Mozilla Firefox addEventListener和setTimeout实现跨站脚本漏洞

相关漏洞

• Skia and Firefox: Integer overflow in SkTDArray leading to out-of-bounds write(CVE-2018-5159)
• Mozilla Firefox WebExtensions can download and open non-executable files without user interaction(CVE-2017-7821)
• Mozilla Firefox: out-of-bounds read in gfxTextRun(CVE-2017-5447)
• Mozilla Firefox: Memory disclosure in ConvolvePixel(CVE-2017-5465)
• Firefox Integer overflow leading to a buffer overflow in nsScriptLoadHandler (CVE-2016-9066)
• Mozilla Firefox webkitdirectory local files disclosure (CVE-2017-5414)
• Mozilla Firefox: use-after-poison in nsStylePadding::GetPadding
• Mozilla Firefox table use-after-free（CVE-2017-5404）
• Firefox Integer overflow leading to a buffer overflow in nsScriptLoadHandler (CVE-2016-9066)
• FireFox RCE by chaining small bugs