CVSS: 9.3EPSS: 2%CPEs: 15EXPL: 0CVE-2012-0449 – Mozilla: Crash when rendering SVG+XSLT (MFSA 2012-08)
https://notcve.org/view.php?id=CVE-2012-0449
Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed XSLT stylesheet that is embedded in a document. Mozilla Firefox antes de v3.6.26 y v4.x hasta v9.0, Thunderbird antes de v3.1.18 y v5.0 hasta v9.0, y SeaMonkey antes de v2.7, permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) o posiblemente ejecutar código de su elección a través de una hoja de estilos XSLT que se encuentra embebida en un documento. • http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html http://www.debian.org/security/2012/dsa-2400 http://www.debian.org/security/2012/dsa-2402 http://www.debian.org/security/2012/dsa-2406 http://www.mandriva.com/security/advisories?name=MDVSA-2012:013 http://www.mozilla.org/security/announce/2012/mfsa2012-08.html h • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 88%CPEs: 19EXPL: 1CVE-2012-0444 – Mozilla Firefox Ogg Vorbis Decoding Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-0444
Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file. Mozilla Firefox v3.6.26 y v4.x hasta el v9.0, Thunderbird antes de v3.1.18 y v5.0 hasta la v9.0 y SeaMonkey antes de v2.7 no inicializa correctamente las estructuras de datos nsChildView, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria caida de la aplicación) o posiblemente ejecutar código de su elección a través de un archivo Ogg Vorbis debidamente manipulado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the parsing of Ogg Vorbis media files. By crafting a stream with specific values , it is possible to cause a decoding loop that copies memory to write controlled data beyond the end of a fixed size buffer. • http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html http://secunia.com/advisories/48043 http://secunia.com/advisories/48095 http://www.debian.org/security/2012/dsa-2400 http://www.debian.org/security/2012/dsa-2402 http://www.debian.org/security/2012/dsa-2406 http://www.mandriva.com/security/advisories?name=MDVSA- • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 3%CPEs: 15EXPL: 1CVE-2012-0442 – Mozilla: memory safety hazards in 10.0/1.9.2.26 (MFSA 2012-01)
https://notcve.org/view.php?id=CVE-2012-0442
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades no especificadas en el motor del navegador de Mozilla Firefox antes de 3v.6.26 y v4.x hasta la v9.0, Thunderbird antes de v3.1.18 y v5.0 hasta la v9.0 y SeaMonkey antes de v2.7 permiten a atacantes remotos provocar una denegación de servicio (corrupción de memoria y bloqueo de la aplicación) o posiblemente ejecutar código de su elección a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html http://www.debian.org/security/2012/dsa-2400 http://www.debian.org/security/2012/dsa-2402 http://www.debian.org/security/2012/dsa-2406 http://www.mandriva.com/security/advisories?name=MDVSA-2012:013 http://www.mozilla.org/security/announce/2012/mfsa2012-01.html h •
CVSS: 9.3EPSS: 92%CPEs: 13EXPL: 2CVE-2011-3659 – Mozilla Firefox AttributeChildRemoved Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-3659
Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access to removed nsDOMAttribute child nodes. Una vulnerabilidad de uso después de liberaciónen Mozilla Firefox antes de v3.6.26 y v4.x hasta la v9.0, Thunderbird antes de v3.1.18 y v5.0 hasta la v9.0 y SeaMonkey antes de v2.7 podría permitir a atacantes remotos ejecutar código de su elección a través de vectores relacionados con notificaciones AttributeChildRemoved incorrectas que afectan el acceso a nodos hijos nsDOMAttribute. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Firefox handles nsDOMAttribute child removal. It is possible to remove a child without setting the removed child pointer to NULL, thus leaving it still accessible as a dangling pointer. • https://www.exploit-db.com/exploits/18870 http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html http://www.mandriva.com/security/advisories?name=MDVSA-2012:013 http://www.mozilla.org/security/announce/2012/mfsa2012-04.html https://bugzilla.mozilla.org/show_bug.cgi?id=708198 https://oval.cisecurity.org/repository/search/definit • CWE-416: Use After Free •
CVSS: 4.3EPSS: 71%CPEs: 16EXPL: 1CVE-2012-0053 – Apache - httpOnly Cookie Disclosure
https://notcve.org/view.php?id=CVE-2012-0053
protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script. protocol.c en Apache HTTP Server v2.2.x hasta la v2.2.21 no limita adecuadamente la información de cabecera durante la construcción de mensajes de error Bad Request (errores 400), lo que permite obtener los valores de las cookies HTTPOnly a atacantes remotos a través de vectores relacionados con una cabecera (1) demasiado larga o (2) mal formada con un script web desarrollado para este fin. • https://www.exploit-db.com/exploits/18442 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 http://httpd.apache.org/security/vulnerabilities_22.html http://kb.juniper.net/JSA10585 http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00002.html http://marc.info/?l=bugtraq&m=133294460209056&w=2 http:// •