CVE-2016-1979 – nss: Use-after-free during processing of DER encoded keys in NSS (MFSA 2016-36)
https://notcve.org/view.php?id=CVE-2016-1979
Use-after-free vulnerability in the PK11_ImportDERPrivateKeyInfoAndReturnKey function in Mozilla Network Security Services (NSS) before 3.21.1, as used in Mozilla Firefox before 45.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted key data with DER encoding. Vulnerabilidad de uso después de liberación de memoria en la función PK11_ImportDERPrivateKeyInfoAndReturnKey en Mozilla Network Security Services (NSS) en versiones anteriores a 3.21.1, como se utiliza en Mozilla Firefox en versiones anteriores a 45.0, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de datos de clave manipulados con codificado DER. A use-after-free flaw was found in the way NSS processed certain DER (Distinguished Encoding Rules) encoded cryptographic keys. An attacker could use this flaw to create a specially crafted DER encoded certificate which, when parsed by an application compiled against the NSS library, could cause that application to crash, or execute arbitrary code using the permissions of the user running the application. • http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html http://rhn.redhat.com/errata/RHSA-2016-0591.html http: •
CVE-2016-1956
https://notcve.org/view.php?id=CVE-2016-1956
Mozilla Firefox before 45.0 on Linux, when an Intel video driver is used, allows remote attackers to cause a denial of service (memory consumption or stack memory corruption) by triggering use of a WebGL shader. Mozilla Firefox en versiones anteriores a 45.0 en Linux, cuando se utiliza un controlador de video Intel, permite a atacantes remotos causar una denegación de servicio (consumo de la memoria o corrupción de la memoria de pila) desencadenando el uso de un sombreador WebGL." • http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html http://www.mozilla.org/security/announce/2016/mfsa2016-19.html http://www.securitytracker.com/id/1035215 http://www.ubuntu.com • CWE-399: Resource Management Errors •
CVE-2016-1955
https://notcve.org/view.php?id=CVE-2016-1955
Mozilla Firefox before 45.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by reading a Content Security Policy (CSP) violation report that contains path information associated with an IFRAME element. Mozilla Firefoz en versiones anteriores a 45.0 permite a atacantes remotos eludir la Same Origin Policy y obtener información sensible leyendo un informe de violación de Content Security Policy (CSP) que contiene información de ruta asociada con un elemento IFRAME. • http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html http://www.mozilla.org/security/announce/2016/mfsa2016-18.html http://www.securitytracker.com/id/1035215 http://www.ubuntu.com • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2016-1963
https://notcve.org/view.php?id=CVE-2016-1963
The FileReader class in Mozilla Firefox before 45.0 allows local users to gain privileges or cause a denial of service (memory corruption) by changing a file during a FileReader API read operation. La clase FileReader en Mozilla Firefox en versiones anteriores a 45.0 permite a usuarios locales obtener privilegios o causar una denegación de servicio (corrupción de memoria) a través del cambio de archivo durante una operación de lectura de la API FileReader. • http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html http://www.mozilla.org/security/announce/2016/mfsa2016-26.html http://www.securitytracker.com/id/1035215 http://www.ubuntu.com/usn/USN-2917-1 http://www.ubuntu.com/usn/USN-2917-2 http://www.ubuntu.com/usn/USN-2917-3 https://bugzilla.mozilla.org/show_bug.cgi?id=1238440 https://security.gentoo.org/glsa/201605-06 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-264: Permissions, Privileges, and Access Controls •
CVE-2016-1967
https://notcve.org/view.php?id=CVE-2016-1967
Mozilla Firefox before 45.0 does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that leverages history.back and performance.getEntries calls after restoring a browser session. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-7207. Mozilla Firefox en versiones anteriores a 45.0 no restringe correctamente la disponibilidad de los tiempos de la API IFRAME Resource Timing, lo que permite a atacantes remotos eludir la Same Origin Policy y obtener información sensible a través de código JavaScript manipulado que se aprovecha de las llamadas history.back y performance.getEntries después de restaurar una sesión del navegador. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2015-7207. • http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html http://www.mozilla.org/security/announce/2016/mfsa2016-29.html http://www.securitytracker.com/id/1035215 http://www.ubuntu.com/usn/USN-2917-1 http://www.ubuntu.com/usn/USN-2917-2 http://www.ubuntu.com/usn/USN-2917-3 https://bugzilla.mozilla.org/show_bug.cgi?id=1246956 https://security.gentoo.org/glsa/201605-06 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •