Unity Firefox Extension
Approved changes feed: RSS · Atom
cpe:2.3:a:canonical:unity-firefox-extension:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Canonical (bedcba35-8c3d-5a60-8532-2ba876a6ec88) |
|---|---|
| Product | Unity Firefox Extension (d790d2a0-7298-5002-9703-799970c8dd60) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2013-1055 |
vulnerable | 2026-06-03 14:32:47.859445 |
Potential DoS through abuse of rate limit in libunity-webapps for Firefox
MEDIUM (4.3)
The unity-firefox-extension package could be tricked into dropping a C callback which was still in use, which Firefox would then free, causing Firefox to crash. This could be achieved by adding an action to the launcher and updating it with new callbacks until the libunity-webapps rate limit was hit. Fixed in 3.0.0+14.04.20140416-0ubuntu1.14.04.1 of unity-firefox-extension and in all versions of libunity-webapps by shipping an empty unity-firefox-extension package, thus disabling the extension entirely and invalidating the attack against the libunity-webapps package.
Published: 2021-04-07T19:20:18.808Z
Updated: 2024-09-16T21:08:08.783Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2013-1054 |
vulnerable | 2026-06-03 14:32:47.857768 |
Possible remote DOS in WebApps
MEDIUM (4.3)
The unity-firefox-extension package could be tricked into destroying the Unity webapps context, causing Firefox to crash. This could be achieved by spinning the event loop inside the webapps initialization callback. Fixed in 3.0.0+14.04.20140416-0ubuntu1.14.04.1 by shipping an empty package, thus disabling the extension entirely.
Published: 2021-04-07T19:20:18.126Z
Updated: 2024-09-16T23:32:01.687Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.