Page 22 of 691 results (0.012 seconds)

CVSS: 9.3EPSS: 2%CPEs: 109EXPL: 0

Integer overflow in the drawLineLoop function in the libGLESv2 library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox before 24.0 and SeaMonkey before 2.21, allows remote attackers to execute arbitrary code via a crafted web site. El desbordamiento de enteros en la función drawLineLoop en la biblioteca libGLESv2 de Almost Native Graphics Layer Engine (ANGLE), tal como se utiliza en Mozilla Firefox anterior a 24.0 y SeaMonkey anterior a 2.21, permite a atacantes remotos ejecutar código de su elección a través de un sitio web manipulado. • http://lists.fedoraproject.org/pipermail/package-announce/2013-September/115907.html http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116610.html http://lists.fedoraproject.org/pipermail/package-announce/2013-September/117526.html http://lists.opensuse.org/opensuse-updates/2013-09/msg00055.html http://lists.opensuse.org/opensuse-updates/2013-09/msg00057.html http://lists.opensuse.org/opensuse-updates/2013-09/msg00061.html http://www.mozilla.org/security/announce/2013/mfsa2013-78.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 4%CPEs: 137EXPL: 0

Use-after-free vulnerability in the nsAnimationManager::BuildAnimations function in the Animation Manager in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving stylesheet cloning. Vulnerabilidad de uso después de liberación en la función nsAnimationManager::BuildAnimations en el Animation Manager de Mozilla Firefox anterior a la versión 17.0.9, Thunderbird anterior a 24.0, Thunderbird ESR 17.x anterior a 17.0.9, y SeaMonkey anterior a 2.21 permite a atacantes remotos ejecutar código arbitrario o causar una denegación del servicio (corrupción de memoria dinámica) a través de vectores relacionados con la clonación de estilos. • http://lists.fedoraproject.org/pipermail/package-announce/2013-September/115907.html http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116610.html http://lists.fedoraproject.org/pipermail/package-announce/2013-September/117526.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00005.html http://lists.opensuse.org/opensuse-updates/2013-09/msg00055.html http://lists.opensuse.org/opensuse-updates/2013-09/msg00057.html http://lists.opensuse.org/opensuse-updates/2013-09/msg0005 • CWE-399: Resource Management Errors CWE-416: Use After Free •

CVSS: 6.8EPSS: 4%CPEs: 119EXPL: 0

The nsHtml5TreeBuilder::resetTheInsertionMode function in the HTML5 Tree Builder in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 does not properly maintain the state of the insertion-mode stack for template elements, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer over-read) by triggering use of this stack in its empty state. La función nsHtml5TreeBuilder::resetTheInsertionMode en el HTML5 Tree Builder de Mozilla Firefox (anteriores a 24.0), Thunderbird (anteriores a 24.0) y SeaMonkey (anteriores a 2.21) no mantiene apropiadamente el estado de pila del modo de inserción para elementos de plantilla, lo que permite a un atacante remoto ejecutar código arbitrario o causar una denegación de servicio (sobrelectura de buffer en memoria dinámica) desencadenando el uso de esta pila en su estado vacío. • http://lists.fedoraproject.org/pipermail/package-announce/2013-September/115907.html http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116610.html http://lists.fedoraproject.org/pipermail/package-announce/2013-September/117526.html http://lists.opensuse.org/opensuse-updates/2013-09/msg00055.html http://lists.opensuse.org/opensuse-updates/2013-09/msg00057.html http://lists.opensuse.org/opensuse-updates/2013-09/msg00059.html http://lists.opensuse.org/opensuse-updates/2013-09/msg00061.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 0%CPEs: 178EXPL: 0

The Web Workers implementation in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 does not properly restrict XMLHttpRequest calls, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via unspecified vectors. La implementación Web Workers en Mozilla Firefox anterior a v23.0, Firefox ESR v17.x anterior a v 17.0.8, Thunderbird anterior a v 17.0.8, Thunderbird ESR v17.x anterior a v 17.0.8, y SeaMonkey anterior a v 2.20 no restringe adecuadamente las llamadas XMLHttpRequest, lo que permite a atacantes remotos evitar la Same Origin Policy y realizar ataques de cross-site scripting (XSS) a través de vectores no especificados. • http://www.debian.org/security/2013/dsa-2735 http://www.debian.org/security/2013/dsa-2746 http://www.mozilla.org/security/announce/2013/mfsa2013-73.html http://www.securityfocus.com/bid/61882 https://bugzilla.mozilla.org/show_bug.cgi?id=879787 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18002 https://access.redhat.com/security/cve/CVE-2013-1714 https://bugzilla.redhat.com/show_bug.cgi?id=993604 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.3EPSS: 0%CPEs: 154EXPL: 0

Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (application crash) via a crafted WAV file that is not properly handled by the nsCString::CharAt function. Mozilla Firefox anterior a v23.0 y SeaMonkey anterior a v2.20 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un archivo WAV manipulado que no es manejado correctamente por la función nsCString::CharAt. • http://www.mozilla.org/security/announce/2013/mfsa2013-67.html https://bugzilla.mozilla.org/show_bug.cgi?id=879924 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18803 •