CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 0CVE-2016-5252 – Mozilla: Stack underflow during 2D graphics rendering (MFSA 2016-67)
https://notcve.org/view.php?id=CVE-2016-5252
Stack-based buffer underflow in the mozilla::gfx::BasePoint4d function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via crafted two-dimensional graphics data that is mishandled during clipping-region calculations. Desbordamiento inferior de búfer basado en pila en la función mozilla::gfx::BasePoint4d en Mozilla Firefox en versiones anteriores a 48.0 y Firefox ESR 45.x en versiones anteriores a 45.3 permite a atacantes remotos ejecutar código arbitrario a través de datos manipulados de gráficos en dos dimensiones que es manejado incorrectamente durante los cálculos clipping-región. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html http://rhn.redhat.com/errata/RHSA-2016-1551.html http://www.debian.org/security/2016/dsa-3640 http://www.mozilla.org/security/announce/2016/mfsa2016-67.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.securityfocus.com/bid/92261 http://www.securitytracker.com/id/1036508 http://www.ubuntu.c • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2016-5265 – Mozilla: Same-origin policy violation using local HTML file and saved shortcut file (MFSA 2016-80)
https://notcve.org/view.php?id=CVE-2016-5265
Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow user-assisted remote attackers to bypass the Same Origin Policy, and conduct Universal XSS (UXSS) attacks or read arbitrary files, by arranging for the presence of a crafted HTML document and a crafted shortcut file in the same local directory. Mozilla Firefox en versiones anteriores a 48.0 y Firefox ESR 45.x en versiones anteriores a 45.3 permite a atacantes remotos asistidos por usuario eludir el Same Origin Policy, y llevar a cabo ataques Universal XSS (UXSS) o leer archivos arbitrarios, disponiendo la presencia de un documento HTML manipulado y un archivo de acceso directo manipulado en el mismo directorio local. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html http://rhn.redhat.com/errata/RHSA-2016-1551.html http://www.debian.org/security/2016/dsa-3640 http://www.mozilla.org/security/announce/2016/mfsa2016-80.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.securityfocus.com/bid/92258 http://www.securitytracker.com/id/1036508 http://www.ubuntu.c • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 2%CPEs: 8EXPL: 1CVE-2016-5258 – Mozilla: Use-after-free in DTLS during WebRTC session shutdown (MFSA 2016-72)
https://notcve.org/view.php?id=CVE-2016-5258
Use-after-free vulnerability in the WebRTC socket thread in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code by leveraging incorrect free operations on DTLS objects during the shutdown of a WebRTC session. Vulnerabilidad de uso después de liberación de memoria en el hilo de toma WebRTC en Mozilla Firefox en versiones anteriores a 48.0 y Firefox ESR 45.x en versiones anteriores a 45.3 permite a atacantes remotos ejecutar código arbitrario aprovechando operaciones incorrectas gratuitas en objetos DTLS durante la desconexión de una sesión WebRTC. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html http://rhn.redhat.com/errata/RHSA-2016-1551.html http://www.debian.org/security/2016/dsa-3640 http://www.mozilla.org/security/announce/2016/mfsa2016-72.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.securityfocus.com/bid/92258 http://www.securitytracker.com/id/1036508 http://www.ubuntu.c • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2016-5263 – Mozilla: Type confusion in display transformation (MFSA 2016-78)
https://notcve.org/view.php?id=CVE-2016-5263
The nsDisplayList::HitTest function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 mishandles rendering display transformation, which allows remote attackers to execute arbitrary code via a crafted web site that leverages "type confusion." La función nsDisplayList::HitTest en Mozilla Firefox en versiones anteriores a 48.0 y Firefox ESR 45.x en versiones anteriores a 45.3 no maneja correctamente transformación de visualización de renderizado, lo que permite a atacantes remotos ejecutar código arbitrario a través de un sitio web manipulado que aprovecha "type confusion." • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html http://rhn.redhat.com/errata/RHSA-2016-1551.html http://www.debian.org/security/2016/dsa-3640 http://www.mozilla.org/security/announce/2016/mfsa2016-78.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.securityfocus.com/bid/92258 http://www.securitytracker.com/id/1036508 http://www.ubuntu.c • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2016-2830 – Mozilla: Favicon network connection persists when page is closed (MFSA 2016-62)
https://notcve.org/view.php?id=CVE-2016-2830
Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 preserve the network connection used for favicon resource retrieval after the associated browser window is closed, which makes it easier for remote web servers to track users by observing network traffic from multiple IP addresses. Mozilla Firefox en versiones anteriores a 48.0 y Firefox ESR 45.x en versiones anteriores a 45.3 conserva la conexión de red usada para la recuperación de recursos favicon después de que la ventana del navegador asociado se cierre, lo que facilita a servidores web remotos rastrear usuarios mediante la observación de tráfico de red desde múltiples direcciones IP. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html http://rhn.redhat.com/errata/RHSA-2016-1551.html http://www.debian.org/security/2016/dsa-3640 http://www.mozilla.org/security/announce/2016/mfsa2016-63.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.securityfocus.com/bid/92261 http://www.securitytracker.com/id/1036508 http://www.ubuntu.c • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •