CVSS: 9.8EPSS: 2%CPEs: 28EXPL: 1CVE-2013-5616 – Mozilla: Use-after-free in event listeners (MFSA 2013-108)
https://notcve.org/view.php?id=CVE-2013-5616
Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners. Vulnerabilidad de liberación despues de uso en la función nsEventListenerManager :: HandleEventSubType en Mozilla Firefox anterior a 26.0, Firefox ESR 24.x anterior a 24.2, Thunderbird antes de 24.2, y SeaMonkey anterior a 2.23 que permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio ( corrupción de memoria heap) a través de vectores relacionados con los detectores de eventos mListeners. • http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html http://lists.opensuse.org/opensuse-updates/2013 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 3%CPEs: 28EXPL: 1CVE-2013-6671 – Mozilla: Segmentation violation when replacing ordered list elements (MFSA 2013-111)
https://notcve.org/view.php?id=CVE-2013-6671
The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements. L función nsGfxScrollFrameInner::IsLTR en Mozilla Firefox anterior a 26.0, Firefox ESR 24.x anteriores a 24.2, Thunderbird anteriores a 24.2, y SeaMonkey anteriores a 2.23 permite a atacantes remotos ejecutar código de forma arbitraria a través del uso de código JavaScript manipulado para listas ordenadas de elementos. • http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html http://lists.opensuse.org/opensuse-updates/2013 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 0%CPEs: 28EXPL: 2CVE-2013-5613 – Mozilla: Use-after-free in synthetic mouse movement (MFSA 2013-114)
https://notcve.org/view.php?id=CVE-2013-5613
Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function. Vulnerabilidad de liberación despues de uso en la función PresShell :: DispatchSynthMouseMove en Mozilla Firefox anterior a 26.0, Firefox ESR 24.x antes 24.2, Thunderbird antes de 24.2, y SeaMonkey anterior a 2.23 que permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria heap) a través de vectores relacionados con el movimiento del ratón sintética, con la función RestyleManager :: GetHoverGeneration. • http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html http://lists.opensuse.org/opensuse-updates/2013 • CWE-416: Use After Free •
CVSS: 5.0EPSS: 59%CPEs: 15EXPL: 0CVE-2013-6712 – php: heap-based buffer over-read in DateInterval
https://notcve.org/view.php?id=CVE-2013-6712
The scan function in ext/date/lib/parse_iso_intervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted interval specification. La función de análisis en ext/date/lib/parse_iso_intervals.c de PHP hasta la versión 5.5.6 no restringe adecuadamente la creación de objetos DateInterval, lo que podría permitir a atacantes remotos provocar una denegación de servicio (desbordamiento de búfer basado en memoria dinámica) a través de una especificación de intervalo manipulada. A buffer over-read flaw was found in the way the DateInterval class parsed interval specifications. An attacker able to make a PHP application parse a specially crafted specification using DateInterval could possibly cause the PHP interpreter to crash. • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=12fe4e90be7bfa2a763197079f68f5568a14e071 http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00125.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00126.html http://rhn.redhat.com/errata/RHSA-2014-1765.html http://www.debian.org/security/2013/dsa-2816 http://www.ubuntu.com/usn/USN-2055-1 https://bugs.php.net/bug.php?id=66060 https://h20564&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 7.5EPSS: 95%CPEs: 9EXPL: 2CVE-2013-4547 – Nginx 1.1.17 - URI Processing SecURIty Bypass
https://notcve.org/view.php?id=CVE-2013-4547
nginx 0.8.41 through 1.4.3 and 1.5.x before 1.5.7 allows remote attackers to bypass intended restrictions via an unescaped space character in a URI. nginx 0.8.41 hasta la versión 1.4.3 y 1.5.x anterior a la versión 1.5.7 permite a atacantes remotos evadir restricciones intencionadas a través de un carácter de espacio sin escape en una URI. • https://www.exploit-db.com/exploits/38846 https://github.com/cyberharsh/Nginx-CVE-2013-4547 http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00007.html http://lists.opensuse.org/opensuse-updates/2013-11/msg00084.html http://lists.opensuse.org/opensuse-updates/2013-11/msg00118.html http://lists.opensuse.org/opensuse-updates/2013-11/msg00119.html http://mailman.nginx.org/pipermail/nginx-announce/2013/000125.html http://secunia.com/advisories/55757 http://secunia.com/advisor • CWE-116: Improper Encoding or Escaping of Output •