Page 110 of 672 results (0.016 seconds)

CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 1

CVE-2017-7754 – Mozilla: Out-of-bounds read in WebGL with ImageInfo object (MFSA 2017-16)

https://notcve.org/view.php?id=CVE-2017-7754

An out-of-bounds read in WebGL with a maliciously crafted "ImageInfo" object during WebGL operations. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. Lectura fuera de límites en WebGL con un objeto "ImageInfo" maliciosamente manipulado durante las operaciones WebGL. La vulnerabilidad afecta a Firefox en versiones anteriores a la 54, Firefox ESR en versiones anteriores a la 52.2 y Thunderbird en versiones anteriores a la 52.2. • http://www.securityfocus.com/bid/99057 http://www.securitytracker.com/id/1038689 https://access.redhat.com/errata/RHSA-2017:1440 https://access.redhat.com/errata/RHSA-2017:1561 https://bugzilla.mozilla.org/show_bug.cgi?id=1357090 https://www.debian.org/security/2017/dsa-3881 https://www.debian.org/security/2017/dsa-3918 https://www.mozilla.org/security/advisories/mfsa2017-15 https://www.mozilla.org/security/advisories/mfsa2017-16 https://www.mozilla.org/security/advisories • CWE-125: Out-of-bounds Read •

CVSS: 9.8EPSS: 0%CPEs: 18EXPL: 0

CVE-2017-7749 – Mozilla: Use-after-free during docshell reloading (MFSA 2017-16)

https://notcve.org/view.php?id=CVE-2017-7749

A use-after-free vulnerability when using an incorrect URL during the reloading of a docshell. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. Vulnerabilidad de uso de memoria previamente liberada al emplear una URL incorrecta durante la recarga de un docshell. Esto resulta en un cierre inesperado potencialmente explotable. • http://www.securityfocus.com/bid/99057 http://www.securitytracker.com/id/1038689 https://access.redhat.com/errata/RHSA-2017:1440 https://access.redhat.com/errata/RHSA-2017:1561 https://bugzilla.mozilla.org/show_bug.cgi?id=1355039 https://www.debian.org/security/2017/dsa-3881 https://www.debian.org/security/2017/dsa-3918 https://www.mozilla.org/security/advisories/mfsa2017-15 https://www.mozilla.org/security/advisories/mfsa2017-16 https://www.mozilla.org/security/advisories • CWE-416: Use After Free •

CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 1

CVE-2017-7764 – Mozilla: Domain spoofing with combination of Canadian Syllabics and other unicode blocks (MFSA 2017-16)

https://notcve.org/view.php?id=CVE-2017-7764

Characters from the "Canadian Syllabics" unicode block can be mixed with characters from other unicode blocks in the addressbar instead of being rendered as their raw "punycode" form, allowing for domain name spoofing attacks through character confusion. The current Unicode standard allows characters from "Aspirational Use Scripts" such as Canadian Syllabics to be mixed with Latin characters in the "moderately restrictive" IDN profile. We have changed Firefox behavior to match the upcoming Unicode version 10.0 which removes this category and treats them as "Limited Use Scripts.". This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. Los caracteres del bloque unicode "Canadian Syllabics" pueden mezclarse con caracteres de otros bloques unicode en la barra de direcciones en lugar de ser presentados en su forma "punycode" sin procesar. • http://www.securityfocus.com/bid/99057 http://www.securitytracker.com/id/1038689 http://www.unicode.org/reports/tr31/tr31-26.html#Aspirational_Use_Scripts https://access.redhat.com/errata/RHSA-2017:1440 https://access.redhat.com/errata/RHSA-2017:1561 https://bugzilla.mozilla.org/show_bug.cgi?id=1364283 https://www.debian.org/security/2017/dsa-3881 https://www.debian.org/security/2017/dsa-3918 https://www.mozilla.org/security/advisories/mfsa2017-15 https://www.mozilla.org • CWE-20: Improper Input Validation •

CVSS: 9.1EPSS: 0%CPEs: 17EXPL: 1

CVE-2017-7758 – Mozilla: Out-of-bounds read in Opus encoder (MFSA 2017-16)

https://notcve.org/view.php?id=CVE-2017-7758

An out-of-bounds read vulnerability with the Opus encoder when the number of channels in an audio stream changes while the encoder is in use. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. Vulnerabilidad de lectura fuera de límites en el codificador Opus cuando el número de canales en una transmisión de audio cambia mientras el codificador sigue en uso. La vulnerabilidad afecta a Firefox en versiones anteriores a la 54, Firefox ESR en versiones anteriores a la 52.2 y Thunderbird en versiones anteriores a la 52.2. • http://www.securityfocus.com/bid/99057 http://www.securitytracker.com/id/1038689 https://access.redhat.com/errata/RHSA-2017:1440 https://access.redhat.com/errata/RHSA-2017:1561 https://bugzilla.mozilla.org/show_bug.cgi?id=1368490 https://www.debian.org/security/2017/dsa-3881 https://www.debian.org/security/2017/dsa-3918 https://www.mozilla.org/security/advisories/mfsa2017-15 https://www.mozilla.org/security/advisories/mfsa2017-16 https://www.mozilla.org/security/advisories • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0

CVE-2017-5467 – Mozilla: Memory corruption when drawing Skia content (MFSA 2017-12)

https://notcve.org/view.php?id=CVE-2017-5467

A potential memory corruption and crash when using Skia content when drawing content outside of the bounds of a clipping region. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53. Corrupción de memoria y cierre inesperado potencial al emplear el contenido Skia cuando se dibuja contenido fuera de los límites de una región de recorte. La vulnerabilidad afecta a Thunderbird en versiones anteriores a la 52.1, Firefox ESR en versiones anteriores a la 52.1 y Firefox en versiones anteriores a la 53. • http://www.securityfocus.com/bid/97940 http://www.securitytracker.com/id/1038320 https://access.redhat.com/errata/RHSA-2017:1106 https://access.redhat.com/errata/RHSA-2017:1201 https://bugzilla.mozilla.org/show_bug.cgi?id=1347262 https://www.mozilla.org/security/advisories/mfsa2017-10 https://www.mozilla.org/security/advisories/mfsa2017-12 https://www.mozilla.org/security/advisories/mfsa2017-13 https://access.redhat.com/security/cve/CVE-2017-5467 https://bugzilla.redhat.com/sho • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •