Page 233 of 2506 results (0.011 seconds)

CVSS: 8.8EPSS: 16%CPEs: 17EXPL: 0

CVE-2016-2814 – Mozilla: Buffer overflow in libstagefright with CENC offsets (MFSA 2016-44)

https://notcve.org/view.php?id=CVE-2016-2814

Heap-based buffer overflow in the stagefright::SampleTable::parseSampleCencInfo function in libstagefright in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code via crafted CENC offsets that lead to mismanagement of the sizes table. Desbordamiento de buffer basado en memoria dinámica en la función stagefright::SampleTable::parseSampleCencInfo en libstagefright en Mozilla Firefox en versiones anteriores a 46.0, Firefox ESR 38.x en versiones anteriores a 38.8 y Firefox ESR 45.x en versiones anteriores a 45.1 permite a atacantes remotos ejecutar código arbitrario a través de desplazamientos CENC manipulados que conducen a administración incorrecta de la tabla de tamaños • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html http://rhn.redhat.com/errata/RHSA-2016-0695.html http://www.debian.org/security/2016/dsa-3559 http://www.mozilla.org/security/ann • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 1%CPEs: 21EXPL: 0

CVE-2016-2807 – Mozilla: Miscellaneous memory safety hazards (rv:46.0 / rv:45.1 / rv:38.8) (MFSA 2016-39)

https://notcve.org/view.php?id=CVE-2016-2807

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades no especificadas en el motor del navegador en Mozilla Firefox en versiones anteriores a 46.0, Firefox ESR 38.x en versiones anteriores a 38.8 y Firefox ESR 45.x en versiones anteriores a 45.1 permiten a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de aplicación) o posiblemente ejecutar código arbitrario a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2016-07 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 2%CPEs: 7EXPL: 0

CVE-2016-2806 – Mozilla: Miscellaneous memory safety hazards (rv:46.0 / rv:45.1) (MFSA 2016-39)

https://notcve.org/view.php?id=CVE-2016-2806

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades no especificadas en el motor del navegador en Mozilla Firefox en versiones anteriores a 46.0 y Firefox ESR 45.x en versiones anteriores a 45.1 permiten a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de aplicación) o posiblemente ejecutar código arbitrario a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html http://rhn.redhat.com/errata/RHSA-2016-0695.html http://www.debian.org/security/2016/dsa-3601 http://www.mozilla.org/security/ann • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 0

CVE-2016-1970

https://notcve.org/view.php?id=CVE-2016-1970

Integer underflow in the srtp_unprotect function in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. Desbordamiento inferior de entero en la función srtp_unprotect en la implementación de WebRTC en Mozilla Firefox en versiones anteriores a 45.0 en Windows podría permitir a atacantes remotos causar una denegación de servicio (corrupción de memoria) o posiblemente tener otro impacto no especificado a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html http://www.mozilla.org/security/announce/2016/mfsa2016-32.html http://www.securityfocus.com/bid/84220 http://www.securitytracker.com/id/1035215 https://bugzilla.mozilla.org/show_bug.cgi?id=1216837 https://security.gentoo.org/glsa/201605-06 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 0

CVE-2016-1971

https://notcve.org/view.php?id=CVE-2016-1971

The I420VideoFrame::CreateFrame function in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows omits an unspecified status check, which might allow remote attackers to cause a denial of service (memory corruption) or possibly have other impact via unknown vectors. la función I420VideoFrame::CreateFrame en la implementación de WebRTC en Mozilla Firefox en versiones anteriores a 45.0 en Windows omite una comprobación de estado no especificada, lo que podría permitir a atacantes remotos causar una denegación de servicio (corrupción de memoria) o posiblemente tener otro impacto a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html http://www.mozilla.org/security/announce/2016/mfsa2016-32.html http://www.securityfocus.com/bid/84220 http://www.securitytracker.com/id/1035215 https://bugzilla.mozilla.org/show_bug.cgi?id=1217663 https://security.gentoo.org/glsa/201605-06 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •