CVE-2016-5292
https://notcve.org/view.php?id=CVE-2016-5292
During URL parsing, a maliciously crafted URL can cause a potentially exploitable crash. This vulnerability affects Firefox < 50. Durante el análisis de URL, una URL maliciosamente manipulada podría provocar un cierre inesperado potencialmente explotable. La vulnerabilidad afecta a Firefox en versiones anteriores a la 50. • http://www.securityfocus.com/bid/94337 http://www.securitytracker.com/id/1037298 https://bugzilla.mozilla.org/show_bug.cgi?id=1288482 https://www.mozilla.org/security/advisories/mfsa2016-89 • CWE-20: Improper Input Validation •
CVE-2016-9067
https://notcve.org/view.php?id=CVE-2016-9067
Two use-after-free errors during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox < 50. Dos errores de uso de memoria previamente liberada durante operaciones DOM resultan en cierres inesperados potencialmente explotables. La vulnerabilidad afecta a Firefox en versiones anteriores a la 50. • http://www.securityfocus.com/bid/94337 http://www.securitytracker.com/id/1037298 https://bugzilla.mozilla.org/show_bug.cgi?id=1301777 https://bugzilla.mozilla.org/show_bug.cgi?id=1308922 https://www.mozilla.org/security/advisories/mfsa2016-89 • CWE-416: Use After Free •
CVE-2016-9068
https://notcve.org/view.php?id=CVE-2016-9068
A use-after-free during web animations when working with timelines resulting in a potentially exploitable crash. This vulnerability affects Firefox < 50. Un uso de memoria previamente liberada durante las animaciones web al trabajar con timelines resulta en un cierre inesperado potencialmente explotable. La vulnerabilidad afecta a Firefox en versiones anteriores a la 50. • http://www.securityfocus.com/bid/94337 http://www.securitytracker.com/id/1037298 https://bugzilla.mozilla.org/show_bug.cgi?id=1302973 https://www.mozilla.org/security/advisories/mfsa2016-89 • CWE-416: Use After Free •
CVE-2016-9076
https://notcve.org/view.php?id=CVE-2016-9076
An issue where a "<select>" dropdown menu can be used to cover location bar content, resulting in potential spoofing attacks. This attack requires e10s to be enabled in order to function. This vulnerability affects Firefox < 50. Un problema por el cual un menú desplegable "" puede emplearse para cubrir el contenido de la barra de direcciones, lo que resulta en potenciales ataques de suplantación. Este ataque requiere que los e10s estén habilitados para tener éxito. • http://www.securityfocus.com/bid/94337 http://www.securitytracker.com/id/1037298 https://bugzilla.mozilla.org/show_bug.cgi?id=1276976 https://www.mozilla.org/security/advisories/mfsa2016-89 • CWE-20: Improper Input Validation •
CVE-2016-9073
https://notcve.org/view.php?id=CVE-2016-9073
WebExtensions can bypass security checks to load privileged URLs and potentially escape the WebExtension sandbox. This vulnerability affects Firefox < 50. WebExtensions puede omitir las comprobaciones de seguridad para cargar URL privilegiadas y escapar del sandbox de WebExtension. La vulnerabilidad afecta a Firefox en versiones anteriores a la 50. • http://www.securityfocus.com/bid/94337 http://www.securitytracker.com/id/1037298 https://bugzilla.mozilla.org/show_bug.cgi?id=1289273 https://www.mozilla.org/security/advisories/mfsa2016-89 • CWE-264: Permissions, Privileges, and Access Controls •