Page 148 of 1065 results (0.028 seconds)

CVSS: 6.8EPSS: 1%CPEs: 17EXPL: 0

CVE-2015-4491 – Mozilla: Heap overflow in gdk-pixbuf when scaling bitmap images (MFSA 2015-88)

https://notcve.org/view.php?id=CVE-2015-4491

Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that are mishandled during scaling. Vulnerabilidad de desbordamiento de entero en la función make_filter_table en pixops/pixops.c en gdk-pixbuf en versiones anteriores a 2.31.5, tal como es usado en Mozilla Firefox en versiones anteriores a 40.0 y Firefox ESR 38.x en versiones anteriores a 38.2 en Linux, Google Chrome en Linux y otros productos, permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (desbordamiento de buffer basado en memoria dinámica y caída de aplicación) a través de dimensiones bitmap manipuladas que no son manejadas correctamente durante el escalado.. An integer overflow, leading to a heap-based buffer overflow, was found in the way gdk-pixbuf, an image loading library for GNOME, scaled certain bitmap format images. An attacker could use a specially crafted BMP image file that, when processed by an application compiled against the gdk-pixbuf library, would cause that application to crash or execute arbitrary code with the permissions of the user running the application. • http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165701.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165703.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165730.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165732.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html http://lists.opensuse.org/opensuse • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •

CVSS: 9.3EPSS: 3%CPEs: 10EXPL: 0

CVE-2015-4480 – Mozilla: Overflow issues in libstagefright (MFSA 2015-83)

https://notcve.org/view.php?id=CVE-2015-4480

Integer overflow in the stagefright::SampleTable::isValid function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via crafted MPEG-4 video data with H.264 encoding. Vulnerabilidad de desbordamiento de entero en la función stagefright::SampleTable::isValid de libstagefright en Mozilla Firefox en versiones anteriores a 40.0 y Firefox ESR 38.x en versiones anteriores a 38.2, permite a atacantes remotos ejecutar código arbitrario a través de los datos manipulados de vídeo MPEG-4 con la codificación H.264. • http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html http://lists.opensuse.org/opensuse-updates/2015-08/msg00030.html http://lists.opensuse.org/opensuse-updates/2015-08/msg00031.html http://rhn.redhat.com/errata/RHSA-2015-1586.html http://www.debian.org/security/2015/dsa-3333 http://www.mozilla.org/security/announce/2015/mfsa2015-83.html http://www.oracle.com/technetwork/topics/security/bull • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-189: Numeric Errors •

CVSS: 8.8EPSS: 89%CPEs: 49EXPL: 2

CVE-2015-4495 – Mozilla Firefox Security Feature Bypass Vulnerability

https://notcve.org/view.php?id=CVE-2015-4495

The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015. Vulnerabilidad en el lector de PDF en Mozilla Firefox en versiones anteriores a 39.0.3, Firefox ESR 38.x en versiones anteriores a 38.1.1 y Firefox OS en versiones anteriores a 2.2, permite a atacantes remotos eludir la Same Origin Policy y leer archivos arbitrarios u obtener privilegios a través de vectores que implican código JavaScript manipulado y un setter nativo, tal como se explotó activamente en agosto de 2015. A flaw was discovered in Mozilla Firefox that could be used to violate the same-origin policy and inject web script into a non-privileged part of the built-in PDF file viewer (PDF.js). An attacker could create a malicious web page that, when viewed by a victim, could steal arbitrary files (including private SSH keys, the /etc/passwd file, and other potentially sensitive files) from the system running Firefox. Moxilla Firefox allows remote attackers to bypass the Same Origin Policy to read arbitrary files or gain privileges. • https://www.exploit-db.com/exploits/37772 https://github.com/vincd/CVE-2015-4495 http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html http://lists.opensuse.org/opensuse-security- •

CVSS: 4.3EPSS: 0%CPEs: 25EXPL: 0

CVE-2015-2730 – NSS: ECDSA signature validation fails to handle some signatures correctly (MFSA 2015-64)

https://notcve.org/view.php?id=CVE-2015-2730

Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and other products, does not properly perform Elliptical Curve Cryptography (ECC) multiplications, which makes it easier for remote attackers to spoof ECDSA signatures via unspecified vectors. Mozilla Network Security Services (NSS) anterior a 3.19.1, utilizado en Mozilla Firefox anterior a 39.0, Firefox ESR 31.x anterior a 31.8 y 38.x anterior a 38.1, y otros productos, no realiza correctamente las multiplicaciones Elliptical Curve Cryptography (ECC), lo que facilita a atacantes remotos falsificar firmas ECDSA a través de vectores no especificados. A flaw was found in the way NSS verified certain ECDSA (Elliptic Curve Digital Signature Algorithm) signatures. Under certain conditions, an attacker could use this flaw to conduct signature forgery attacks. • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html http://rhn.redhat.com/errata/RHSA-2015-1664.html http://rhn.redhat.com/errata/RHSA-2015-1699.html http://www.debian.org&#x • CWE-310: Cryptographic Issues CWE-347: Improper Verification of Cryptographic Signature •

CVSS: 5.1EPSS: 0%CPEs: 30EXPL: 1

CVE-2015-2721 – NSS: incorrectly permited skipping of ServerKeyExchange (MFSA 2015-71)

https://notcve.org/view.php?id=CVE-2015-2721

Mozilla Network Security Services (NSS) before 3.19, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, Thunderbird before 38.1, and other products, does not properly determine state transitions for the TLS state machine, which allows man-in-the-middle attackers to defeat cryptographic protection mechanisms by blocking messages, as demonstrated by removing a forward-secrecy property by blocking a ServerKeyExchange message, aka a "SMACK SKIP-TLS" issue. Mozilla Network Security Services (NSS) anterior a 3.19, utilizado en Mozilla Firefox anterior a 39.0, Firefox ESR 31.x anterior a 31.8 y 38.x anterior a 38.1, Thunderbird anterior a 38.1, y otros productos, no determina correctamente las transiciones de estado para la máquina de estados TLS, lo que permite a atacantes man-in-the-middle derrotar los mecanismos de protección criptográfica mediante el bloqueo de mensajes, tal y como fue demostrado mediante la eliminación de una propiedad de confidencialidad adelantada mediante el bloqueo de un mensaje ServerKeyExchange, también conocido como un problema de 'SMACK SKIP-TLS' . It was found that NSS permitted skipping of the ServerKeyExchange packet during a handshake involving ECDHE (Elliptic Curve Diffie-Hellman key Exchange). A remote attacker could use this flaw to bypass the forward-secrecy of a TLS/SSL connection. • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html http://rhn.redhat.com/errata/RHSA-2015-1185.html http://rhn.redhat.com/errata/RHSA-2015-1664.html http://www.debian.org&#x • CWE-310: Cryptographic Issues CWE-358: Improperly Implemented Security Check for Standard •