Threat Encyclopedia

Browse the Fortiguard Labs extensive encyclopedia of threats. Click any title to view more details of the threat. Can't find what you are looking for? Try using the search bar above to find a specific threat description.

Mozilla developer Bobby Holley discovered that it was possible to bypass some protections in Chrome Object Wrappers (COW) and...

Jun 22, 2016
Mozilla developer Jeff Gilbert discovered a mechanism where a malicious site with WebGL content could inject content from its...

Jun 22, 2016
Security researcher Ronald Crane reported five 'moderate' rated vulnerabilities affecting released code that were found through...

Jun 22, 2016
Mozilla developer Bobby Holley reported that windows created to hold privileged UI content retained access to privileged internal...

Jun 22, 2016
Mozilla developer Boris Zbarsky reported that in some circumstances a wrapped WebIDL object can be wrapped multiple times, overwriting...

Jun 22, 2016
The CESG, the Information Security Arm of GCHQ, reported that the JavaScript .watch() method could be used to overflow the 32-bit...

Jun 22, 2016
Mozilla community member Ezra Pool reported a potentially exploitable crash on extremely large pages. This was caused when a cycle...

Jun 22, 2016
Security researcher Cody Crews reported that some Javascript components will perform checks against the wrong uniform resource...

Jun 22, 2016
Bugzilla developer Fr d ric Buclin reported that the X-Frame-Options header is ignored when server push is used in multi-part...

Jun 22, 2016
Security researcher Cody Crews reported a method to trigger chrome level XML Binding Language (XBL) bindings through web content....

Jun 22, 2016
Security researcher Joe Vennix from Rapid7 reported that passing a JavaScript object to XMLHttpRequest that mimics an input stream...

Jun 22, 2016
Mozilla security engineer Frederik Braun reported an issue where the implementation of Content Security Policy (CSP) is not in...

Jun 22, 2016
Mozilla developer Bobby Holley reported that Document Object Model (DOM) objects with some specific properties can bypass XrayWrappers....

Jun 22, 2016
Mozilla security researcher moz_bug_r_a4 reported that XrayWrappers can be bypassed to call content-defined toString and valueOf...

Jun 22, 2016
Mozilla developer David Keeler reported that the crypto.generateCRFMRequest method did not correctly validate the key type of...

Jun 22, 2016
Mozilla engineer Matt Wobensmith discovered that when the getUserMedia permission dialog for an iframe appears in one domain,...

Jun 22, 2016
Security researchers Tim Philipp Sch fers and Sebastian Neef, the team of Internetwache.org, reported a mechanism using JavaScript...

Jun 22, 2016
Security researcher Mariusz Mlynski reported, through HP Zero Day Initiative's Pwn2Own contest, that documents loaded though a...

Jun 22, 2016
Security researcher Muneaki Nishimura reported that navigator.sendBeacon() does not follow the cross-origin resource sharing (CORS)...

Jun 22, 2016