CVSS: 7.5EPSS: 23%CPEs: 8EXPL: 0CVE-2014-1576 – Mozilla: Buffer overflow during CSS manipulation (MFSA 2014-75)
https://notcve.org/view.php?id=CVE-2014-1576
Heap-based buffer overflow in the nsTransformedTextRun function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via Cascading Style Sheets (CSS) token sequences that trigger changes to capitalization style. Desbordamiento de buffer basado en memoria dinámica en la función nsTransformedTextRun en Mozilla Firefox anterior a 33.0, Firefox ESR 31.x anterior a 31.2, y Thunderbird 31.x anterior a 31.2 permite a atacantes remotos ejecutar código arbitrario a través de secuencias de tokens Cascading Style Sheets (CSS) que provocan cambios en el estilo de capitalización. • http://lists.fedoraproject.org/pipermail/package-announce/2014-November/141796.html http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141085.html http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html http://lists.opensuse.org/opensuse-updates/2014-11/msg00000.html http://lists.opensuse.org/opensuse-updates/2014-11/msg00001.html http://lists.opensuse.org/opensuse-updates/2014-11/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 5%CPEs: 8EXPL: 0CVE-2014-1578 – Mozilla: Out-of-bounds write with WebM video (MFSA 2014-77)
https://notcve.org/view.php?id=CVE-2014-1578
The get_tile function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly execute arbitrary code via WebM frames with invalid tile sizes that are improperly handled in buffering operations during video playback. La función get_tile en Mozilla Firefox anterior a 33.0, Firefox ESR 31.x anterior a 31.2, y Thunderbird 31.x anterior a 31.2 permite a atacantes remotos causar una denegación de servicio (escritura fuera de rango y caída de aplicación) o posiblemente ejecutar código arbitrario a través de temas WebM con tamaños de 'tile' inválidos que se manejan indebidamente en operaciones de buffer durante la reproducción de vídeos. • http://lists.fedoraproject.org/pipermail/package-announce/2014-November/141796.html http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141085.html http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html http://lists.opensuse.org/opensuse-updates/2014-11/msg00000.html http://lists.opensuse.org/opensuse-updates/2014-11/msg00001.html http://lists.opensuse.org/opensuse-updates/2014-11/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 3%CPEs: 233EXPL: 0CVE-2014-1568 – nss: RSA PKCS#1 signature verification forgery flaw (MFSA 2014-73)
https://notcve.org/view.php?id=CVE-2014-1568
Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31.x before 31.1.2, Mozilla SeaMonkey before 2.29.1, Google Chrome before 37.0.2062.124 on Windows and OS X, and Google Chrome OS before 37.0.2062.120, does not properly parse ASN.1 values in X.509 certificates, which makes it easier for remote attackers to spoof RSA signatures via a crafted certificate, aka a "signature malleability" issue. Mozilla Network Security Services (NSS) anterior a 3.16.2.1, 3.16.x anterior a 3.16.5, y 3.17.x anterior a 3.17.1, utilizado en Mozilla Firefox anterior a 32.0.3, Mozilla Firefox ESR 24.x anterior a 24.8.1 y 31.x anterior a 31.1.1, Mozilla Thunderbird anterior a 24.8.1 y 31.x anterior a 31.1.2, Mozilla SeaMonkey anterior a 2.29.1, Google Chrome anterior a 37.0.2062.124 en Windows y OS X, y Google Chrome OS anterior a 37.0.2062.120, no analiza debidamente los valores ASN.1 en los certificados X.509, lo que facilita a atacantes remotos falsificar las firmas RSA a través de un certificado manipulado, también conocido como un problema de 'maleabilidad de firmas'. A flaw was found in the way NSS parsed ASN.1 (Abstract Syntax Notation One) input from certain RSA signatures. A remote attacker could use this flaw to forge RSA certificates by providing a specially crafted signature to an application using NSS. • http://googlechromereleases.blogspot.com/2014/09/stable-channel-update-for-chrome-os_24.html http://googlechromereleases.blogspot.com/2014/09/stable-channel-update_24.html http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761 http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00036.html http://lists.opensuse.org/opensuse-security-announce/2014-09&# • CWE-310: Cryptographic Issues CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2014-1566
https://notcve.org/view.php?id=CVE-2014-1566
Mozilla Firefox before 31.1 on Android does not properly restrict copying of local files onto the SD card during processing of file: URLs, which allows attackers to obtain sensitive information from the Firefox profile directory via a crafted application. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1515. Mozilla Firefox anterior a 31.1 en Android no restringe debidamente la copia de ficheros locales en la tarjeta SD durante el procesamiento de fichero: URLs, lo que permite a atacantes obtener información sensible del directorio de perfiles de Firefox a través de una aplicación manipulada. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2014-1515 • http://www.mozilla.org/security/announce/2014/mfsa2014-71.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securityfocus.com/bid/69522 http://www.securitytracker.com/id/1030792 https://bugzilla.mozilla.org/show_bug.cgi?id=1050690 https://security.gentoo.org/glsa/201504-01 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 12%CPEs: 26EXPL: 0CVE-2014-1567 – Mozilla Firefox DirectionalityUtils Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-1567
Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between directionality resolution and layout. Vulnerabilidad de uso después de liberación en DirectionalityUtils.cpp en Mozilla Firefox anterior a 32.0, Firefox ESR 24.x anterior a 24.8 y 31.x anterior a 31.1 y Thunderbird 24.x anterior a 24.8 y 31.x anterior a 31.1 permite a atacantes remotos ejecutar código arbitrario a través de texto que no se maneja debidamente durante la interacción entre la resolución de la direccionalidad y el diseño. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of bi-directional unicode text. The issue lies in the failure to properly handle text that has its bi-directional character type changed. • http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html http://lists.opensuse.org/opensuse-updates/2014-09/msg00011. • CWE-416: Use After Free •