CVSS: 7.5EPSS: 6%CPEs: 1EXPL: 0CVE-2015-4501
https://notcve.org/view.php?id=CVE-2015-4501
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 41.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades no especificadas en el motor del navegador en Mozilla Firefox en versiones anteriores a 41.0, permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) o posiblemente ejecutar código arbitrario a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html http://www.mozilla.org/security/announce/2015/mfsa2015-96.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.4EPSS: 5%CPEs: 1EXPL: 0CVE-2015-4504
https://notcve.org/view.php?id=CVE-2015-4504
The lut_inverse_interp16 function in the QCMS library in Mozilla Firefox before 41.0 allows remote attackers to obtain sensitive information or cause a denial of service (buffer over-read and application crash) via crafted attributes in the ICC 4 profile of an image. Vulnerabilidad en la función lut_inverse_interp16 en la librería QCMS en Mozilla Firefox en versiones anteriores a 41.0, permite a atacantes remotos obtener información sensible o provocar una denegación de servicio (sobrelectura del buffer y caída de la aplicación) a través de atributos manipuados en el perfil ICC 4 de una imagen. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00005.html http://www.mozilla.org/security/announce/2015/mfsa2015-98.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securityfocus.com/bid/76815 http://www.securitytracker.com/id/1033640 http://www.ubuntu.com/usn/USN-2743-1 http://www.ubuntu.com/usn/USN-2743-2 http://www.ubuntu.com/usn/USN-2743& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 6%CPEs: 8EXPL: 0CVE-2015-7177 – Mozilla: Vulnerabilities found through code inspection (MFSA 2015-112)
https://notcve.org/view.php?id=CVE-2015-7177
The InitTextures function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors. Vulnerabilidad en la función InitTextures en Mozilla Firefox en versiones anteriores a 41.0 y Firefox ESR 38.x en versiones anteriores a 38.3, podría permitir a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) o posiblemente tener otro impacto no especificado a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html http://rhn.redhat.com/errata/RHSA-2015-1834.html http:&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-250: Execution with Unnecessary Privileges •
CVSS: 7.5EPSS: 6%CPEs: 8EXPL: 0CVE-2015-7174 – Mozilla: Vulnerabilities found through code inspection (MFSA 2015-112)
https://notcve.org/view.php?id=CVE-2015-7174
The nsAttrAndChildArray::GrowBy function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an "overflow." Vulnerabilidad en la función nsAttrAndChildArray::GrowBy en Mozilla Firefox en versiones anteriores a 41.0 y Firefox ESR 38.x en versiones anteriores a 38.3, podría permitir a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) o posiblemente tener otro impacto no especificado a través de vectores desconocidos, relacionada con un 'desbordamiento'. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html http://rhn.redhat.com/errata/RHSA-2015-1834.html http:&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-250: Execution with Unnecessary Privileges •
CVSS: 7.5EPSS: 6%CPEs: 8EXPL: 0CVE-2015-7175 – Mozilla: Vulnerabilities found through code inspection (MFSA 2015-112)
https://notcve.org/view.php?id=CVE-2015-7175
The XULContentSinkImpl::AddText function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an "overflow." Vulnerabilidad en la función XULContentSinkImpl::AddText en Mozilla Firefox en versiones anteriores a 41.0 y Firefox ESR 38.x en versiones anteriores a 38.3, podría permitir a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) o posiblemente tener otro impacto no especificado a través de vectores desconocidos, relacionada con un 'desbordamiento'. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html http://rhn.redhat.com/errata/RHSA-2015-1834.html http:&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-250: Execution with Unnecessary Privileges •