Page 207 of 1960 results (0.007 seconds)

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1

If a malicious site repeatedly triggers a modal authentication prompt, eventually the browser UI will become non-responsive, requiring shutdown through the operating system. This is a denial of service (DOS) attack. This vulnerability affects Firefox < 52 and Thunderbird < 52. Si un sitio web malicioso desencadena repetidamente un mensaje de autenticación modal, la interfaz de usuario del navegador dejará de responder y será necesario cerrarlo a través del sistema operativo. Esto es un ataque de denegación de servicio (DoS). • http://www.securityfocus.com/bid/96692 http://www.securitytracker.com/id/1037966 https://bugzilla.mozilla.org/show_bug.cgi?id=1312243 https://www.mozilla.org/security/advisories/mfsa2017-05 https://www.mozilla.org/security/advisories/mfsa2017-09 •

CVSS: 10.0EPSS: 0%CPEs: 20EXPL: 0

Memory safety bugs were reported in Thunderbird 45.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8. Se han reportado errores de seguridad de memoria en Thunderbird 45.7. Algunos de estos errores mostraron evidencias de corrupción de memoria y se entiende que, con el suficiente esfuerzo, algunos de estos podrían explotarse para ejecutar código arbitrario. • http://rhn.redhat.com/errata/RHSA-2017-0459.html http://rhn.redhat.com/errata/RHSA-2017-0461.html http://rhn.redhat.com/errata/RHSA-2017-0498.html http://www.securityfocus.com/bid/96651 http://www.securitytracker.com/id/1037966 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1332550%2C1332597%2C1338383%2C1321612%2C1322971%2C1333568%2C1333887%2C1335450%2C1325052%2C1324379%2C1336510 https://security.gentoo.org/glsa/201705-06 https://security.gentoo.org/glsa/201705-07 https://www.debian.org&#x • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

A "javascript:" url loaded by a malicious page can obfuscate its location by blanking the URL displayed in the addressbar, allowing for an attacker to spoof an existing page without the malicious page's address being displayed correctly. This vulnerability affects Firefox < 52. Una URL "javascript:" cargada por una página maliciosa puede ofuscar su ubicación dejando en blanco la URL mostrada en la barra de direcciones, lo que permite que un atacante suplante una página existente sin que la dirección maliciosa de la página se muestre correctamente. La vulnerabilidad afecta a Firefox en versiones anteriores a la 52. • http://www.securityfocus.com/bid/96692 http://www.securitytracker.com/id/1037966 https://bugzilla.mozilla.org/show_bug.cgi?id=1284395 https://www.mozilla.org/security/advisories/mfsa2017-05 • CWE-20: Improper Input Validation •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

A non-existent chrome.manifest file will attempt to be loaded during startup from the primary installation directory. If a malicious user with local access puts chrome.manifest and other referenced files in this directory, they will be loaded and activated during startup. This could result in malicious software being added without consent or modification of referenced installed files. This vulnerability affects Firefox < 52. Un archivo chrome.manifest inexistente intentará cargarse durante el arranque desde el directorio de instalación primario. • http://www.securityfocus.com/bid/96692 http://www.securitytracker.com/id/1037966 https://bugzilla.mozilla.org/show_bug.cgi?id=1295542 https://www.mozilla.org/security/advisories/mfsa2017-05 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 1

An out of bounds read error occurs when parsing some HTTP digest authorization responses, resulting in information leakage through the reading of random memory containing matches to specifically set patterns. This vulnerability affects Firefox < 52 and Thunderbird < 52. Ocurre un error de lectura fuera de límites al analizar algunas respuestas HTTP de autorización digest, lo que resulta en una fuga de información mediante la lectura de memoria aleatoria que contiene coincidencias a patrones establecidos específicamente. La vulnerabilidad afecta a Firefox en versiones anteriores a la 52 y Thunderbird en versiones anteriores a la 52. • http://www.securityfocus.com/bid/96692 http://www.securitytracker.com/id/1037966 https://bugzilla.mozilla.org/show_bug.cgi?id=1338876 https://www.mozilla.org/security/advisories/mfsa2017-05 https://www.mozilla.org/security/advisories/mfsa2017-09 • CWE-125: Out-of-bounds Read •