|
FIXE
|
2010-01-28
|
502687
|
|
GCGraphBuilder::AddNode crashes on OOM
|
Core
|
XPCOM
|
mrbkap
|
VERI
|
FIXE
|
2010-02-28
|
531364
|
|
Fix for bug 380474 does not work with security wrappers
|
Core
|
Security
|
mrbkap
|
VERI
|
FIXE
|
2010-05-09
|