CVSS: 6.5EPSS: 2%CPEs: 7EXPL: 0CVE-2016-2839
https://notcve.org/view.php?id=CVE-2016-2839
Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 on Linux make cairo _cairo_surface_get_extents calls that do not properly interact with libav header allocation in FFmpeg 0.10, which allows remote attackers to cause a denial of service (application crash) via a crafted video. Mozilla Firefox en versiones anteriores a 48.0 y Firefox ESR 45.x en versiones anteriores a 45.3 en Linux hace llamadas cairo _cairo_surface_get_extents que no interactúan adecuadamente con asignación de cabecera libav en FFmpeg 0.10, lo que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un vídeo manipulado. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html http://www.mozilla.org/security/announce/2016/mfsa2016-65.html http://www.securityfocus.com/bid/92261 http://www.securitytracker.com/id/1036508 http://www.ubuntu.com/usn/USN-3044-1 https://bugzilla.mozilla.org/show_bug.cgi?id=1275339 https://security.gentoo.org/glsa/201701-15 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 2%CPEs: 5EXPL: 0CVE-2016-2836 – Mozilla: Miscellaneous memory safety hazards (rv:45.3) (MFSA 2016-62)
https://notcve.org/view.php?id=CVE-2016-2836
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to Http2Session::Shutdown and SpdySession31::Shutdown, and other vectors. Múltiples vulnerabilidades no especificadas en el motor del navegador en Mozilla Firefox en versiones anteriores a 48.0 y Firefox ESR 45.x en versiones anteriores a 45.3 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de aplicación) o posiblemente ejecutar código arbitrario a través de vectores relacionados con Http2Session::Shutdown y SpdySession31::Shutdown y otros vectores. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html http://rhn.redhat.com/errata/RHSA-2016-1551.html http://rhn.redhat.com/errata/RHSA-2016-1809.html http://www.debian.org/security/2016/dsa-3640 http://www.mozilla.org/security/announce/2016/mfsa2016-62.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.securityfocus.com/bid/92261 http://w • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 3%CPEs: 8EXPL: 1CVE-2016-5259 – Mozilla: Use-after-free in service workers with nested sync events (MFSA 2016-73)
https://notcve.org/view.php?id=CVE-2016-5259
Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via a script that closes its own Service Worker within a nested sync event loop. Vulnerabilidad de uso después de liberación de memoria en la función CanonicalizeXPCOMParticipant en Mozilla Firefox en versiones anteriores a 48.0 y Firefox ESR 45.x en versiones anteriores a 45.3 permite a atacantes remotos ejecutar código arbitrario a través de una secuencia de comandos que cierra su propio Service Worker dentro de un bloque de eventos sync anidados. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html http://rhn.redhat.com/errata/RHSA-2016-1551.html http://www.debian.org/security/2016/dsa-3640 http://www.mozilla.org/security/announce/2016/mfsa2016-73.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.securityfocus.com/bid/92258 http://www.securitytracker.com/id/1036508 http://www.ubuntu.c • CWE-416: Use After Free •
CVSS: 6.1EPSS: 0%CPEs: 8EXPL: 0CVE-2016-5262 – Mozilla: Scripts on marquee tag can execute in sandboxed iframes (MFSA 2016-76)
https://notcve.org/view.php?id=CVE-2016-5262
Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 process JavaScript event-handler attributes of a MARQUEE element within a sandboxed IFRAME element that lacks the sandbox="allow-scripts" attribute value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site. Mozilla Firefox en versiones anteriores a 48.0 y Firefox ESR 45.x en versiones anteriores a 45.3 procesa atributos de controladores de eventos JavaScript de un elemento MARQUEE dentro de un elemento IFRAME aislado que carece de valor de atributo sandbox="allow-scripts", lo que facilita a atacantes remotos llevar a cabo ataques XSS a través de un sitio web manipulado. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html http://rhn.redhat.com/errata/RHSA-2016-1551.html http://www.debian.org/security/2016/dsa-3640 http://www.mozilla.org/security/announce/2016/mfsa2016-76.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.securityfocus.com/bid/92258 http://www.securitytracker.com/id/1036508 http://www.ubuntu.c • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 2%CPEs: 8EXPL: 1CVE-2016-5264 – Mozilla: Use-after-free when applying SVG effects (MFSA 2016-79)
https://notcve.org/view.php?id=CVE-2016-5264
Use-after-free vulnerability in the nsNodeUtils::NativeAnonymousChildListChange function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG element that is mishandled during effect application. Vulnerabilidad de uso después de liberación de memoria en la función nsNodeUtils::NativeAnonymousChildListChange en Mozilla Firefox en versiones anteriores a 48.0 y Firefox ESR 45.x en versiones anteriores a 45.3 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria dinámica) a través de un elemento SVG que no se maneja correctamente durante el efecto de la aplicación. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html http://rhn.redhat.com/errata/RHSA-2016-1551.html http://www.debian.org/security/2016/dsa-3640 http://www.mozilla.org/security/announce/2016/mfsa2016-79.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.securityfocus.com/bid/92258 http://www.securitytracker.com/id/1036508 http://www.ubuntu.c • CWE-416: Use After Free •