Page 130 of 702 results (0.008 seconds)

CVSS: 5.8EPSS: 0%CPEs: 332EXPL: 0

Mozilla Firefox before 18.0 on Android and SeaMonkey before 2.15 do not restrict a touch event to a single IFRAME element, which allows remote attackers to obtain sensitive information or possibly conduct cross-site scripting (XSS) attacks via a crafted HTML document. Mozilla Firefox anterior a 18.0 en Android y SeaMonkey anterior a 2.15 no restringen los eventos de "tap" (tocar la pantalla) a un único elemento IFRAME, lo que permite a atacantes remotos obtener información sensible o posiblemente llevar a cabo ataques XSS a través de un documento HTML. • http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00017.html http://www.mozilla.org/security/announce/2013/mfsa2013-06.html https://bugzilla.mozilla.org/show_bug.cgi?id=790454 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16616 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 10.0EPSS: 1%CPEs: 165EXPL: 0

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. Desbordamiento de búfer en Adobe Flash Player anteriores a v10.3.183.29 y 11.x anteriores a v11.4.402.287 on Windows and Mac OS X, anteriores a v10.3.183.29 y v11.x anteriores a v11.2.202.243 en Linux, anteriores a v11.1.111.19 en Android v2.x y v3.x, y anteriores a v11.1.115.20 en Android v4.x; Adobe AIR anteriores a v3.4.0.2710; y Adobe AIR SDK anteriores a v3.4.0.2710 permite a atacantes ejecutar código a través de vectores no especificados, es una vulnerabilidad distinta a otros listados en APSB12-22. • http://osvdb.org/86875 http://www.adobe.com/support/security/bulletins/apsb12-22.html http://www.securityfocus.com/bid/56375 https://exchange.xforce.ibmcloud.com/vulnerabilities/79771 https://access.redhat.com/security/cve/CVE-2012-5286 https://bugzilla.redhat.com/show_bug.cgi?id=864284 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 1%CPEs: 165EXPL: 0

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. Desbordamiento de búfer en Adobe Flash Player anteriores a v10.3.183.29 y 11.x anteriores a v11.4.402.287 on Windows and Mac OS X, anteriores a v10.3.183.29 y v11.x anteriores a v11.2.202.243 en Linux, anteriores a v11.1.111.19 en Android v2.x y v3.x, y anteriores a v11.1.115.20 en Android v4.x; Adobe AIR anteriores a v3.4.0.2710; y Adobe AIR SDK anteriores a v3.4.0.2710 permite a atacantes ejecutar código a través de vectores no especificados, es una vulnerabilidad distinta a otros listados en APSB12-22. • http://osvdb.org/86876 http://www.adobe.com/support/security/bulletins/apsb12-22.html http://www.securityfocus.com/bid/56376 https://exchange.xforce.ibmcloud.com/vulnerabilities/79772 https://access.redhat.com/security/cve/CVE-2012-5287 https://bugzilla.redhat.com/show_bug.cgi?id=864284 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.0EPSS: 0%CPEs: 167EXPL: 0

Mozilla Firefox before 16.0 on Android assigns chrome privileges to Reader Mode pages, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site. Mozilla Firefox antes de v16.0 en Android asigna privilegios chrome a páginas Reader Mode, lo que permite a atacantes remotos asistidos por el usuario eludir restricciones de acceso destinados a través de un sitio web manipulado. • http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00010.html http://osvdb.org/86107 http://secunia.com/advisories/50856 http://www.mozilla.org/security/announce/2012/mfsa2012-78.html https://bugzilla.mozilla.org/show_bug.cgi?id=778582 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 10.0EPSS: 13%CPEs: 161EXPL: 0

Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22. Adobe Flash Player antes de v10.3.183.29 y 11.x antes de v11.4.402.287 en Windows and Mac OS X, antes de v10.3.183.29 and 11.x antes de v11.2.202.243 en Linux, antes de v11.1.111.19 en Android 2.x y 3.x, and antes de v11.1.115.20 en Android 4.x; Adobe AIR antes de v3.4.0.2710; y Adobe AIR SDK antes de v3.4.0.2710, permite a los atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a otros CVE diferentes a corrupción de memoria en Flash Player diferente listada como APSB12-22. • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00034.html http://osvdb.org/86045 http://www.adobe.com/support/security/bulletins/apsb12-22.html https://exchange.xforce.ibmcloud.com/vulnerabilities/79089 https://access.redhat.com/security/cve/CVE-2012-5268 https://bugzilla.redhat.com/show_bug.cgi?id=864284 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •