Page 152 of 1170 results (0.010 seconds)

CVSS: 9.3EPSS: 1%CPEs: 12EXPL: 0

CVE-2012-3989

https://notcve.org/view.php?id=CVE-2012-3989

Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly perform a cast of an unspecified variable during use of the instanceof operator on a JavaScript object, which allows remote attackers to execute arbitrary code or cause a denial of service (assertion failure) via a crafted web site. Mozilla Firefox v16.0, Thunderbird antes de v16.0, Thunderbird ESR v10.x antes de v10.0.8, y SeaMonkey antes de v2.13, no realiza una conversión de una variable no especificada durante el uso del operador instanceof en un objeto de JavaScript, lo que permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (error de aserción) a través de un sitio web manipulado. • http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00010.html http://osvdb.org/86097 http://secunia.com/advisories/50856 http://secunia.com/advisories/50892 http://secunia.com/advisories/50904 http://secunia.com/advisories/50935 http://secunia.com/advisories/50984 http://www.mozilla.org/security/announce/2012/mfsa2012-80.html http://www.ubuntu.com/usn/USN-1611-1 https://bugzilla.mozilla.org/show_bug.cgi?id=783867 https://oval.cisecurity.org/repository/search • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 3%CPEs: 23EXPL: 0

CVE-2012-3990 – Mozilla: Use-after-free in the IME State Manager (MFSA 2012-87)

https://notcve.org/view.php?id=CVE-2012-3990

Use-after-free vulnerability in the IME State Manager implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors, related to the nsIContent::GetNameSpaceID function. Vulnerabilidad de uso después de liberación en Mozilla Firefox v16.0, Firefox ESR v10.x antes de v10.0.8, Thunderbird antes de v16.0, Thunderbird ESR v10.x antes de v10.0.8, y SeaMonkey antes de v2.13, permite a atacantes remotos ejecutar código de su elección a través de vectores no especificados, relacionado con la función nsIContent::GetNameSpaceID. • http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00010.html http://rhn.redhat.com/errata/RHSA-2012-1351.html http://secunia.com/advisories/50856 http://secunia.com/advisories/50892 http://secunia.com/advisories/50904 http://secunia.com/advisories/50935 http://secunia.com/advisories/50936 http://secunia.com/advisories/50984 http://secunia.com/advisories/51181 http://secunia.com/advisories/55318 http://www.debian.org/security/2012/dsa-2565 http://www.debian&# • CWE-416: Use After Free •

CVSS: 9.3EPSS: 71%CPEs: 23EXPL: 0

CVE-2012-4188 – Mozilla: Heap memory corruption issues found using Address Sanitizer (MFSA 2012-86)

https://notcve.org/view.php?id=CVE-2012-4188

Heap-based buffer overflow in the Convolve3x3 function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors. Desbordamiento de búfer basado en memoria dinámica en la función Convolve3x3 en Mozilla Firefox v16.0, Firefox ESR v10.x antes de v10.0.8, Thunderbird antes de v16.0, Thunderbird ESR v10.x antes de v10.0.8, y SeaMonkey antes de v2.13, permite a atacantes remotos ejecutar código de su elección a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00010.html http://osvdb.org/86096 http://rhn.redhat.com/errata/RHSA-2012-1351.html http://secunia.com/advisories/50856 http://secunia.com/advisories/50892 http://secunia.com/advisories/50904 http://secunia.com/advisories/50935 http://secunia.com/advisories/50936 http://secunia.com/advisories/50984 http://secunia.com/advisories/51181 http://secunia.com/advisories/55318 http://www.debian.org/security/2012/dsa& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 5%CPEs: 12EXPL: 0

CVE-2012-3983

https://notcve.org/view.php?id=CVE-2012-3983

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades no especificadas en el motor del navegador de Mozilla Firefox antes de v16.0, Thunderbird antes 16.0 y SeaMonkey antes de v2.13, permitir a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) o posiblemente ejecutar código arbitrario a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00010.html http://secunia.com/advisories/50856 http://secunia.com/advisories/50892 http://secunia.com/advisories/50904 http://secunia.com/advisories/50935 http://secunia.com/advisories/50984 http://secunia.com/advisories/55318 http://www.mozilla.org/security/announce/2012/mfsa2012-74.html http://www.ubuntu.com/usn/USN-1611-1 https://bugzilla.mozilla.org/show_bug.cgi?id=634444 https://bugzilla.mozilla.org/show • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 1%CPEs: 12EXPL: 0

CVE-2012-3984

https://notcve.org/view.php?id=CVE-2012-3984

Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has a SELECT element's menu active, which allows remote attackers to spoof page content via vectors involving absolute positioning and scrolling. Mozilla Firefox v16.0, Thunderbird antes de v16.0, y SeaMonkey antes de v2.13, no controla correctamente la navegación más allá de una página web que tiene activo un elemento de menú SELECT, lo que permite a atacantes remotos falsificar contenido de la página a través de vectores relacionados con el posicionamiento absoluto y el desplazamiento. • http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00010.html http://secunia.com/advisories/50856 http://secunia.com/advisories/50892 http://secunia.com/advisories/50904 http://secunia.com/advisories/50935 http://secunia.com/advisories/50984 http://www.mozilla.org/security/announce/2012/mfsa2012-75.html http://www.ubuntu.com/usn/USN-1611-1 https://bugzilla.mozilla.org/show_bug.cgi?id=575294 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova •