CVSS: 10.0EPSS: 59%CPEs: 163EXPL: 0CVE-2011-0080 – Mozilla memory safety issue (MFSA 2011-12)
https://notcve.org/view.php?id=CVE-2011-0080
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Multiples vulnerabilidades no especificadas en el motor del navegador de Mozilla Firefox v3.5.x anterior a v3.5.19 y v3.6.x anterior a v3.6.17, Thunderbird anterior a v.3.1.10 y SeaMonkey anterior a v2.0.14 permite a atacantes remotos generar una denegación de servicio (corrupción de memoria y caída de la aplicación) o posiblemente ejecutar código arbitrario a través de vectores desconocidos. • http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_thunderbird http://downloads.avaya.com/css/P8/documents/100134543 http://downloads.avaya.com/css/P8/documents/100144158 http://www.debian.org/security/2011/dsa-2227 http://www.debian.org/security/2011/dsa-2228 http://www.debian.org/security/2011/dsa-2235 http://www.mandriva.com/security/advisories?name=MDVSA-2011:079 http://www.mandriva.com/security/advisories?name=MDVSA-2011:080 http://www.mozilla.org/security/ •
CVSS: 10.0EPSS: 18%CPEs: 176EXPL: 1CVE-2011-0070 – Mozilla double free flaw (MFSA 2011-12)
https://notcve.org/view.php?id=CVE-2011-0070
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0069. Vulnerabilidad no especificada en el motor del navegador de Mozilla Firefox v3.5.x anterior a v3.5.19, v3.6.x anterior a v3.6.17, y v4.x anterior a v4.0.1; Thunderbird anterior a v3.1.10; y SeaMonkey anterior a v2.0.14 permite a atacantes remotos generar una denegación de servicio (corrupción de memoria y caída de la aplicación) o posiblemente ejecutar código arbitrario a través de vectores desconocidos, una vulnerabilidad diferente de CVE-2011-0069. • http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_thunderbird http://downloads.avaya.com/css/P8/documents/100144158 http://www.debian.org/security/2011/dsa-2227 http://www.debian.org/security/2011/dsa-2228 http://www.debian.org/security/2011/dsa-2235 http://www.mandriva.com/security/advisories?name=MDVSA-2011:079 http://www.mandriva.com/security/advisories?name=MDVSA-2011:080 http://www.mozilla.org/security/announce/2011/mfsa2011-12.html http://www.securityfocus. •
CVSS: 10.0EPSS: 27%CPEs: 163EXPL: 0CVE-2011-0077 – Mozilla integer overflow in frameset spec (MFSA 2011-12)
https://notcve.org/view.php?id=CVE-2011-0077
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0075, and CVE-2011-0078. Vulnerabilidad no especificada en el motor del navegador de Mozilla Firefox v3.5.x anterior a v3.5.19 y v3.6.x anterior a v3.6.17, Thunderbird anterior a v3.1.10 y SeaMonkey anterior a v2.0.14 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) o posiblemente ejecutar código arbitrario a través de vectores desconocidos, una vulnerabilidad diferente de CVE-2011-0072, CVE-2011-0074, CVE-2011-0075, y CVE-2011-0078. • http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_thunderbird http://downloads.avaya.com/css/P8/documents/100134543 http://downloads.avaya.com/css/P8/documents/100144158 http://www.debian.org/security/2011/dsa-2227 http://www.debian.org/security/2011/dsa-2228 http://www.debian.org/security/2011/dsa-2235 http://www.mandriva.com/security/advisories?name=MDVSA-2011:079 http://www.mandriva.com/security/advisories?name=MDVSA-2011:080 http://www.mozilla.org/security/ • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 27%CPEs: 163EXPL: 0CVE-2011-0078 – Mozilla OOM condition arbitrary memory write (MFSA 2011-12)
https://notcve.org/view.php?id=CVE-2011-0078
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0075, and CVE-2011-0077. Vulnerabilidad no especificada en el motor del navegador de Mozilla Firefox v3.5.x anterior a v3.5.19 y v3.6.x anterior a v3.6.17, Thunderbird anterior a v3.1.10, y SeaMonkey anterior a v2.0.14 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) o posiblemente ejecutar código arbitrario a través de vectores desconocidos, una vulnerabilidad diferente de CVE-2011-0072, CVE-2011-0074, CVE-2011-0075, y CVE-2011 0077. • http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_thunderbird http://downloads.avaya.com/css/P8/documents/100134543 http://downloads.avaya.com/css/P8/documents/100144158 http://www.debian.org/security/2011/dsa-2227 http://www.debian.org/security/2011/dsa-2228 http://www.debian.org/security/2011/dsa-2235 http://www.mandriva.com/security/advisories?name=MDVSA-2011:079 http://www.mandriva.com/security/advisories?name=MDVSA-2011:080 http://www.mozilla.org/security/ •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 2CVE-2011-1187
https://notcve.org/view.php?id=CVE-2011-1187
Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak." Google Chrome en versiones anteriores a la 10.0.648.127 permite a atacantes remotos evitar la política de mismo origen ("Same Origin Policy") a través de vectores sin especificar. Relacionado con un "error message leak". • http://code.google.com/p/chromium/issues/detail?id=69187 http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html http://secunia.com/advisories/48972 http://secunia.com/advisories/49047 http://secunia.com/advisories/49055 http://www.mozilla.org/security/announce/2012/mfsa2012-32.html http://www.securityfocus.com/bid/46785 http://www.vupen.com/english/advisories/2011/0628 https://bugzilla.mozilla.org/show_bug.cgi?id=624621 https://exchange.xforce.ibmcloud.com/v • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •