CVE-2016-9904 – Mozilla: Cross-origin information leak in shared atoms (MFSA 2016-94, MFSA 2016-95)
https://notcve.org/view.php?id=CVE-2016-9904
An attacker could use a JavaScript Map/Set timing attack to determine whether an atom is used by another compartment/zone in specific contexts. This could be used to leak information, such as usernames embedded in JavaScript code, across websites. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6. Un atacante podría utilizar un ataque de sincronización por JavaScript Map/Set para determinar si un atom está siendo empleado por otro compartimento/zona en determinados contextos. Esto podría emplearse para filtrar información, como nombres de usuario embebidos en código JavaScript, en sitios web. • http://rhn.redhat.com/errata/RHSA-2016-2946.html http://www.securityfocus.com/bid/94885 http://www.securitytracker.com/id/1037461 https://bugzilla.mozilla.org/show_bug.cgi?id=1317936 https://security.gentoo.org/glsa/201701-15 https://www.debian.org/security/2017/dsa-3757 https://www.mozilla.org/security/advisories/mfsa2016-94 https://www.mozilla.org/security/advisories/mfsa2016-95 https://www.mozilla.org/security/advisories/mfsa2016-96 https://access.redhat.com/security/cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2016-9079 – Mozilla Firefox, Firefox ESR, and Thunderbird Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2016-9079
A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox < 50.0.2, Firefox ESR < 45.5.1, and Thunderbird < 45.5.1. Se ha descubierto una vulnerabilidad de uso de memoria previamente liberada en SVG Animation. Se ha descubierto un exploit construido sobre esta vulnerabilidad "in the wild" que apunta a usuarios de Firefox y Tor Browser en Windows. • https://www.exploit-db.com/exploits/42327 https://www.exploit-db.com/exploits/41151 https://github.com/dangokyo/CVE-2016-9079 https://github.com/LakshmiDesai/CVE-2016-9079 https://github.com/Tau-hub/Firefox-CVE-2016-9079 http://rhn.redhat.com/errata/RHSA-2016-2843.html http://rhn.redhat.com/errata/RHSA-2016-2850.html http://www.securityfocus.com/bid/94591 http://www.securitytracker.com/id/1037370 https://bugzilla.mozilla.org/show_bug.cgi?id=1321066 https://se • CWE-416: Use After Free •
CVE-2016-9074
https://notcve.org/view.php?id=CVE-2016-9074
An existing mitigation of timing side-channel attacks is insufficient in some circumstances. This issue is addressed in Network Security Services (NSS) 3.26.1. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50. Una mitigación existente de los ataques de sincronización por canal lateral es insuficiente en determinadas circunstancias. Este problema se aborda en Network Security Services (NSS) 3.26.1. • http://www.securityfocus.com/bid/94341 http://www.securitytracker.com/id/1037298 https://bugzilla.mozilla.org/show_bug.cgi?id=1293334 https://security.gentoo.org/glsa/201701-15 https://security.gentoo.org/glsa/201701-46 https://www.debian.org/security/2016/dsa-3730 https://www.mozilla.org/security/advisories/mfsa2016-89 https://www.mozilla.org/security/advisories/mfsa2016-90 https://www.mozilla.org/security/advisories/mfsa2016-93 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2016-5297 – Mozilla: Incorrect argument length checking in Javascript (MFSA 2016-89, MFSA 2016-90)
https://notcve.org/view.php?id=CVE-2016-5297
An error in argument length checking in JavaScript, leading to potential integer overflows or other bounds checking issues. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50. Un error en la comprobación de lógica de argumentos en JavaScript conduce a potenciales desbordamientos de enteros u otros problemas de comprobación de límites. La vulnerabilidad afecta a Thunderbird en versiones anteriores a la 45.5, Firefox ESR en versiones anteriores a la 45.5 y Firefox en versiones anteriores a la 50. • http://rhn.redhat.com/errata/RHSA-2016-2780.html http://www.securityfocus.com/bid/94336 http://www.securitytracker.com/id/1037298 https://bugzilla.mozilla.org/show_bug.cgi?id=1303678 https://security.gentoo.org/glsa/201701-15 https://www.debian.org/security/2016/dsa-3730 https://www.mozilla.org/security/advisories/mfsa2016-89 https://www.mozilla.org/security/advisories/mfsa2016-90 https://www.mozilla.org/security/advisories/mfsa2016-93 https://access.redhat.com/security/cve • CWE-190: Integer Overflow or Wraparound •
CVE-2016-5296 – Mozilla: Heap-buffer-overflow WRITE in rasterize_edges_1 (MFSA 2016-89, MFSA 2016-90)
https://notcve.org/view.php?id=CVE-2016-5296
A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50. Un desbordamiento de búfer basado en memoria dinámica (heap) en Cairo al procesar contenido SVG generado por la optimización del compilador resulta en un cierre inesperado potencialmente explotable. La vulnerabilidad afecta a Thunderbird en versiones anteriores a la 45.5, Firefox ESR en versiones anteriores a la 45.5 y Firefox en versiones anteriores a la 50. • http://rhn.redhat.com/errata/RHSA-2016-2780.html http://www.securityfocus.com/bid/94339 http://www.securitytracker.com/id/1037298 https://bugzilla.mozilla.org/show_bug.cgi?id=1292443 https://security.gentoo.org/glsa/201701-15 https://www.debian.org/security/2016/dsa-3730 https://www.mozilla.org/security/advisories/mfsa2016-89 https://www.mozilla.org/security/advisories/mfsa2016-90 https://www.mozilla.org/security/advisories/mfsa2016-93 https://access.redhat.com/security/cve • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •