NotCVE - vendor:"Mozilla" product:"Firefox" version:" >= 3.0

Page 255 of 2025 results (0.042 seconds)

CVSS: 9.3EPSS: 1%CPEs: 1EXPL: 0

CVE-2015-4516

https://notcve.org/view.php?id=CVE-2015-4516

Mozilla Firefox before 41.0 allows remote attackers to bypass certain ECMAScript 5 (aka ES5) API protection mechanisms and modify immutable properties, and consequently execute arbitrary JavaScript code with chrome privileges, via a crafted web page that does not use ES5 APIs. Vulnerabilidad en Mozilla Firefox en versiones anteriores a 41.0, permite a atacantes remotos eludir ciertos mecanismos de protección de la API ECMAScript 5 (también conocido como ES5) y modificar propiedades inmutables y, consecuentemente, ejecutar código JavaScript arbitario con privilegios de chrome a través de una página web manipulada que no utiliza las APIs ES5. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00005.html http://www.mozilla.org/security/announce/2015/mfsa2015-109.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securityfocus.com/bid/76815 http://www.securitytracker.com/id/1033640 http://www.ubuntu.com/usn/USN-2743-1 http://www.ubuntu.com/usn/USN-2743-2 http://www.ubuntu.com/usn/USN-2743 • CWE-254: 7PK - Security Features •

CVSS: 2.6EPSS: 0%CPEs: 1EXPL: 0

CVE-2015-4508

https://notcve.org/view.php?id=CVE-2015-4508

Mozilla Firefox before 41.0, when reader mode is enabled, allows remote attackers to spoof the relationship between address-bar URLs and web content via a crafted web site. Vulnerabilidad en Mozilla Firefox en versiones anteriores a 41.0, cuando el modo lector está habilitado, permite a atacantes remotos suplantar la relación entre URLs de la barra de direcciones y el contenido web a través de un sitio web manipulado. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00000.html http://www.mozilla.org/security/announce/2015/mfsa2015-103.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securityfocus.com/bid/76815 http://www.securitytracker.com/id/1033640 http://www.ubuntu.com/usn/USN-2743-1 http://www.ubuntu.com/usn/USN-2743-2 http://www.ubuntu.com/usn/USN-2743-3 http://www.ubuntu.com/usn/USN-2743-4 https://bugzilla.mozil • CWE-254: 7PK - Security Features •

CVSS: 7.5EPSS: 6%CPEs: 8EXPL: 0

CVE-2015-4517 – Mozilla: Vulnerabilities found through code inspection (MFSA 2015-112)

https://notcve.org/view.php?id=CVE-2015-4517

NetworkUtils.cpp in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors. Vulnerabilidad en NetworkUtils.cpp en Mozilla Firefox en versiones anteriores a 41.0 y Firefox ESR 38.x en versiones anteriores a 38.3, podría permitir a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) o posiblemente tener un impacto no especificado a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html http://rhn.redhat.com/errata/RHSA-2015-1834.html http:&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-250: Execution with Unnecessary Privileges •

CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0

CVE-2015-4519 – Mozilla: Dragging and dropping images exposes final URL after redirects (MFSA 2015-110)

https://notcve.org/view.php?id=CVE-2015-4519

Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow user-assisted remote attackers to bypass intended access restrictions and discover a redirect's target URL via crafted JavaScript code that executes after a drag-and-drop action of an image into a TEXTBOX element. Vulnerabilidad en Mozilla Firefox en versiones anteriores a 41.0 y Firefox ESR 38.x en versiones anteriores a 38.3, permite a atacantes remotos asistidos por usuario eludir las restricciones destinadas al acceso y descubrir una URL destino de redirección a través de código JavaScript manipulado que se ejecuta después de una acción de arrastrar y soltar una imagen en un elemento TEXTBOX. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html http://rhn.redhat.com/errata/RHSA-2015-1834.html http:&# • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 6%CPEs: 1EXPL: 0

CVE-2015-4501

https://notcve.org/view.php?id=CVE-2015-4501

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 41.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades no especificadas en el motor del navegador en Mozilla Firefox en versiones anteriores a 41.0, permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) o posiblemente ejecutar código arbitrario a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html http://www.mozilla.org/security/announce/2015/mfsa2015-96.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

1...253 254 255 256 257