CVSS: 9.8EPSS: 1%CPEs: 16EXPL: 0CVE-2016-9901 – Mozilla: Data from Pocket server improperly sanitized before execution (MFSA 2016-94, MFSA 2016-95)
https://notcve.org/view.php?id=CVE-2016-9901
HTML tags received from the Pocket server will be processed without sanitization and any JavaScript code executed will be run in the "about:pocket-saved" (unprivileged) page, giving it access to Pocket's messaging API through HTML injection. This vulnerability affects Firefox ESR < 45.6 and Firefox < 50.1. Las etiquetas HTML recibidas del servidor Pocket serán procesadas sin sanear y cualquier código JavaScript que se ejecute lo hará en la página "about:pocket-saved" (sin privilegios), concediéndole acceso a la API de mensajes de Pocket mediante una inyección HTML. La vulnerabilidad afecta a Firefox ESR en versiones anteriores a la 45.6 y Firefox en versiones anteriores a la 50.1. • http://rhn.redhat.com/errata/RHSA-2016-2946.html http://rhn.redhat.com/errata/RHSA-2016-2973.html http://www.securityfocus.com/bid/94885 http://www.securitytracker.com/id/1037461 https://bugzilla.mozilla.org/show_bug.cgi?id=1320057 https://security.gentoo.org/glsa/201701-15 https://www.mozilla.org/security/advisories/mfsa2016-94 https://www.mozilla.org/security/advisories/mfsa2016-95 https://access.redhat.com/security/cve/CVE-2016-9901 https://bugzilla.redhat.com/show_bu • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 0%CPEs: 21EXPL: 1CVE-2016-9895 – Mozilla: CSP bypass using marquee tag (MFSA 2016-94, MFSA 2016-95)
https://notcve.org/view.php?id=CVE-2016-9895
Event handlers on "marquee" elements were executed despite a strict Content Security Policy (CSP) that disallowed inline JavaScript. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6. Los gestores de eventos en los elementos "marquee" se ejecutaron a pesar de que existe un CSP (Content Security Policy) estricto que prohibía el JavaScript inline. La vulnerabilidad afecta a Firefox en versiones anteriores a la 50.1, Firefox ESR en versiones anteriores a la 45.6 y Thunderbird en versiones anteriores a la 45.6. • http://rhn.redhat.com/errata/RHSA-2016-2946.html http://rhn.redhat.com/errata/RHSA-2016-2973.html http://www.securityfocus.com/bid/94885 http://www.securitytracker.com/id/1037461 https://bugzilla.mozilla.org/show_bug.cgi?id=1312272 https://security.gentoo.org/glsa/201701-15 https://www.debian.org/security/2017/dsa-3757 https://www.mozilla.org/security/advisories/mfsa2016-94 https://www.mozilla.org/security/advisories/mfsa2016-95 https://www.mozilla.org/security/advisories&# • CWE-254: 7PK - Security Features •
CVSS: 7.5EPSS: 95%CPEs: 26EXPL: 6CVE-2016-9079 – Mozilla Firefox, Firefox ESR, and Thunderbird Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2016-9079
A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox < 50.0.2, Firefox ESR < 45.5.1, and Thunderbird < 45.5.1. Se ha descubierto una vulnerabilidad de uso de memoria previamente liberada en SVG Animation. Se ha descubierto un exploit construido sobre esta vulnerabilidad "in the wild" que apunta a usuarios de Firefox y Tor Browser en Windows. • https://www.exploit-db.com/exploits/42327 https://www.exploit-db.com/exploits/41151 https://github.com/dangokyo/CVE-2016-9079 https://github.com/LakshmiDesai/CVE-2016-9079 https://github.com/Tau-hub/Firefox-CVE-2016-9079 http://rhn.redhat.com/errata/RHSA-2016-2843.html http://rhn.redhat.com/errata/RHSA-2016-2850.html http://www.securityfocus.com/bid/94591 http://www.securitytracker.com/id/1037370 https://bugzilla.mozilla.org/show_bug.cgi?id=1321066 https://se • CWE-416: Use After Free •
CVSS: 5.9EPSS: 0%CPEs: 19EXPL: 0CVE-2016-8635 – nss: small-subgroups attack flaw
https://notcve.org/view.php?id=CVE-2016-8635
It was found that Diffie Hellman Client key exchange handling in NSS 3.21.x was vulnerable to small subgroup confinement attack. An attacker could use this flaw to recover private keys by confining the client DH key to small subgroup of the desired group. Se ha descubierto que el manejo del intercambio de claves de cliente Diffie Hellman en NSS 3.21.x era vulnerable a un ataque de confinamiento de subgrupo pequeño. Un atacante podría emplear este error para recuperar claves privadas confinando la clave DH del cliente en un subgrupo pequeño del grupo deseado. It was found that Diffie Hellman Client key exchange handling in NSS was vulnerable to small subgroup confinement attack. • http://rhn.redhat.com/errata/RHSA-2016-2779.html http://www.securityfocus.com/bid/94346 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8635 https://security.gentoo.org/glsa/201701-46 https://access.redhat.com/security/cve/CVE-2016-8635 https://bugzilla.redhat.com/show_bug.cgi?id=1391818 • CWE-320: Key Management Errors CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2016-7035 – pacemaker: Privilege escalation due to improper guarding of IPC communication
https://notcve.org/view.php?id=CVE-2016-7035
An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on the machine. Se ha detectado un error en Pacemaker en versiones anteriores a la 1.1.6 por el que no protegía correctamente su interfaz IPC. Un atacante con una cuenta sin privilegios en un nodo Pacemaker podría emplear este error para, por ejemplo, forzar al demonio Local Resource Manager para que ejecute un script como root y, por lo tanto, obtenga acceso root a la máquina An authorization flaw was found in Pacemaker, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on the machine. • http://rhn.redhat.com/errata/RHSA-2016-2614.html http://rhn.redhat.com/errata/RHSA-2016-2675.html http://www.openwall.com/lists/oss-security/2016/11/03/5 http://www.securityfocus.com/bid/94214 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7035 https://github.com/ClusterLabs/pacemaker/commit/5d71e65049 https://lists.clusterlabs.org/pipermail/users/2016-November/004432.html https://security.gentoo.org/glsa/201710-08 https://access.redhat.com/security/cve/CVE-2016- • CWE-285: Improper Authorization •