Page 378 of 2504 results (0.026 seconds)

CVSS: 7.5EPSS: 1%CPEs: 167EXPL: 0

CVE-2011-0076

https://notcve.org/view.php?id=CVE-2011-0076

Unspecified vulnerability in the Java Embedding Plugin (JEP) in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, on Mac OS X allows remote attackers to bypass intended access restrictions via unknown vectors. Vulnerabilidad no especificada en el Java Embedding Plugin (JEP) en Mozilla Firefox anterior a v3.5.19 y v3.6.x anterior a v3.6.17, y SeaMonkey anterior a v2.0.14, en Mac OS X permite a atacantes remotos evitar las restricciones de acceso a través de vectores desconocidos. • http://www.mandriva.com/security/advisories?name=MDVSA-2011:079 http://www.mozilla.org/security/announce/2011/mfsa2011-15.html https://bugzilla.mozilla.org/show_bug.cgi?id=634724 https://bugzilla.mozilla.org/show_bug.cgi?id=644682 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14498 •

CVSS: 10.0EPSS: 17%CPEs: 13EXPL: 1

CVE-2011-0079

https://notcve.org/view.php?id=CVE-2011-0079

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x before 4.0.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to gfx/layers/d3d10/ReadbackManagerD3D10.cpp and unknown other vectors. Multiples vulnerabilidades no especificadas en el motor del navegador de Mozilla Firefox v4.x anterior a v4.0.1 permite a atacantes remotos causar una denegación de servicio (corrupción de memoria y caída de la aplicación) o posiblemente ejecutar código arbitrario mediante vectores relacionados con fx/layers/d3d10/ReadbackManagerD3D10.cpp y otros vectores desconocidos. • http://www.mozilla.org/security/announce/2011/mfsa2011-12.html https://bugzilla.mozilla.org/show_bug.cgi?id=601102 https://bugzilla.mozilla.org/show_bug.cgi?id=639343 https://bugzilla.mozilla.org/show_bug.cgi?id=639728 https://bugzilla.mozilla.org/show_bug.cgi?id=639885 https://bugzilla.mozilla.org/show_bug.cgi? •

CVSS: 10.0EPSS: 59%CPEs: 163EXPL: 0

CVE-2011-0080 – Mozilla memory safety issue (MFSA 2011-12)

https://notcve.org/view.php?id=CVE-2011-0080

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Multiples vulnerabilidades no especificadas en el motor del navegador de Mozilla Firefox v3.5.x anterior a v3.5.19 y v3.6.x anterior a v3.6.17, Thunderbird anterior a v.3.1.10 y SeaMonkey anterior a v2.0.14 permite a atacantes remotos generar una denegación de servicio (corrupción de memoria y caída de la aplicación) o posiblemente ejecutar código arbitrario a través de vectores desconocidos. • http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_thunderbird http://downloads.avaya.com/css/P8/documents/100134543 http://downloads.avaya.com/css/P8/documents/100144158 http://www.debian.org/security/2011/dsa-2227 http://www.debian.org/security/2011/dsa-2228 http://www.debian.org/security/2011/dsa-2235 http://www.mandriva.com/security/advisories?name=MDVSA-2011:079 http://www.mandriva.com/security/advisories?name=MDVSA-2011:080 http://www.mozilla.org/security/ •

CVSS: 10.0EPSS: 18%CPEs: 37EXPL: 0

CVE-2011-0081 – Mozilla memory safety issue (MFSA 2011-12)

https://notcve.org/view.php?id=CVE-2011-0081

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.17 and 4.x before 4.0.1, and Thunderbird 3.1.x before 3.1.10, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Vulnerabilidad no especificada en el motor del navegador de Mozilla Firefox v3.6.x anterior a v3.6.17 y v4.x anterior a v4.0.1, y Thunderbird v3.1.x anterior a v3.1.10, permite a atacantes remotos generar una denegación de servicio (corrupción de memoria y caída de la aplicación) o posiblemente ejecutar código arbitrario a través de vectores desconocidos. • http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_thunderbird http://downloads.avaya.com/css/P8/documents/100144158 http://www.debian.org/security/2011/dsa-2227 http://www.debian.org/security/2011/dsa-2228 http://www.debian.org/security/2011/dsa-2235 http://www.mandriva.com/security/advisories?name=MDVSA-2011:079 http://www.mandriva.com/security/advisories?name=MDVSA-2011:080 http://www.mozilla.org/security/announce/2011/mfsa2011-12.html http://www.securityfocus. •

CVSS: 10.0EPSS: 96%CPEs: 164EXPL: 4

CVE-2011-0065 – Mozilla Firefox OBJECT mChannel Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2011-0065

Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mChannel. Vulnerabilidad de uso después de la liberación (Use-after-free) en Mozilla Firefox anterior a v3.5.19 y v3.6.x anterior a v3.6.17, y SeaMonkey anterior a v2.0.14, permite a atacantes remotos ejecutar código arbitrario mediante OBJECT's mChannel. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the OnChannelRedirect method. When an OBJECT element has no mChannel assigned, it is possible to call the |OnChannelRedirect| method, setting a nearly arbitrary object as the channel in use. • https://www.exploit-db.com/exploits/18377 https://www.exploit-db.com/exploits/17672 https://www.exploit-db.com/exploits/17650 https://www.exploit-db.com/exploits/17612 http://downloads.avaya.com/css/P8/documents/100144158 http://securityreason.com/securityalert/8326 http://securityreason.com/securityalert/8331 http://securityreason.com/securityalert/8340 http://www.debian.org/security/2011/dsa-2227 http://www.debian.org/security/2011/dsa-2228 http://www.debian.org/security • CWE-399: Resource Management Errors CWE-416: Use After Free •