Page 208 of 2025 results (0.013 seconds)

CVSS: 5.6EPSS: 0%CPEs: 22EXPL: 1

CVE-2017-5405 – Mozilla: FTP response codes can cause use of uninitialized values for ports (MFSA 2017-06)

https://notcve.org/view.php?id=CVE-2017-5405

Certain response codes in FTP connections can result in the use of uninitialized values for ports in FTP operations. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8. Ciertos códigos de respuesta en las conexiones FTP pueden resultar en el uso de valores no inicializados para los puertos en las operaciones FTP. La vulnerabilidad afecta a Firefox en versiones anteriores a la 52, Firefox ESR en versiones anteriores a la 45.8, Thunderbird en versiones anteriores a la 52 y Thunderbird en versiones anteriores a la 45.8. • http://rhn.redhat.com/errata/RHSA-2017-0459.html http://rhn.redhat.com/errata/RHSA-2017-0461.html http://rhn.redhat.com/errata/RHSA-2017-0498.html http://www.securityfocus.com/bid/96693 http://www.securitytracker.com/id/1037966 https://bugzilla.mozilla.org/show_bug.cgi?id=1336699 https://security.gentoo.org/glsa/201705-06 https://security.gentoo.org/glsa/201705-07 https://www.debian.org/security/2017/dsa-3805 https://www.debian.org/security/2017/dsa-3832 https • CWE-1187: DEPRECATED: Use of Uninitialized Resource •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2017-5385

https://notcve.org/view.php?id=CVE-2017-5385

Data sent with in multipart channels, such as the multipart/x-mixed-replace MIME type, will ignore the referrer-policy response header, leading to potential information disclosure for sites using this header. This vulnerability affects Firefox < 51. Los datos enviados en canales multiparte, como el tipo MIME multipart/x-mixed-replace, ignorarán la cabecera de respuesta Referrer-Policy, lo que conduce a una potencial divulgación de información en los sitios que emplean esta cabecera. La vulnerabilidad afecta a Firefox en versiones anteriores a la 51. • http://www.securityfocus.com/bid/95763 http://www.securitytracker.com/id/1037693 https://bugzilla.mozilla.org/show_bug.cgi?id=1295945 https://www.mozilla.org/security/advisories/mfsa2017-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2017-5374

https://notcve.org/view.php?id=CVE-2017-5374

Memory safety bugs were reported in Firefox 50.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 51. Se han reportado errores de seguridad de memoria en Firefox 50,1. Algunos de estos errores mostraron evidencias de corrupción de memoria y se entiende que, con el suficiente esfuerzo, algunos de estos podrían explotarse para ejecutar código arbitrario. • http://www.securityfocus.com/bid/95759 http://www.securitytracker.com/id/1037693 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1325344%2C1317501%2C1311319%2C1329989%2C1300145%2C1322305%2C1288561%2C1295747%2C1318766%2C1297808%2C1321374%2C1324810%2C1313385%2C1319888%2C1302231%2C1307458%2C1293327%2C1315447%2C1319456 https://www.mozilla.org/security/advisories/mfsa2017-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-5377

https://notcve.org/view.php?id=CVE-2017-5377

A memory corruption vulnerability in Skia that can occur when using transforms to make gradients, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 51. Puede ocurrir una vulnerabilidad de corrupción de memoria en Skia al emplear transforms para realizar gradientes, lo que resulta en un cierre inesperado potencialmente explotable. La vulnerabilidad afecta a Firefox en versiones anteriores a la 51. • http://www.securityfocus.com/bid/95761 http://www.securitytracker.com/id/1037693 https://bugzilla.mozilla.org/show_bug.cgi?id=1306883 https://www.mozilla.org/security/advisories/mfsa2017-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-5393

https://notcve.org/view.php?id=CVE-2017-5393

The "mozAddonManager" allows for the installation of extensions from the CDN for addons.mozilla.org, a publicly accessible site. This could allow malicious extensions to install additional extensions from the CDN in combination with an XSS attack on Mozilla AMO sites. This vulnerability affects Firefox < 51. "mozAddonManager" permite la instalación de extensiones del CDN para addons.mozilla.org, un sitio accesible de forma pública. Esto podría permitir que extensiones maliciosas instalen extensiones adicionales del CDN en combinación con un ataque de Cross-Site Scripting (XSS) en sitios Mozilla AMO. • http://www.securityfocus.com/bid/95763 http://www.securitytracker.com/id/1037693 https://bugzilla.mozilla.org/show_bug.cgi?id=1309282 https://www.mozilla.org/security/advisories/mfsa2017-01 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •