CVE-2014-1583 – Mozilla: Accessing cross-origin objects via the Alarms API (MFSA 2014-82)
https://notcve.org/view.php?id=CVE-2014-1583
The Alarm API in Mozilla Firefox before 33.0 and Firefox ESR 31.x before 31.2 does not properly restrict toJSON calls, which allows remote attackers to bypass the Same Origin Policy via crafted API calls that access sensitive information within the JSON data of an alarm. La API Alarm en Mozilla Firefox anterior a 33.0 y Firefox ESR 31.x anterior a 31.2 no restringe debidamente las llamadas JSON, lo que permite a atacantes remotos evadir Same Origin Policy a través de llamadas a la API manipuladas que acceden a información sensible dentro de los datos JSON de una alarma. • http://lists.fedoraproject.org/pipermail/package-announce/2014-November/141796.html http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141085.html http://lists.opensuse.org/opensuse-updates/2014-11/msg00001.html http://lists.opensuse.org/opensuse-updates/2014-11/msg00002.html http://rhn.redhat.com/errata/RHSA-2014-1635.html http://secunia.com/advisories/61854 http://secunia.com/advisories/62022 http://secunia.com/advisories/62023 http://www.debian.org/security/2014/dsa- •
CVE-2014-1576 – Mozilla: Buffer overflow during CSS manipulation (MFSA 2014-75)
https://notcve.org/view.php?id=CVE-2014-1576
Heap-based buffer overflow in the nsTransformedTextRun function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via Cascading Style Sheets (CSS) token sequences that trigger changes to capitalization style. Desbordamiento de buffer basado en memoria dinámica en la función nsTransformedTextRun en Mozilla Firefox anterior a 33.0, Firefox ESR 31.x anterior a 31.2, y Thunderbird 31.x anterior a 31.2 permite a atacantes remotos ejecutar código arbitrario a través de secuencias de tokens Cascading Style Sheets (CSS) que provocan cambios en el estilo de capitalización. • http://lists.fedoraproject.org/pipermail/package-announce/2014-November/141796.html http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141085.html http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html http://lists.opensuse.org/opensuse-updates/2014-11/msg00000.html http://lists.opensuse.org/opensuse-updates/2014-11/msg00001.html http://lists.opensuse.org/opensuse-updates/2014-11/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2014-1578 – Mozilla: Out-of-bounds write with WebM video (MFSA 2014-77)
https://notcve.org/view.php?id=CVE-2014-1578
The get_tile function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly execute arbitrary code via WebM frames with invalid tile sizes that are improperly handled in buffering operations during video playback. La función get_tile en Mozilla Firefox anterior a 33.0, Firefox ESR 31.x anterior a 31.2, y Thunderbird 31.x anterior a 31.2 permite a atacantes remotos causar una denegación de servicio (escritura fuera de rango y caída de aplicación) o posiblemente ejecutar código arbitrario a través de temas WebM con tamaños de 'tile' inválidos que se manejan indebidamente en operaciones de buffer durante la reproducción de vídeos. • http://lists.fedoraproject.org/pipermail/package-announce/2014-November/141796.html http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141085.html http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html http://lists.opensuse.org/opensuse-updates/2014-11/msg00000.html http://lists.opensuse.org/opensuse-updates/2014-11/msg00001.html http://lists.opensuse.org/opensuse-updates/2014-11/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVE-2014-1568 – nss: RSA PKCS#1 signature verification forgery flaw (MFSA 2014-73)
https://notcve.org/view.php?id=CVE-2014-1568
Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31.x before 31.1.2, Mozilla SeaMonkey before 2.29.1, Google Chrome before 37.0.2062.124 on Windows and OS X, and Google Chrome OS before 37.0.2062.120, does not properly parse ASN.1 values in X.509 certificates, which makes it easier for remote attackers to spoof RSA signatures via a crafted certificate, aka a "signature malleability" issue. Mozilla Network Security Services (NSS) anterior a 3.16.2.1, 3.16.x anterior a 3.16.5, y 3.17.x anterior a 3.17.1, utilizado en Mozilla Firefox anterior a 32.0.3, Mozilla Firefox ESR 24.x anterior a 24.8.1 y 31.x anterior a 31.1.1, Mozilla Thunderbird anterior a 24.8.1 y 31.x anterior a 31.1.2, Mozilla SeaMonkey anterior a 2.29.1, Google Chrome anterior a 37.0.2062.124 en Windows y OS X, y Google Chrome OS anterior a 37.0.2062.120, no analiza debidamente los valores ASN.1 en los certificados X.509, lo que facilita a atacantes remotos falsificar las firmas RSA a través de un certificado manipulado, también conocido como un problema de 'maleabilidad de firmas'. A flaw was found in the way NSS parsed ASN.1 (Abstract Syntax Notation One) input from certain RSA signatures. A remote attacker could use this flaw to forge RSA certificates by providing a specially crafted signature to an application using NSS. • http://googlechromereleases.blogspot.com/2014/09/stable-channel-update-for-chrome-os_24.html http://googlechromereleases.blogspot.com/2014/09/stable-channel-update_24.html http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761 http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00036.html http://lists.opensuse.org/opensuse-security-announce/2014-09 • CWE-310: Cryptographic Issues CWE-347: Improper Verification of Cryptographic Signature •
CVE-2014-1566
https://notcve.org/view.php?id=CVE-2014-1566
Mozilla Firefox before 31.1 on Android does not properly restrict copying of local files onto the SD card during processing of file: URLs, which allows attackers to obtain sensitive information from the Firefox profile directory via a crafted application. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1515. Mozilla Firefox anterior a 31.1 en Android no restringe debidamente la copia de ficheros locales en la tarjeta SD durante el procesamiento de fichero: URLs, lo que permite a atacantes obtener información sensible del directorio de perfiles de Firefox a través de una aplicación manipulada. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2014-1515 • http://www.mozilla.org/security/announce/2014/mfsa2014-71.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securityfocus.com/bid/69522 http://www.securitytracker.com/id/1030792 https://bugzilla.mozilla.org/show_bug.cgi?id=1050690 https://security.gentoo.org/glsa/201504-01 • CWE-264: Permissions, Privileges, and Access Controls •