Page 117 of 1066 results (0.013 seconds)

CVSS: 5.6EPSS: 0%CPEs: 22EXPL: 1

CVE-2017-5405 – Mozilla: FTP response codes can cause use of uninitialized values for ports (MFSA 2017-06)

https://notcve.org/view.php?id=CVE-2017-5405

Certain response codes in FTP connections can result in the use of uninitialized values for ports in FTP operations. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8. Ciertos códigos de respuesta en las conexiones FTP pueden resultar en el uso de valores no inicializados para los puertos en las operaciones FTP. La vulnerabilidad afecta a Firefox en versiones anteriores a la 52, Firefox ESR en versiones anteriores a la 45.8, Thunderbird en versiones anteriores a la 52 y Thunderbird en versiones anteriores a la 45.8. • http://rhn.redhat.com/errata/RHSA-2017-0459.html http://rhn.redhat.com/errata/RHSA-2017-0461.html http://rhn.redhat.com/errata/RHSA-2017-0498.html http://www.securityfocus.com/bid/96693 http://www.securitytracker.com/id/1037966 https://bugzilla.mozilla.org/show_bug.cgi?id=1336699 https://security.gentoo.org/glsa/201705-06 https://security.gentoo.org/glsa/201705-07 https://www.debian.org/security/2017/dsa-3805 https://www.debian.org/security/2017/dsa-3832 https • CWE-1187: DEPRECATED: Use of Uninitialized Resource •

CVSS: 9.8EPSS: 0%CPEs: 21EXPL: 0

CVE-2017-5402 – Mozilla: Use-after-free working with events in FontFace objects (MFSA 2017-06)

https://notcve.org/view.php?id=CVE-2017-5402

A use-after-free can occur when events are fired for a "FontFace" object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8. Puede ocurrir un uso de memoria previamente liberada cuando se lanzan eventos para un objeto "FontFace" una vez el objeto ha sido ya destruido mientras se trabaja con fuentes. Esto resulta en un cierre inesperado potencialmente explotable. • http://rhn.redhat.com/errata/RHSA-2017-0459.html http://rhn.redhat.com/errata/RHSA-2017-0461.html http://rhn.redhat.com/errata/RHSA-2017-0498.html http://www.securityfocus.com/bid/96664 http://www.securitytracker.com/id/1037966 https://bugzilla.mozilla.org/show_bug.cgi?id=1334876 https://security.gentoo.org/glsa/201705-06 https://security.gentoo.org/glsa/201705-07 https://www.debian.org/security/2017/dsa-3805 https://www.debian.org/security/2017/dsa-3832 https • CWE-416: Use After Free •

CVSS: 10.0EPSS: 0%CPEs: 20EXPL: 0

CVE-2017-5398 – Mozilla: Memory safety bugs fixed in Firefox 52 and Firefox ESR 45.8 (MFSA 2017-06)

https://notcve.org/view.php?id=CVE-2017-5398

Memory safety bugs were reported in Thunderbird 45.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8. Se han reportado errores de seguridad de memoria en Thunderbird 45.7. Algunos de estos errores mostraron evidencias de corrupción de memoria y se entiende que, con el suficiente esfuerzo, algunos de estos podrían explotarse para ejecutar código arbitrario. • http://rhn.redhat.com/errata/RHSA-2017-0459.html http://rhn.redhat.com/errata/RHSA-2017-0461.html http://rhn.redhat.com/errata/RHSA-2017-0498.html http://www.securityfocus.com/bid/96651 http://www.securitytracker.com/id/1037966 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1332550%2C1332597%2C1338383%2C1321612%2C1322971%2C1333568%2C1333887%2C1335450%2C1325052%2C1324379%2C1336510 https://security.gentoo.org/glsa/201705-06 https://security.gentoo.org/glsa/201705-07 https://www.debian.org&#x • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.8EPSS: 0%CPEs: 13EXPL: 0

CVE-2017-5373 – Mozilla: Memory safety bugs fixed in Firefox 51 and Firefox ESR 45.7 (MFSA 2017-01)

https://notcve.org/view.php?id=CVE-2017-5373

Memory safety bugs were reported in Firefox 50.1 and Firefox ESR 45.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51. Se han reportado errores de seguridad de memoria en Firefox 50.1 y Firefox ESR 45.6. Algunos de estos errores mostraron evidencias de corrupción de memoria y se entiende que, con el suficiente esfuerzo, algunos de estos podrían explotarse para ejecutar código arbitrario. • http://rhn.redhat.com/errata/RHSA-2017-0190.html http://rhn.redhat.com/errata/RHSA-2017-0238.html http://www.securityfocus.com/bid/95762 http://www.securitytracker.com/id/1037693 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1322315%2C1328834%2C1322420%2C1285833%2C1285960%2C1328251%2C1331058%2C1325938%2C1325877 https://security.gentoo.org/glsa/201702-13 https://security.gentoo.org/glsa/201702-22 https://www.debian.org/security/2017/dsa-3771 https://www.debian.org/security/2017/dsa- • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.8EPSS: 0%CPEs: 21EXPL: 0

CVE-2017-5376 – Mozilla: Use-after-free in XSL (MFSA 2017-02)

https://notcve.org/view.php?id=CVE-2017-5376

Use-after-free while manipulating XSL in XSLT documents. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51. Uso de memoria previamente liberada al manipular XSL en documentos XSLT. La vulnerabilidad afecta a Thunderbird en versiones anteriores a la 45.7, Firefox ESR en versiones anteriores a la 45.7 y Firefox en versiones anteriores a la 51. • http://rhn.redhat.com/errata/RHSA-2017-0190.html http://rhn.redhat.com/errata/RHSA-2017-0238.html http://www.securityfocus.com/bid/95758 http://www.securitytracker.com/id/1037693 https://bugzilla.mozilla.org/show_bug.cgi?id=1311687 https://security.gentoo.org/glsa/201702-13 https://security.gentoo.org/glsa/201702-22 https://www.debian.org/security/2017/dsa-3771 https://www.debian.org/security/2017/dsa-3832 https://www.mozilla.org/security/advisories/mfsa2017-01 http • CWE-416: Use After Free •