Page 206 of 1936 results (0.025 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1

CVE-2017-5416

https://notcve.org/view.php?id=CVE-2017-5416

In certain circumstances a networking event listener can be prematurely released. This appears to result in a null dereference in practice. This vulnerability affects Firefox < 52 and Thunderbird < 52. En determinadas circunstancias, un escuchador de eventos de red puede liberarse prematuramente. Esto parece resultar en la práctica en una desreferencia NULL. • http://www.securityfocus.com/bid/96692 http://www.securitytracker.com/id/1037966 https://bugzilla.mozilla.org/show_bug.cgi?id=1328121 https://www.mozilla.org/security/advisories/mfsa2017-05 https://www.mozilla.org/security/advisories/mfsa2017-09 • CWE-476: NULL Pointer Dereference •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2017-5412

https://notcve.org/view.php?id=CVE-2017-5412

A buffer overflow read during SVG filter color value operations, resulting in data exposure. This vulnerability affects Firefox < 52 and Thunderbird < 52. Lectura por desbordamiento de búfer durante las operaciones de valor de color de filtrado SVG, lo que resulta en una exposición de datos. La vulnerabilidad afecta a Firefox en versiones anteriores a la 52 y Thunderbird en versiones anteriores a la 52. • http://www.securityfocus.com/bid/96692 http://www.securitytracker.com/id/1037966 https://bugzilla.mozilla.org/show_bug.cgi?id=1328323 https://www.mozilla.org/security/advisories/mfsa2017-05 https://www.mozilla.org/security/advisories/mfsa2017-09 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-5417

https://notcve.org/view.php?id=CVE-2017-5417

When dragging content from the primary browser pane to the addressbar on a malicious site, it is possible to change the addressbar so that the displayed location following navigation does not match the URL of the newly loaded page. This allows for spoofing attacks. This vulnerability affects Firefox < 52. Al arrastrar contenido del panel del navegador primario a la barra de direcciones de un sitio web malicioso, es posible cambiar la barra de direcciones para que la localización después de la navegación no coincida con la URL de la nueva página cargada. Esto permite ataques de suplantación. • http://www.securityfocus.com/bid/96692 http://www.securitytracker.com/id/1037966 https://bugzilla.mozilla.org/show_bug.cgi?id=791597 https://www.mozilla.org/security/advisories/mfsa2017-05 • CWE-20: Improper Input Validation •

CVSS: 9.8EPSS: 0%CPEs: 21EXPL: 0

CVE-2017-5402 – Mozilla: Use-after-free working with events in FontFace objects (MFSA 2017-06)

https://notcve.org/view.php?id=CVE-2017-5402

A use-after-free can occur when events are fired for a "FontFace" object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8. Puede ocurrir un uso de memoria previamente liberada cuando se lanzan eventos para un objeto "FontFace" una vez el objeto ha sido ya destruido mientras se trabaja con fuentes. Esto resulta en un cierre inesperado potencialmente explotable. • http://rhn.redhat.com/errata/RHSA-2017-0459.html http://rhn.redhat.com/errata/RHSA-2017-0461.html http://rhn.redhat.com/errata/RHSA-2017-0498.html http://www.securityfocus.com/bid/96664 http://www.securitytracker.com/id/1037966 https://bugzilla.mozilla.org/show_bug.cgi?id=1334876 https://security.gentoo.org/glsa/201705-06 https://security.gentoo.org/glsa/201705-07 https://www.debian.org/security/2017/dsa-3805 https://www.debian.org/security/2017/dsa-3832 https • CWE-416: Use After Free •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1

CVE-2017-5406

https://notcve.org/view.php?id=CVE-2017-5406

A segmentation fault can occur in the Skia graphics library during some canvas operations due to issues with mask/clip intersection and empty masks. This vulnerability affects Firefox < 52 and Thunderbird < 52. Puede ocurrir un fallo de segmentación en la biblioteca de gráficos Skia durante algunas operaciones canvas debido a problemas con la intersección de máscaras/clips y las máscaras vacías. La vulnerabilidad afecta a Firefox en versiones anteriores a la 52 y Thunderbird en versiones anteriores a la 52. • http://www.securityfocus.com/bid/96692 http://www.securitytracker.com/id/1037966 https://bugzilla.mozilla.org/show_bug.cgi?id=1306890 https://www.mozilla.org/security/advisories/mfsa2017-05 https://www.mozilla.org/security/advisories/mfsa2017-09 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •