Page 277 of 2521 results (0.014 seconds)

CVSS: 6.8EPSS: 20%CPEs: 12EXPL: 0

CVE-2015-0817 – Mozilla Firefox Bounds Check Elimination Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2015-0817

The asm.js implementation in Mozilla Firefox before 36.0.3, Firefox ESR 31.x before 31.5.2, and SeaMonkey before 2.33.1 does not properly determine the cases in which bounds checking may be safely skipped during JIT compilation and heap access, which allows remote attackers to read or write to unintended memory locations, and consequently execute arbitrary code, via crafted JavaScript. La implementación asm.js en Mozilla Firefox anterior a 36.0.3, Firefox ESR 31.x anterior a 31.5.2, y SeaMonkey anterior a 2.33.1 no determina correctamente los casos en los que los rangos de comprobación pueden saltase con seguridad durante la compilación JIT y el acceso a la memoria dinámica, lo que permite a atacantes remotos leer o escribir en localizaciones de memoria no intencionadas, y como consecuencia ejecutar código arbitrario, a través de JavaScript manipulado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of heap access bounds checking. A specially crafted typed array can eliminate bounds checks for heap accesses. • http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00035.html http://lists.opensuse.org/opensuse-updates/2015-03/msg00096.html http://rhn.redhat.com/errata/RHSA-2015-0718.html http://www.debian.org/security/2015/dsa-3201 http://www.mozilla.org/security/announce/2015/mfsa2015-29.html http://www.oracle.com/technetwork/topics/secu • CWE-17: DEPRECATED: Code CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 7%CPEs: 13EXPL: 0

CVE-2015-0818 – Mozilla Firefox SVG DOMAttrModified Same-Origin Policy Bypass Vulnerability

https://notcve.org/view.php?id=CVE-2015-0818

Mozilla Firefox before 36.0.4, Firefox ESR 31.x before 31.5.3, and SeaMonkey before 2.33.1 allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving SVG hash navigation. Mozilla Firefox anterior a 36.0.4, Firefox ESR 31.x anterior a 31.5.3, y SeaMonkey anterior a 2.33.1 permiten a atacantes remotos evadir Same Origin Policy y ejecutar código JavaScript arbitrario con privilegios chrome a través de vectores que involucran la navegación por hashes de SVG. This vulnerability allows remote attackers to bypass the same-origin policy on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of SVG format content navigation. By using a DOMAttrModified mutation event listener, an attacker can inject an arbitrary URL into the history, and cause Firefox to break the same-origin isolation policy. • http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00035.html http://lists.opensuse.org/opensuse-updates/2015-03/msg00096.html http://rhn.redhat.com/errata/RHSA-2015-0718.html http://www.debian.org/security/2015/dsa-3201 http://www.mozilla.org/security/announce/2015/mfsa2015-28.html http://www.oracle.com/technetwork/topics/secu • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.5EPSS: 1%CPEs: 238EXPL: 0

CVE-2015-0823

https://notcve.org/view.php?id=CVE-2015-0823

Multiple use-after-free vulnerabilities in OpenType Sanitiser, as used in Mozilla Firefox before 36.0, might allow remote attackers to trigger problematic Developer Console information or possibly have unspecified other impact by leveraging incorrect macro expansion, related to the ots::ots_gasp_parse function. Múltiples vulnerabilidades de uso después de liberación en OpenType Sanitiser, utilizado en Mozilla Firefox anterior a 36.0, podrían permitir a atacantes remotos provocar información problemática de la consola de desarrollo (Developer Console) o posiblemente tener otro impacto no especificado mediante el aprovechamiento de la expansión incorrecta de macros, relacionado con la función ots::ots_gasp_parse. • http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00000.html http://lists.opensuse.org/opensuse-updates/2015-03/msg00067.html http://www.mozilla.org/security/announce/2015/mfsa2015-23.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securityfocus.com/bid/72754 http://www.securitytracker.com/id/1031791 http://www.ubuntu.com/usn/USN-2505-1 https://bugzilla.mozilla.org/show_bug.cgi?id=1098497 https://github.com/khaledhosny/ots •

CVSS: 7.5EPSS: 6%CPEs: 232EXPL: 0

CVE-2015-0835

https://notcve.org/view.php?id=CVE-2015-0835

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 36.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades no especificadas en el motor del navegador en Mozilla Firefox anterior a 36.0 permiten a atacantes remotos causar una denegación de servicio (corrupción de memoria y caída de la aplicación) o posiblemente ejecutar código arbitrario a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00007.html http://lists.opensuse.org/opensuse-updates/2015-03/msg00067.html http://www.mozilla.org/security/announce/2015/mfsa2015-11.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http •

CVSS: 2.6EPSS: 0%CPEs: 237EXPL: 0

CVE-2015-0820

https://notcve.org/view.php?id=CVE-2015-0820

Mozilla Firefox before 36.0 does not properly restrict transitions of JavaScript objects from a non-extensible state to an extensible state, which allows remote attackers to bypass a Caja Compiler sandbox protection mechanism or a Secure EcmaScript sandbox protection mechanism via a crafted web site. Mozilla Firefox anterior a 36.0 no restringe correctamente las transiciones de objetos JavaScript de un estado no existente a un estado extensible, lo que permite a atacantes remotos evadir el mecanismo de protección del sandbox de Caja Compiler o un mecanismo de protección de sandbox de Secure EcmaScript a través de un sitio web manipulado. • http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00000.html http://lists.opensuse.org/opensuse-updates/2015-03/msg00067.html http://www.mozilla.org/security/announce/2015/mfsa2015-27.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securityfocus.com/bid/72757 http://www.ubuntu.com/usn/USN-2505-1 https://bugzilla.mozilla.org/show_bug.cgi?id=1125389 https://security.gentoo.org/glsa/201504-01 • CWE-284: Improper Access Control •