CVSS: 10.0EPSS: 10%CPEs: 157EXPL: 0CVE-2011-0055 – Mozilla Firefox JSON.stringify Dangling Pointer Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0055
Use-after-free vulnerability in the JSON.stringify method in js3250.dll in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via unspecified vectors related to the js_HasOwnProperty function and garbage collection. Vulnerabilidad de uso después de liberación de memoria en el método JSON.stringify en js3250.dll en Mozilla Firefox en versiones anteriores a 3.5.17 y 3.6.x en versiones anteriores a 3.6.14 y SeaMonkey en versiones anteriores a 2.0.12, podría permitir a atacantes remotos ejecutar código arbitrario a través de vectores inespecificos relacionados con la función js_HasOwnProperty y garbage collection. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within js3250.dll. In the JSON.stringify() call chain js_HasOwnProperty() is called with an invalid pointer. • http://downloads.avaya.com/css/P8/documents/100133195 http://www.mandriva.com/security/advisories?name=MDVSA-2011:041 http://www.mozilla.org/security/announce/2011/mfsa2011-03.html http://www.securityfocus.com/archive/1/516802 http://www.securityfocus.com/bid/46661 http://www.zerodayinitiative.com/advisories/ZDI-11-103 https://bugzilla.mozilla.org/show_bug.cgi?id=616009 https://bugzilla.mozilla.org/show_bug.cgi?id=619255 https://oval.cisecurity.org/repository/search/definition/oval% • CWE-399: Resource Management Errors CWE-416: Use After Free •
CVSS: 9.3EPSS: 20%CPEs: 258EXPL: 0CVE-2010-3769
https://notcve.org/view.php?id=CVE-2010-3769
The line-breaking implementation in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 on Windows does not properly handle long strings, which allows remote attackers to execute arbitrary code via a crafted document.write call that triggers a buffer over-read. La implementación de line-breaking en Mozilla Firefox en versiones anteriores a la 3.5.16 y 3.6.x en versiones anteriores a la 3.6.13, Thunderbird en versiones anteriores a la 3.0.11 y 3.1.x en versiones anteriores a la 3.1.7 y SeaMonkey en versiones anteriores a la 2.0.11 en Windows, no maneja de manera apropiada cadenas largas, lo que permite a atacantes remotos ejecutar código de su elección mediante una llamada document.write debidamente preparada que dispara una sobrelectura del búfer. • http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html http://osvdb.org/69771 http://secunia.com/advisories/42716 http://secunia.com/advisories/42818 http://www.debian.org/security/2010/dsa-2132 http://www.mandriva.com/security/advisories?name=MDVSA-2010:251 http://www.mandriva.com/security/advisories?name=MDV • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2010-4508
https://notcve.org/view.php?id=CVE-2010-4508
The WebSockets implementation in Mozilla Firefox 4 through 4.0 Beta 7 does not properly perform proxy upgrade negotiation, which has unspecified impact and remote attack vectors, related to an "inherent problem" with the WebSocket specification. La implementación WebSockets en Mozilla Firefox v4 hasta v4.0 Beta v7 no realiza adecuadamente la negociación de actualización de proxy, lo que provoca un impacto no especificados y ataque a vectores, relacionado con un problema inherente con la especificación WebSocket. • http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html http://osvdb.org/69758 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12251 https://wiki.mozilla.org/Platform/2010-12-07 •
CVSS: 9.3EPSS: 14%CPEs: 173EXPL: 0CVE-2010-3772 – Mozilla crash and remote code execution using HTML tags inside a XUL tree (MFSA 2010-77)
https://notcve.org/view.php?id=CVE-2010-3772
Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly calculate index values for certain child content in a XUL tree, which allows remote attackers to execute arbitrary code via vectors involving a DIV element within a treechildren element. Mozilla Firefox en versiones anteriores a la 3.5.16 y 3.6.x en versiones anteriores a la 3.6.13 y SeaMonkey en versiones anteriores a la 2.0.11, no calculan adecuadamente los valores de los índices para ciertos contenidos hijos en un árbol XUL, lo que permite a atacantes remotos ejecutar código de su elección mediante vectores que involucran un elemento DIV dentro de un elemento treechildren. • http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html http://secunia.com/advisories/42716 http://secunia.com/advisories/42818 http://support.avaya.com/css/P8& • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 45%CPEs: 149EXPL: 0CVE-2010-3778
https://notcve.org/view.php?id=CVE-2010-3778
Unspecified vulnerability in Mozilla Firefox 3.5.x before 3.5.16, Thunderbird before 3.0.11, and SeaMonkey before 2.0.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Vulnerabilidad no especificada en Mozilla Firefox 3.5.x en versiones anteriores a la 3.5.16, Thunderbird en versiones anteriores a la 3.0.11 y SeaMonkey en versiones anteriores a la 2.0.11, permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) o posiblemente ejecutar código de su elección mediante vectores no desconocidos. • http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html http://secunia.com/advisories/42716 http://secunia.com/advisories/42818 http://www.debian.org/security/2010/dsa-2132 http://www.mandriva.com/security/advisories?name=MDVSA-2010:258 http://www.mozilla.org/security/announce/2010/mfsa2010-74.html http://www& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •