CVSS: 6.8EPSS: 2%CPEs: 15EXPL: 0CVE-2015-7222 – Mozilla: Integer underflow and buffer overflow processing MP4 metadata in libstagefright (MFSA 2015-147)
https://notcve.org/view.php?id=CVE-2015-7222
Integer underflow in the Metadata::setData function in MetaData.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect memory allocation and application crash) via an MP4 video file with crafted covr metadata that triggers a buffer overflow. Desbordamiento inferior de entero en la función Metadata::setData en MetaData.cpp en libstagefright en Mozilla Firefox en versiones anteriores a 43.0 y Firefox ESR 38.x en versiones anteriores a 38.5 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (asignación de memoria incorrecta y caída de aplicación) a través de un archivo de vídeo MP4 con metadatos covr manipulados que desencadena un desbordamiento de buffer. • http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174083.html http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174253.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00038.html http://lists.opensuse.org/opensuse-security-announce& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 4%CPEs: 15EXPL: 0CVE-2015-7212 – Mozilla: Integer overflow allocating extremely large textures (MFSA 2015-139)
https://notcve.org/view.php?id=CVE-2015-7212
Integer overflow in the mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering a graphics operation that requires a large texture allocation. Desbordamiento de entero en la función mozilla::layers::BufferTextureClient::AllocateForSurface en Mozilla Firefox en versiones anteriores a 43.0 y Firefox ESR 38.x en versiones anteriores a 38.5 permite a atacantes remotos ejecutar código arbitrario desencadenando una operación de gráficos que requiere una gran asignación de textura. • http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174083.html http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174253.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00038.html http://lists.opensuse.org/opensuse-security-announce& • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 6%CPEs: 15EXPL: 0CVE-2015-7210 – Mozilla: Use-after-free in WebRTC when datachannel is used after being destroyed (MFSA 2015-138)
https://notcve.org/view.php?id=CVE-2015-7210
Use-after-free vulnerability in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering attempted use of a data channel that has been closed by a WebRTC function. Vulnerabilidad de uso después de liberación de memoria en Mozilla Firefox en versiones anteriores a 43.0 y Firefox ESR 38.x en versiones anteriores a 38.5 permite a atacantes remotos ejecutar código arbitrario desencadenando el intento de uso de un canal de datos que ha sido cerrado mediante una función WebRTC. • http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174083.html http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174253.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00038.html http://lists.opensuse.org/opensuse-security-announce& • CWE-416: Use After Free •
CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 0CVE-2015-7200 – Mozilla: Vulnerabilities found through code inspection (MFSA 2015-131)
https://notcve.org/view.php?id=CVE-2015-7200
The CryptoKey interface implementation in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lacks status checking, which allows attackers to have an unspecified impact via vectors related to a cryptographic key. La implementación de la interfaz CryptoKey en Mozilla Firefox en versiones anteriores a 42.0 y Firefox ESR 38.x en versiones anteriores a 38.4 carece de comprobación de estado, lo que permite a atacantes tener un impacto no especificado a través de vectores relacionados con una clave criptográfica. • http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html http://lists.opensuse.org/opensuse-updates/2015-12/msg00037.html http://lists.opensuse.org/opensuse-updates/2015-12/msg00049.html http • CWE-17: DEPRECATED: Code •
CVSS: 7.5EPSS: 6%CPEs: 9EXPL: 0CVE-2015-7199 – Mozilla: Vulnerabilities found through code inspection (MFSA 2015-131)
https://notcve.org/view.php?id=CVE-2015-7199
The (1) AddWeightedPathSegLists and (2) SVGPathSegListSMILType::Interpolate functions in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lack status checking, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted SVG document. Las funciones (1) AddWeightedPathSegLists y (2) SVGPathSegListSMILType::Interpolate en Mozilla Firefox en versiones anteriores a 42.0 y Firefox ESR 38.x en versiones anteriores a 38.4 carecen de comprobación de estado, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o posiblemente tener otro impacto no especificado a través de un documento SVG manipulado. • http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html http://lists.opensuse.org/opensuse-updates/2015-12/msg00037.html http://lists.opensuse.org/opensuse-updates/2015-12/msg00049.html http • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •