CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2015-2718
https://notcve.org/view.php?id=CVE-2015-2718
The WebChannel.jsm module in Mozilla Firefox before 38.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive webchannel-response data via a crafted web site containing an IFRAME element referencing a different web site that is intended to read this data. El módulo WebChannel.jsm en Mozilla Firefox anterior a 38.0 permite a atacantes remotos evadir Same Origin Policy y obtener datos sensibles de respuestas de canales de web a través de un sitio web manipulado que contiene un elemento IFRAME que hace referencia a un sitio web diferente específicamente para leer estos datos. • http://lists.opensuse.org/opensuse-updates/2015-05/msg00036.html http://www.mozilla.org/security/announce/2015/mfsa2015-56.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securityfocus.com/bid/74611 http://www.ubuntu.com/usn/USN-2602-1 https://bugzilla.mozilla.org/show_bug.cgi?id=1146724 https://security.gentoo.org/glsa/201605-06 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 4%CPEs: 3EXPL: 0CVE-2015-2712
https://notcve.org/view.php?id=CVE-2015-2712
The asm.js implementation in Mozilla Firefox before 38.0 does not properly determine heap lengths during identification of cases in which bounds checking may be safely skipped, which allows remote attackers to trigger out-of-bounds write operations and possibly execute arbitrary code, or trigger out-of-bounds read operations and possibly obtain sensitive information from process memory, via crafted JavaScript. La implementación asm.js en Mozilla Firefox anterior a 38.0 no determina correctamente las longitudes de la memoria dinámica durante la identificación de casos en que la comprobación de límites puede saltarse con seguridad, lo que permite a atacantes remotos provocar operaciones de escritura fuera de rango y posiblemente obtener información sensible de la memoria de procesos a través de JavaScript manipulado. • http://lists.opensuse.org/opensuse-updates/2015-05/msg00036.html http://www.mozilla.org/security/announce/2015/mfsa2015-50.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securityfocus.com/bid/74611 http://www.ubuntu.com/usn/USN-2602-1 https://bugzilla.mozilla.org/show_bug.cgi?id=1152280 https://security.gentoo.org/glsa/201605-06 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 2%CPEs: 3EXPL: 0CVE-2015-2717
https://notcve.org/view.php?id=CVE-2015-2717
Integer overflow in libstagefright in Mozilla Firefox before 38.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and out-of-bounds read) via an MP4 video file containing invalid metadata. Desbordamiento de enteros en libstagefright en Mozilla Firefox anterior a 38.0 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (desbordamiento de buffer basado en memoria dinámica y lectura fuera de rango) a través de un fichero de vídeos MP4 que contiene metadatos inválidos. • http://lists.opensuse.org/opensuse-updates/2015-05/msg00036.html http://www.mozilla.org/security/announce/2015/mfsa2015-55.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securityfocus.com/bid/74611 http://www.ubuntu.com/usn/USN-2602-1 https://bugzilla.mozilla.org/show_bug.cgi?id=1154683 https://security.gentoo.org/glsa/201605-06 • CWE-189: Numeric Errors •
CVSS: 6.8EPSS: 9%CPEs: 20EXPL: 0CVE-2015-2710 – Mozilla: Buffer overflow with SVG content and CSS (MFSA 2015-48)
https://notcve.org/view.php?id=CVE-2015-2710
Heap-based buffer overflow in the SVGTextFrame class in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code via crafted SVG graphics data in conjunction with a crafted Cascading Style Sheets (CSS) token sequence. Desbordamiento de buffer basado en memoria dinámica en la clase SVGTextFrame en Mozilla Firefox anterior a 38.0, Firefox ESR 31.x anterior a 31.7, y Thunderbird anterior a 31.7 permite a atacantes remotos ejecutar código arbitrario a través de datos de gráficos SVG manipulados en conjunto con una secuencia de tokens Cascading Style Sheets (CSS) manipulada. • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00054.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html http://lists.opensuse.org/opensuse-updates/2015-05/msg00036.html http://rhn.redhat.com/errata/RHSA-2015-0988.html http://rhn.redhat.com/errata/RHSA-2015-1012.html http://www.debian.org/security&#x • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 6%CPEs: 21EXPL: 0CVE-2015-2716 – expat: Integer overflow leading to buffer overflow in XML_GetBuffer()
https://notcve.org/view.php?id=CVE-2015-2716
Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code by providing a large amount of compressed XML data, a related issue to CVE-2015-1283. Desbordamiento de buffer en el analizador XML en Mozilla Firefox en versiones anteriores a 38.0, Firefox ESR 31.x en versiones anteriores a 31.7 y Thunderbird en versiones anteriores a 31.7 permite a atacantes remotos ejecutar código arbitrario proporcionando una gran cantidad de datos XML comprimidos, un problema relacionado con CVE-2015-1283. • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00054.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html http://lists.opensuse.org/opensuse-updates/2015-05/msg00036.html http://rhn.redhat.com/errata/RHSA-2015-0988.html http://rhn.redhat.com/errata/RHSA-2015-1012.html http://www.debian.org/security&#x • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •