CVSS: 9.3EPSS: 2%CPEs: 1EXPL: 0CVE-2014-1540 – Ubuntu Security Notice USN-2243-1
https://notcve.org/view.php?id=CVE-2014-1540
11 Jun 2014 — Use-after-free vulnerability in the nsEventListenerManager::CompileEventHandlerInternal function in the Event Listener Manager in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content. Vulnerabilidad de uso después de liberación en la función nsEventListenerManager::CompileEventHandlerInternal en Event Listener Manager en Mozilla Firefox anterior a 30.0 permite a atacantes remotos ejecutar código arbitrario... • http://lists.opensuse.org/opensuse-updates/2014-06/msg00040.html •
CVSS: 10.0EPSS: 9%CPEs: 1EXPL: 0CVE-2014-1536 – Ubuntu Security Notice USN-2243-1
https://notcve.org/view.php?id=CVE-2014-1536
11 Jun 2014 — The PropertyProvider::FindJustificationRange function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors. La función PropertyProvider::FindJustificationRange en Mozilla Firefox anterior a 30.0 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (lectura fuera de rango) a través de vectores no especificados. Gary Kwong, Christoph Diehl, Christian Holler, Hannes Versch... • http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00019.html •
CVSS: 7.5EPSS: 3%CPEs: 4EXPL: 0CVE-2014-1542 – Ubuntu Security Notice USN-2243-1
https://notcve.org/view.php?id=CVE-2014-1542
11 Jun 2014 — Buffer overflow in the Speex resampler in the Web Audio subsystem in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code via vectors related to a crafted AudioBuffer channel count and sample rate. Desbordamiento de buffer en Speex Resampler en el subsystema Web Audio en Mozilla Firefox anterior a 30.0 permite a atacantes remotos ejecutar código arbitrario a través de vectores relacionados con una tasa manipulada de cuenta y muestreo de canales AudioBuffer. Gary Kwong, Christoph Die... • http://lists.opensuse.org/opensuse-updates/2014-06/msg00040.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 7%CPEs: 1EXPL: 0CVE-2014-1534 – Ubuntu Security Notice USN-2243-1
https://notcve.org/view.php?id=CVE-2014-1534
11 Jun 2014 — Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades no especificadas en el motor del navegador en Mozilla Firefox anterior a 30.0 permiten a atacantes remotos causar una denegación de servicio (corrupción de memoria y caída de aplicación) o posiblemente ejecutar código arbitrario a través de vect... • http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00019.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 8%CPEs: 1EXPL: 0CVE-2014-1537 – Ubuntu Security Notice USN-2243-1
https://notcve.org/view.php?id=CVE-2014-1537
11 Jun 2014 — Use-after-free vulnerability in the mozilla::dom::workers::WorkerPrivateParent function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. Vulnerabilidad de uso después de liberación en la función mozilla::dom::workers::WorkerPrivateParent en Mozilla Firefox anterior a 30.0 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria dinámica) a tr... • http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00019.html •
CVSS: 9.1EPSS: 0%CPEs: 11EXPL: 0CVE-2014-1539 – Gentoo Linux Security Advisory 201504-01
https://notcve.org/view.php?id=CVE-2014-1539
11 Jun 2014 — Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X do not ensure visibility of the cursor after interaction with a Flash object and a DIV element, which makes it easier for remote attackers to conduct clickjacking attacks via JavaScript code that produces a fake cursor image. Mozilla Firefox anterior a 30.0 y Thunderbird hasta 24.6 en OS X no aseguran la visibilidad del cursor después de una interacción con un objeto Flash y un elemento DIV, lo que facilita a atacantes remotos realizar ataques... • http://lists.opensuse.org/opensuse-updates/2014-06/msg00040.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 28%CPEs: 1EXPL: 0CVE-2014-1543 – Gentoo Linux Security Advisory 201504-01
https://notcve.org/view.php?id=CVE-2014-1543
11 Jun 2014 — Multiple heap-based buffer overflows in the navigator.getGamepads function in the Gamepad API in Mozilla Firefox before 30.0 allow remote attackers to execute arbitrary code by using non-contiguous axes with a (1) physical or (2) virtual Gamepad device. Múltiples desbordamientos de buffer basado en memoria dinámica en la función navigator.getGamepads en la API Gamepad en Mozilla Firefox anterior a 30.0 permiten a atacantes remotos ejecutar código arbitrario mediante el uso de axes no contiguos con un dispos... • http://lists.opensuse.org/opensuse-updates/2014-06/msg00040.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 8%CPEs: 18EXPL: 0CVE-2014-1541 – Mozilla: Use-after-free with SMIL Animation Controller (MFSA 2014-52)
https://notcve.org/view.php?id=CVE-2014-1541
11 Jun 2014 — Use-after-free vulnerability in the RefreshDriverTimer::TickDriver function in the SMIL Animation Controller in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content. Vulnerabilidad de uso después de liberación en la función RefreshDriverTimer::TickDriver en SMIL Animation Controller en Mozilla Firefox anterior a 30.0, Firefox ESR 24.x anterior a 24... • http://linux.oracle.com/errata/ELSA-2014-0741.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 8%CPEs: 18EXPL: 0CVE-2014-1538 – Mozilla: Use-after-free and out of bounds issues found using Address Sanitizer (MFSA 2014-49)
https://notcve.org/view.php?id=CVE-2014-1538
11 Jun 2014 — Use-after-free vulnerability in the nsTextEditRules::CreateMozBR function in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. Vulnerabilidad de uso después de liberación en la función nsTextEditRules::CreateMozBR en Mozilla Firefox anterior a 30.0, Firefox ESR 24.x anterior a 24.6 y Thunderbird anterior a 24.6 permite a atacantes remotos ejecu... • http://linux.oracle.com/errata/ELSA-2014-0741.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 10%CPEs: 10EXPL: 0CVE-2014-1533 – Mozilla: Miscellaneous memory safety hazards (rv:24.6) (MFSA 2014-48)
https://notcve.org/view.php?id=CVE-2014-1533
11 Jun 2014 — Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades no especificadas en el motor del navegador en Mozilla Firefox anterior a 30.0, Firefox ESR 24.x anterior a 24.6 y Thunderbird anterior a 24.6 permiten a atacantes remotos causar una dene... • http://linux.oracle.com/errata/ELSA-2014-0741.html •