CVSS: 9.8EPSS: 11%CPEs: 20EXPL: 0CVE-2013-0787 – Mozilla Firefox nsHTMLEditRules Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-0787
11 Mar 2013 — Use-after-free vulnerability in the nsEditor::IsPreformatted function in editor/libeditor/base/nsEditor.cpp in Mozilla Firefox before 19.0.2, Firefox ESR 17.x before 17.0.4, Thunderbird before 17.0.4, Thunderbird ESR 17.x before 17.0.4, and SeaMonkey before 2.16.1 allows remote attackers to execute arbitrary code via vectors involving an execCommand call. Vulnerabilidad en la gestión de recursos en la función nsEditor::IsPreformatted en editor/libeditor/base/nsEditor.cpp en Mozilla Firefox anterior a v19.0.... • http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Pwn2Own-2013/ba-p/5981157 • CWE-399: Resource Management Errors CWE-416: Use After Free •
CVSS: 9.8EPSS: 4%CPEs: 22EXPL: 0CVE-2013-0783 – Mozilla: Miscellaneous memory safety hazards (rv:17.0.3) (MFSA 2013-21)
https://notcve.org/view.php?id=CVE-2013-0783
19 Feb 2013 — Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades no especificadas en el motor de navegación en Mozilla Firefox anterior a v19.0, Firefox ESR v17.x anterior a v17.0.3, Thund... • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html •
CVSS: 9.8EPSS: 1%CPEs: 12EXPL: 0CVE-2013-0781 – Gentoo Linux Security Advisory 201309-23
https://notcve.org/view.php?id=CVE-2013-0781
19 Feb 2013 — Use-after-free vulnerability in the nsPrintEngine::CommonPrint function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. Vulnerabilidad de uso después de liberación en la función nsPrintEngine::CommonPrint en Mozilla Firefox anterior a v19.0, Thunderbird anterior a v17.0.3, y SeaMonkey anterior a v2.16 permite a atacantes remotos ejecutar código... • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html • CWE-416: Use After Free •
CVSS: 8.1EPSS: 1%CPEs: 18EXPL: 0CVE-2013-0772 – Mozilla: Out-of-bounds read in image rendering (MFSA 2013-22)
https://notcve.org/view.php?id=CVE-2013-0772
19 Feb 2013 — The RasterImage::DrawFrameTo function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) via a crafted GIF image. La función RasterImage::DrawFrameTo function en Mozilla Firefox anterior a v19.0, Thunderbird anterior a v17.0.3, y SeaMonkey anterior a v2.16, permite a atacantes remotos obtener información sensible de los procesos... • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 1%CPEs: 9EXPL: 0CVE-2013-0765 – Gentoo Linux Security Advisory 201309-23
https://notcve.org/view.php?id=CVE-2013-0765
19 Feb 2013 — Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 do not prevent multiple wrapping of WebIDL objects, which allows remote attackers to bypass intended access restrictions via unspecified vectors. Mozilla Firefox antes de v19.0, Thunderbird antes v17.0.3 y SeaMonkey antes de v2.16 no impiden envoltorios múltiples de objetos WebIDL, que permite ataques remotos que evitan las restricciones de acceso destinados a través de vectores sin especificar. Multiple vulnerabilities have b... • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html •
CVSS: 9.8EPSS: 1%CPEs: 22EXPL: 0CVE-2013-0782 – Mozilla: Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer (MFSA 2013-28)
https://notcve.org/view.php?id=CVE-2013-0782
19 Feb 2013 — Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via unspecified vectors. Desbordamiento de búfer basado en memoria dinámica en la función nsSaveAsCharset::DoCharsetConversion en Mozilla Firefox anterior a v19.0, Firefox ESR v17.x anterior a v17.0.3, Thunderbird anterior a v17.... • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 12EXPL: 3CVE-2013-0784 – Gentoo Linux Security Advisory 201309-23
https://notcve.org/view.php?id=CVE-2013-0784
19 Feb 2013 — Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades sin especificar en el motor de búsqueda de Mozilla Firefox, Thunderbird antes de v19.0 antes de v17.0.3 y SeaMonkey antes de v2.16 que permite ataques remotos que provocan una denegación de s... • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html •
CVSS: 9.1EPSS: 0%CPEs: 12EXPL: 1CVE-2013-0774 – Gentoo Linux Security Advisory 201309-23
https://notcve.org/view.php?id=CVE-2013-0774
19 Feb 2013 — Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent JavaScript workers from reading the browser-profile directory name, which has unspecified impact and remote attack vectors. Mozilla Firefox anterior a v19.0, Firefox ESR v17.x anterior a v17.0.3, Thunderbird anterior a v17.0.3, Thunderbird ESR v17.x anterior a v17.0.3, y SeaMonkey anterior a v2.16 no previene la lectura de JavaScript desde el di... • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html •
CVSS: 9.3EPSS: 0%CPEs: 13EXPL: 0CVE-2013-0773 – Debian Security Advisory 2699-1
https://notcve.org/view.php?id=CVE-2013-0773
19 Feb 2013 — The Chrome Object Wrapper (COW) and System Only Wrapper (SOW) implementations in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent modifications to a prototype, which allows remote attackers to obtain sensitive information from chrome objects or possibly execute arbitrary JavaScript code with chrome privileges via a crafted web site. Las implementaciones de Chrome Object Wrapper (COW) y System ... • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html •
CVSS: 9.8EPSS: 1%CPEs: 12EXPL: 0CVE-2013-0778 – Gentoo Linux Security Advisory 201309-23
https://notcve.org/view.php?id=CVE-2013-0778
19 Feb 2013 — The ClusterIterator::NextCluster function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors. La función ClusterIterator::NextCluster en Mozilla Firefox anterior a v19.0, Thunderbird anterior a v17.0.3, y SeaMonkey anterior a v2.16 permite a atacantes remotos ejecutar código arbitrio o causar una denegación de servicio (lectura fuera de límites) a trav... • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html • CWE-125: Out-of-bounds Read •