Page 396 of 2337 results (0.023 seconds)

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 1

CVE-2008-5822

https://notcve.org/view.php?id=CVE-2008-5822

Memory leak in Libxul, as used in Mozilla Firefox 3.0.5 and other products, allows remote attackers to cause a denial of service (memory consumption and browser hang) via a long CLASS attribute in an HR element in an HTML document. Fugas de memoria en Libxul, como las utilizadas en Mozilla Firefox v3.0.5 y otros productos, permiten a atacantes remotos provocar una denegación de servicio (consumo de memoria y cuelgue del navegador) a través del un atributo CLASS largo en un elemento HR de un documento HTML. • http://jbrownsec.blogspot.com/2008/12/new-year-research-are-upon-us.html http://www.packetstormsecurity.org/0812-exploits/mzff_libxul_ml.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/47758 • CWE-399: Resource Management Errors •

CVSS: 5.0EPSS: 2%CPEs: 2EXPL: 1

CVE-2008-5715 – Mozilla Firefox 3.0.5 - location.hash Remote Crash

https://notcve.org/view.php?id=CVE-2008-5715

Mozilla Firefox 3.0.5 on Windows Vista allows remote attackers to cause a denial of service (application crash) via JavaScript code with a long string value for the hash property (aka location.hash). NOTE: it was later reported that earlier versions are also affected, and that the impact is CPU consumption and application hang in unspecified circumstances perhaps involving other platforms. Firefox 3.0.5 de Mozilla en Windows Vista permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) mediante código JavaScript con un valor de cadena largo para la propiedad hash (también conocido como location.hash). • https://www.exploit-db.com/exploits/7554 http://osvdb.org/51032 http://securityreason.com/securityalert/4807 http://websecurity.com.ua/3424 http://www.securityfocus.com/archive/1/506006/100/0/threaded http://www.securityfocus.com/bid/32988 https://exchange.xforce.ibmcloud.com/vulnerabilities/47572 • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 4%CPEs: 5EXPL: 0

CVE-2008-5502 – JavaScript engine crash - Firefox 3 only

https://notcve.org/view.php?id=CVE-2008-5502

The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) via vectors that trigger memory corruption, related to the GetXMLEntity and FastAppendChar functions. El motor de diseño en Mozilla Firefox 3.x antes de v3.0.5, Thunderbird 2.x antes de v2.0.0.19 y SeaMonkey 1.x antes de v1.1.14 permite a atacantes remotos provocar una denegación de servicio (caída) mediante vectores que disparan una corrupción de memoria, relacionada con las funciones GetXMLEntity y FastAppendChar. • http://secunia.com/advisories/33188 http://secunia.com/advisories/33189 http://secunia.com/advisories/33203 http://secunia.com/advisories/33216 http://secunia.com/advisories/33421 http://secunia.com/advisories/34501 http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1 http://www.mandriva.com/security/advisories?name=MDVSA-2008:245 http://www.mozilla.org/security/announce/2008/mfsa2008-60.html http://www.redhat.com/support/errata/RHSA-2008-1036.html http://ww • CWE-399: Resource Management Errors •

CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0

CVE-2008-5505 – Firefox 3 User tracking via XUL persist attribute

https://notcve.org/view.php?id=CVE-2008-5505

Mozilla Firefox 3.x before 3.0.5 allows remote attackers to bypass intended privacy restrictions by using the persist attribute in an XUL element to create and access data entities that are similar to cookies. Mozilla Firefox 3.x antes de v3.0.5 permite a atacantes remotos evitar las restricciones de privacidad previstas utilizando el atributo persist en un elemento XUL para crear y acceder las entidades de datos que son parecidas a las cookies. • http://secunia.com/advisories/33188 http://secunia.com/advisories/33203 http://secunia.com/advisories/33216 http://secunia.com/advisories/34501 http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1 http://www.mandriva.com/security/advisories?name=MDVSA-2008:245 http://www.mozilla.org/security/announce/2008/mfsa2008-63.html http://www.redhat.com/support/errata/RHSA-2008-1036.html http://www.securityfocus.com/bid/32882 http://www.securitytracker.com/id?1021428 http • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.0EPSS: 5%CPEs: 5EXPL: 0

CVE-2008-5501 – Layout engine crash - Firefox 3 only

https://notcve.org/view.php?id=CVE-2008-5501

The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service via vectors that trigger an assertion failure. El motor de diseño en Mozilla Firefox 3.x en versiones anteriores 3.0.5, Thunderbird 2.x en versiones anteriores a 2.0.0.19, y SeaMonkey 1.x en versiones anteriores 1.1.14 que permite a los atacantes remotos causar una denegación de servicios a través de vectores que lanzar un fallo de evaluación. • http://secunia.com/advisories/33188 http://secunia.com/advisories/33189 http://secunia.com/advisories/33203 http://secunia.com/advisories/33216 http://secunia.com/advisories/33421 http://secunia.com/advisories/34501 http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1 http://www.mandriva.com/security/advisories?name=MDVSA-2008:245 http://www.mozilla.org/security/announce/2008/mfsa2008-60.html http://www.redhat.com/support/errata/RHSA-2008-1036.html http://ww •