Page 136 of 1290 results (0.009 seconds)

CVSS: 4.3EPSS: 1%CPEs: 11EXPL: 0

CVE-2014-1558

https://notcve.org/view.php?id=CVE-2014-1558

Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1559. Mozilla Firefox anterior a 31.0 y Thunderbird anterior a 31.0 permiten a atacantes remotos causar una denegación de servicio (interrupción del análisis sintáctico de certificados X.509) a través de un certificado manipulado que no utilice la codificación de caracteres UTF-8 en un contexto requerido, una vulnerabilidad diferente a CVE-2014-1559. • http://secunia.com/advisories/60628 http://www.mozilla.org/security/announce/2014/mfsa2014-65.html http://www.securitytracker.com/id/1030619 http://www.securitytracker.com/id/1030620 https://bugzilla.mozilla.org/show_bug.cgi?id=1015973 https://security.gentoo.org/glsa/201504-01 •

CVSS: 9.3EPSS: 4%CPEs: 11EXPL: 0

CVE-2014-1549

https://notcve.org/view.php?id=CVE-2014-1549

The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox before 31.0 and Thunderbird before 31.0 does not properly allocate Web Audio buffer memory, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via crafted audio content that is improperly handled during playback buffering. La función mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer en Mozilla Firefox anterior a 31.0 y Thunderbird anterior a 31.0 no asigna debidamente la memoria del buffer Web Audio, lo que permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (desbordamiento de buffer y caída de aplicación) a través de contenido de audio manipulado que se maneja indebidamente durante el uso del búfer de reproducción. • http://secunia.com/advisories/59760 http://secunia.com/advisories/60628 http://www.mozilla.org/security/announce/2014/mfsa2014-57.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securityfocus.com/bid/68820 http://www.securitytracker.com/id/1030619 http://www.securitytracker.com/id/1030620 https://bugzilla.mozilla.org/show_bug.cgi?id=1020205 https://security.gentoo.org/glsa/201504-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 2%CPEs: 11EXPL: 0

CVE-2014-1559

https://notcve.org/view.php?id=CVE-2014-1559

Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1558. Mozilla Firefox anterior a 31.0 y Thunderbird anterior a 31.0 permiten a atacantes remotos causar una denegación de servicio (interrupción del análisis sintáctico de certificados X.509) a través de un certificado manipulado que no utilice la codificación de caracteres UTF-8 en un contexto requerido, una vulnerabilidad diferente a CVE-2014-1558. • http://secunia.com/advisories/60628 http://www.mozilla.org/security/announce/2014/mfsa2014-65.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securitytracker.com/id/1030619 http://www.securitytracker.com/id/1030620 https://bugzilla.mozilla.org/show_bug.cgi?id=1026022 https://security.gentoo.org/glsa/201504-01 •

CVSS: 4.3EPSS: 1%CPEs: 11EXPL: 0

CVE-2014-1560

https://notcve.org/view.php?id=CVE-2014-1560

Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use ASCII character encoding in a required context. Mozilla Firefox anterior a 31.0 y Thunderbird anterior a 31.0 permiten a atacantes remotos causar una denegación de servicio (interrupción del análisis sintáctico de certificados X.509) a través de un certificado manipulado que no utilice la codificación de caracteres ASCII en un contexto requerido. • http://secunia.com/advisories/60628 http://www.mozilla.org/security/announce/2014/mfsa2014-65.html http://www.securitytracker.com/id/1030619 http://www.securitytracker.com/id/1030620 https://bugzilla.mozilla.org/show_bug.cgi?id=997795 https://security.gentoo.org/glsa/201504-01 •

CVSS: 10.0EPSS: 26%CPEs: 11EXPL: 0

CVE-2014-1548

https://notcve.org/view.php?id=CVE-2014-1548

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades no especificadas en el motor del navegador en Mozilla Firefox anterior a 31.0 y Thunderbird anterior a 31.0 permiten a atacantes remotos causar una denegación de servicio (corrupción de memoria y caída de aplicación) o posiblemente ejecutar código arbitrario a través de vectores desconocidos. • http://secunia.com/advisories/59719 http://secunia.com/advisories/59760 http://secunia.com/advisories/60083 http://secunia.com/advisories/60621 http://secunia.com/advisories/60628 http://www.mozilla.org/security/announce/2014/mfsa2014-56.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securityfocus.com/bid/68818 http://www.securitytracker.com/id/1030619 http://www.securitytracker.com/id/1030620 https://bugzilla.mozilla.org/show_bug.cgi •