RSS   Vulnerabilities for 'Unity-firefox-extension'   RSS

2012-12-26
 
CVE-2012-0958

 

 
content/unity-api.js in the unity-firefox-extension extension 2.4.1 for Firefox exposes the toDataURL function in an API call, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted webpage.

 
2012-11-24
 
CVE-2012-0960

 

 
Unity integration extension (unity-firefox-extension) before 2.4.1 for Firefox does not properly handle callbacks, which allows remote attackers to cause a denial of service (Firefox crash) and possibly execute arbitrary code via a crafted request.

 

 >>> Vendor: Ps project management team 2 Products
Unity-firefox-extension
Libunity-webapps


Copyright 2024, cxsecurity.com

 

Back to Top