CVSS: 10.0EPSS: 88%CPEs: 19EXPL: 1CVE-2012-0444 – Mozilla Firefox Ogg Vorbis Decoding Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-0444
Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file. Mozilla Firefox v3.6.26 y v4.x hasta el v9.0, Thunderbird antes de v3.1.18 y v5.0 hasta la v9.0 y SeaMonkey antes de v2.7 no inicializa correctamente las estructuras de datos nsChildView, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria caida de la aplicación) o posiblemente ejecutar código de su elección a través de un archivo Ogg Vorbis debidamente manipulado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the parsing of Ogg Vorbis media files. By crafting a stream with specific values , it is possible to cause a decoding loop that copies memory to write controlled data beyond the end of a fixed size buffer. • http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html http://secunia.com/advisories/48043 http://secunia.com/advisories/48095 http://www.debian.org/security/2012/dsa-2400 http://www.debian.org/security/2012/dsa-2402 http://www.debian.org/security/2012/dsa-2406 http://www.mandriva.com/security/advisories?name=MDVSA- • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 3%CPEs: 15EXPL: 1CVE-2012-0442 – Mozilla: memory safety hazards in 10.0/1.9.2.26 (MFSA 2012-01)
https://notcve.org/view.php?id=CVE-2012-0442
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades no especificadas en el motor del navegador de Mozilla Firefox antes de 3v.6.26 y v4.x hasta la v9.0, Thunderbird antes de v3.1.18 y v5.0 hasta la v9.0 y SeaMonkey antes de v2.7 permiten a atacantes remotos provocar una denegación de servicio (corrupción de memoria y bloqueo de la aplicación) o posiblemente ejecutar código de su elección a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html http://www.debian.org/security/2012/dsa-2400 http://www.debian.org/security/2012/dsa-2402 http://www.debian.org/security/2012/dsa-2406 http://www.mandriva.com/security/advisories?name=MDVSA-2012:013 http://www.mozilla.org/security/announce/2012/mfsa2012-01.html h •
CVSS: 6.8EPSS: 0%CPEs: 226EXPL: 0CVE-2011-3666
https://notcve.org/view.php?id=CVE-2011-3666
Mozilla Firefox before 3.6.25 and Thunderbird before 3.1.17 on Mac OS X do not consider .jar files to be executable files, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted file. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-2372 on Mac OS X. Mozilla Firefox antes de v3.6.25 y Thunderbird antes de v3.1.17 en Mac OS X no consideran los archivos .jar como ejecutables, lo que permite a atacantes remotos asistidos por el usurio evitar las restricciones de acceso intecionadas a través de un archivo. NOTA: esta vulnerabilidad existe debido a una solución incorrecta de CVE-2011-2372 en Mac OS X. • http://www.mozilla.org/security/announce/2011/mfsa2011-59.html http://www.securitytracker.com/id?1026445 http://www.securitytracker.com/id?1026447 https://bugzilla.mozilla.org/show_bug.cgi?id=704622 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14831 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.8EPSS: 1%CPEs: 326EXPL: 0CVE-2011-3664
https://notcve.org/view.php?id=CVE-2011-3664
Mozilla Firefox before 9.0, Thunderbird before 9.0, and SeaMonkey before 2.6 on Mac OS X do not properly handle certain DOM frame deletions by plugins, which allows remote attackers to cause a denial of service (incorrect pointer dereference and application crash) or possibly have unspecified other impact via a crafted web site. Mozilla Firefox antes de v9.0, Thunderbird antes de v9.0, y SeaMonkey antes de v2.6 en Mac OS X, no maneja apropiadamente algunos supresiones de marcos DOM por los complementos, lo que permite a atacantes remotos provocar una denegación de servicio (desreferencia a puntero incorrecto y caída de la aplicacion) o posiblemente tener otros impactos no especificados a través de un sitio web modificado. • http://secunia.com/advisories/47302 http://secunia.com/advisories/47334 http://www.mozilla.org/security/announce/2011/mfsa2011-57.html http://www.securitytracker.com/id?1026445 http://www.securitytracker.com/id?1026446 http://www.securitytracker.com/id?1026447 https://bugzilla.mozilla.org/show_bug.cgi?id=649079 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14574 •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 1CVE-2011-4688
https://notcve.org/view.php?id=CVE-2011-4688
Mozilla Firefox 8.0.1 and earlier does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the browser cache via crafted JavaScript code. Mozilla Firefox v8.0.1 y anteriores, no impide la captura de datos sobre los tiempos de violación de "Same Origin Policy" durante los intentos de carga de IFRAME, lo que facilita a los atacantes remotos determinar si existe un documento en la caché del navegador a través de código JavaScript manipulado. • http://lcamtuf.coredump.cx/cachetime http://secunia.com/advisories/47090 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13770 • CWE-264: Permissions, Privileges, and Access Controls •