Ps Project Management Team : Security Vulnerabilities, CVEs,
Use-after-free vulnerability in libunity-webapps before 2.4.1 allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via a crafted web site, related to "certain hash tables."
Max CVSS
7.5
EPSS Score
1.03%
Published
2012-11-30
Updated
2012-12-03
Unity integration extension (unity-firefox-extension) before 2.4.1 for Firefox does not properly handle callbacks, which allows remote attackers to cause a denial of service (Firefox crash) and possibly execute arbitrary code via a crafted request.
Max CVSS
7.5
EPSS Score
5.20%
Published
2012-11-24
Updated
2017-08-29
content/unity-api.js in the unity-firefox-extension extension 2.4.1 for Firefox exposes the toDataURL function in an API call, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted webpage.
Max CVSS
4.3
EPSS Score
0.18%
Published
2012-12-26
Updated
2013-01-11
3 vulnerabilities found