Search CVE reports
1 – 4 of 4 results
CVE-2013-1055
Low prioritySome fixes available 2 of 5
The unity-firefox-extension package could be tricked into dropping a C callback which was still in use, which Firefox would then free, causing Firefox to crash. This could be achieved by adding an action to the launcher and...
1 affected packages
unity-firefox-extension
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| unity-firefox-extension | — | — | — | — | — |
CVE-2013-1054
Low prioritySome fixes available 2 of 5
The unity-firefox-extension package could be tricked into destroying the Unity webapps context, causing Firefox to crash. This could be achieved by spinning the event loop inside the webapps initialization callback. Fixed in...
1 affected packages
unity-firefox-extension
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| unity-firefox-extension | — | — | — | — | — |
CVE-2012-0960
Medium priorityUnity integration extension (unity-firefox-extension) before 2.4.1 for Firefox does not properly handle callbacks, which allows remote attackers to cause a denial of service (Firefox crash) and possibly execute arbitrary code via...
1 affected packages
unity-firefox-extension
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| unity-firefox-extension | — | — | — | — | — |
CVE-2012-0958
Medium prioritycontent/unity-api.js in the unity-firefox-extension extension 2.4.1 for Firefox exposes the toDataURL function in an API call, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a...
1 affected packages
unity-firefox-extension
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| unity-firefox-extension | — | — | — | — | — |