CVSS: 3.5EPSS: 0%CPEs: 4EXPL: 1CVE-2011-2198
https://notcve.org/view.php?id=CVE-2011-2198
The "insert-blank-characters" capability in caps.c in gnome-terminal (vte) before 0.28.1 allows remote authenticated users to cause a denial of service (CPU and memory consumption and crash) via a crafted file, as demonstrated by a file containing the string "\033[100000000000000000@". La capacidad de "insertar caracteres en blanco" en caps.c en gnome-terminal (vte) en versiones anteriores a 0.28.1 permite a usuarios autenticados remotos provocar una denegación de servicio (consumo de CPU y memoria y caída) a través de un archivo manipulado, según lo demostrado por un archivo que contiene la cadena "\033[100000000000000000@". • http://lists.opensuse.org/opensuse-updates/2012-08/msg00001.html http://www.openwall.com/lists/oss-security/2011/06/09/3 http://www.openwall.com/lists/oss-security/2011/06/13/10 http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629688 https://bugzilla.gnome.org/show_bug.cgi?id=652124 https://bugzilla.redhat.com/show_bug.cgi?id=712148 https://git.gnome.org/browse/vte/commit/?h=vte-0-28&am • CWE-20: Improper Input Validation CWE-399: Resource Management Errors •
CVSS: 5.0EPSS: 3%CPEs: 10EXPL: 0CVE-2014-1500
https://notcve.org/view.php?id=CVE-2014-1500
Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution. Mozilla Firefox anterior a 28.0 y SeaMonkey anterior a 2.25 permiten a atacantes remotos causar una denegación de servicio (consumo de recursos y cuelgue de aplicación) a través de eventos onBeforeUnload que provocan la ejecución de JavaScript en segundo plano. • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html http://www.mozilla.org/security/announce/2014/mfsa2014-20.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html https://bugzilla.mozilla.org/show_bug.cgi?id=956524 https://s • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.3EPSS: 0%CPEs: 10EXPL: 0CVE-2014-1494
https://notcve.org/view.php?id=CVE-2014-1494
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades no especificadas en el motor de navegación en Mozilla Firefox anterior a 28.0 y SeaMonkey anterior a 2.25 permiten a atacantes remotos causar una denegación de servicio (corrupción de memoria y caída de aplicación) o posiblemente ejecutar código arbitrario a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html http://www.mozilla.org/security/announce/2014/mfsa2014-15.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html https://bugzilla.mozilla.org/show_bug.cgi?id=627295 https://b •
CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0CVE-2014-1499
https://notcve.org/view.php?id=CVE-2014-1499
Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt. Mozilla Firefox anterior a 28.0 y SeaMonkey anterior a 2.25 permiten a atacantes remotos falsificar el nombre del dominio en la solicitud de permisos de (1) cámara o (2) micrófono en WebRTC provocando navegación en cierto momento durante la generación de esta petición. • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html http://www.mozilla.org/security/announce/2014/mfsa2014-19.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html https://bugzilla.mozilla.org/show_bug.cgi?id=961512 https://s •
CVSS: 6.8EPSS: 0%CPEs: 10EXPL: 0CVE-2014-1502
https://notcve.org/view.php?id=CVE-2014-1502
The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors. Las funciones (1) WebGL.compressedTexImage2D y (2) WebGL.compressedTexSubImage2D en Mozilla Firefox anterior a 28.0 y SeaMonkey anterior a 2.25 permiten a atacantes remotos evadir Same Origin Policy y renderizar contenido en un dominio diferente a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html http://www.mozilla.org/security/announce/2014/mfsa2014-22.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html https://bugzilla.mozilla.org/show_bug.cgi?id=972622 https://s • CWE-346: Origin Validation Error •