Page 142 of 1061 results (0.013 seconds)

CVSS: 6.8EPSS: 9%CPEs: 8EXPL: 0

Buffer overflow in the vp9_init_context_buffers function in libvpx, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3, allows remote attackers to execute arbitrary code via a crafted VP9 file. Desbordamiento del buffer en la función vp9_init_context_buffers en libvpx, tal como se utiliza en Mozilla Firefox en versiones anteriores a 41.0 y Firefox ESR 38.x en versiones anteriores a 38.3, permite a atacantes remotos ejecutar código arbitrario a través de un archivo VP9 manipulado. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html http://rhn.redhat.com/errata/RHSA-2015-1834.html http:&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 7.5EPSS: 6%CPEs: 8EXPL: 0

The XULContentSinkImpl::AddText function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an "overflow." Vulnerabilidad en la función XULContentSinkImpl::AddText en Mozilla Firefox en versiones anteriores a 41.0 y Firefox ESR 38.x en versiones anteriores a 38.3, podría permitir a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) o posiblemente tener otro impacto no especificado a través de vectores desconocidos, relacionada con un 'desbordamiento'. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html http://rhn.redhat.com/errata/RHSA-2015-1834.html http:&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-250: Execution with Unnecessary Privileges •

CVSS: 7.5EPSS: 6%CPEs: 8EXPL: 0

The InitTextures function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors. Vulnerabilidad en la función InitTextures en Mozilla Firefox en versiones anteriores a 41.0 y Firefox ESR 38.x en versiones anteriores a 38.3, podría permitir a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) o posiblemente tener otro impacto no especificado a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html http://rhn.redhat.com/errata/RHSA-2015-1834.html http:&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-250: Execution with Unnecessary Privileges •

CVSS: 7.5EPSS: 6%CPEs: 8EXPL: 0

The nsAttrAndChildArray::GrowBy function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an "overflow." Vulnerabilidad en la función nsAttrAndChildArray::GrowBy en Mozilla Firefox en versiones anteriores a 41.0 y Firefox ESR 38.x en versiones anteriores a 38.3, podría permitir a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) o posiblemente tener otro impacto no especificado a través de vectores desconocidos, relacionada con un 'desbordamiento'. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html http://rhn.redhat.com/errata/RHSA-2015-1834.html http:&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-250: Execution with Unnecessary Privileges •

CVSS: 7.5EPSS: 7%CPEs: 8EXPL: 0

The AnimationThread function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 uses an incorrect argument to the sscanf function, which might allow remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via unknown vectors. Vulnerabilidad en la función AnimationThread en Mozilla Firefox en versiones anteriores a 41.0 y Firefox ESR 38.x en versiones anteriores a 38.3, utiliza un argumento incorrecto en la función sscanf, lo que podría permitir a atacantes remotos provocar una denegación de servicio (desbordamiento del buffer basado en pila y caída de la aplicación) o posiblemente tener otro impacto no especificado a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html http://rhn.redhat.com/errata/RHSA-2015-1834.html http:&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-250: Execution with Unnecessary Privileges •