CVSS: 9.8EPSS: 0%CPEs: 11EXPL: 1CVE-2017-5434 – Mozilla: Use-after-free during focus handling (MFSA 2017-11, MFSA 2017-12)
https://notcve.org/view.php?id=CVE-2017-5434
20 Apr 2017 — A use-after-free vulnerability occurs when redirecting focus handling which results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. Ocurre una vulnerabilidad de uso de memoria previamente liberada al redireccionar la gestión de focus que resulta en un cierre inesperado potencialmente explotable. La vulnerabilidad afecta a Thunderbird en versiones anteriores a la 52.1, Firefox ESR en versiones anteriores a la 45.9, F... • http://www.securityfocus.com/bid/97940 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 18EXPL: 1CVE-2017-5440 – Mozilla: Use-after-free in txExecutionState destructor during XSLT processing (MFSA 2017-11, MFSA 2017-12)
https://notcve.org/view.php?id=CVE-2017-5440
20 Apr 2017 — A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions during matching while evaluating context, leading to objects being used when they no longer exist. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. Vulnerabilidad de uso de memoria previamente liberada durante el procesamiento XSLT debido al error para propagar condiciones de error durante el proceso de b... • http://www.securityfocus.com/bid/97940 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 18EXPL: 1CVE-2017-5441 – Mozilla: Use-after-free with selection during scroll events (MFSA 2017-11, MFSA 2017-12)
https://notcve.org/view.php?id=CVE-2017-5441
20 Apr 2017 — A use-after-free vulnerability when holding a selection during scroll events. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. Vulnerabilidad de uso de memoria previamente liberada al mantener una selección durante los eventos de desplazamiento. Esto resulta en un cierre inesperado potencialmente explotable. • http://www.securityfocus.com/bid/97940 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 2%CPEs: 18EXPL: 0CVE-2017-5469 – Mozilla: Potential Buffer overflow in flex-generated code (MFSA 2017-11, MFSA 2017-12)
https://notcve.org/view.php?id=CVE-2017-5469
20 Apr 2017 — Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. Se han solucionado potenciales desbordamientos de búfer en el código Firefox generado debido a un problema CVE-2016-6354 en Flex. La vulnerabilidad afecta a Thunderbird en versiones anteriores a la 52.1, Firefox ESR en versiones anteriores a la 45.9, Firefox en versiones anteriores a la 52.1 y Firefox en versio... • http://www.securityfocus.com/bid/97940 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 18EXPL: 0CVE-2017-5435 – Mozilla: Use-after-free during transaction processing in the editor (MFSA 2017-11, MFSA 2017-12)
https://notcve.org/view.php?id=CVE-2017-5435
20 Apr 2017 — A use-after-free vulnerability occurs during transaction processing in the editor during design mode interactions. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. Ocurre una vulnerabilidad de uso de memoria previamente liberada durante el procesamiento de transacciones en el editor durante las interacciones del modo de diseño. Esto resulta en un cierre inesperado potencialmente explotable. • http://www.securityfocus.com/bid/97940 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 18EXPL: 0CVE-2017-5442 – Mozilla: Use-after-free during style changes (MFSA 2017-11, MFSA 2017-12)
https://notcve.org/view.php?id=CVE-2017-5442
20 Apr 2017 — A use-after-free vulnerability during changes in style when manipulating DOM elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. Vulnerabilidad de uso de memoria previamente liberada durante los cambios de estilo al manipular elementos DOM. Esto resulta en un cierre inesperado potencialmente explotable. • http://www.securityfocus.com/bid/97940 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 1CVE-2017-5445 – Mozilla: Uninitialized values used while parsing application/http-index-format content (MFSA 2017-11, MFSA 2017-12)
https://notcve.org/view.php?id=CVE-2017-5445
20 Apr 2017 — A vulnerability while parsing "application/http-index-format" format content where uninitialized values are used to create an array. This could allow the reading of uninitialized memory into the arrays affected. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. Vulnerabilidad al analizar contenido de formato "application/http-index-format" en el que se emplean variables no inicializadas para crear un array. Esto podría permitir la lectura de memoria no ... • http://www.securityfocus.com/bid/97940 • CWE-129: Improper Validation of Array Index •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0CVE-2017-5462 – Gentoo Linux Security Advisory 201705-04
https://notcve.org/view.php?id=CVE-2017-5462
20 Apr 2017 — A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bits over. The NSS library has been updated to fix this issue to address this issue and Firefox ESR 52.1 has been updated with NSS version 3.28.4. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. Error en la generación de números DRBG en la biblioteca Network Security Services (NSS) cuando el V de estado interno no tra... • http://www.securityfocus.com/bid/97940 • CWE-682: Incorrect Calculation •
CVSS: 9.8EPSS: 0%CPEs: 18EXPL: 1CVE-2017-5443 – Mozilla: Out-of-bounds write during BinHex decoding (MFSA 2017-11, MFSA 2017-12)
https://notcve.org/view.php?id=CVE-2017-5443
20 Apr 2017 — An out-of-bounds write vulnerability while decoding improperly formed BinHex format archives. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. Vulnerabilidad de escritura fuera de límites al descodificar archivos de formato BinHex creados incorrectamente. La vulnerabilidad afecta a Thunderbird en versiones anteriores a la 52.1, Firefox ESR en versiones anteriores a la 45.9, Firefox en versiones anteriores a la 52.1 y Firefox en versiones anteriores a l... • http://www.securityfocus.com/bid/97940 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 18EXPL: 1CVE-2017-5433 – Mozilla: Use-after-free in SMIL animation functions (MFSA 2017-11, MFSA 2017-12)
https://notcve.org/view.php?id=CVE-2017-5433
20 Apr 2017 — A use-after-free vulnerability in SMIL animation functions occurs when pointers to animation elements in an array are dropped from the animation controller while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. Ocurre una vulnerabilidad de uso de memoria previamente liberada en las funciones de animación SMIL cuando los punteros a elementos animation en un array se separan del controlador d... • http://www.securityfocus.com/bid/97940 • CWE-416: Use After Free •