Page 404 of 2521 results (0.062 seconds)

CVSS: 10.0EPSS: 10%CPEs: 205EXPL: 0

CVE-2010-0175 – Mozilla Firefox nsTreeSelection EventListener Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2010-0175

Use-after-free vulnerability in the nsTreeSelection implementation in Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.9, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors that trigger a call to the handler for the select event for XUL tree items. Vulnerabilidad de uso después de la liberación (Use after free)en la implementación nsTreeSelection en Mozilla Firefox anteriores a v3.0.19 y v3.5.x anteriores a v3.5.9, Thunderbird anteriores a v3.0.4, y SeaMonkey anteriores a v2.0.4, permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (caída de la aplicación) a través de vectores no específicos que pueden provocar una llamada a ciertos gestores de de eventos. This vulnerability allows remote attackers to execute arbitrary code on software utilizing a vulnerable version of Mozilla's Firefox. User interaction is required in that the victim must visit a malicious website or be coerced into opening a malicious document. The specific flaw exists within how the application handles particular events for an nsTreeSelection element. Upon execution of a "select" event the application will access an element without checking to see if it's been previously freed or not. • http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038367.html http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038378.html http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038406.html http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html http://secunia.com/advisories/38566 http://secunia.com/advisories/39117 http://secunia.com/advisories/39136 http://secunia.com/advisories/39204 http://secunia.com/advisories/39240 http:&# • CWE-399: Resource Management Errors CWE-416: Use After Free •

CVSS: 10.0EPSS: 43%CPEs: 144EXPL: 0

CVE-2010-0177 – Mozilla Firefox PluginArray nsMimeType Dangling Pointer Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2010-0177

Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, frees the contents of the window.navigator.plugins array while a reference to an array element is still active, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to a "dangling pointer vulnerability." El objeto window.navigator.plugins en Mozilla Firefox anteriores a v3.0.19, 3.5.x anteriores a v3.5.9, y v3.6.x anteriores a v3.6.2, y SeaMonkey anteriores a v2.0.4, no gestiona adecuadamente la memoria durante la recarga de una pagina, lo que permite a atacantes remotos ejecutar código de forma arbitraria o producir una denegación de servicio (caída de aplicación) a través de vectores inespecíficos que inician el borrado de objetos referenciados, relacionado con la "vulnerabilidad de puntero colgado". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that a user must be coerced to viewing a malicious document. The specific flaw exists within the way the application implements the window.navigator.plugins array. Due to the application freeing the contents of the array while a reference to one of the elements is still being used, an attacker can utilize the free reference to call arbitrary code. • http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html http://secunia.com/advisories/38566 http://secunia.com/advisories/39117 http://secunia.com/advisories/39136 http://secunia.com/advisories/39240 http://secunia.com/advisories/39243 http://secunia.com/advisories/39308 http://secunia.com/advisories/39397 http://securitytracker.com/id?1023776 http://ubuntu.com/usn/usn-921-1 http://www.debian.org/security/2010/dsa-2027 http://www.mandriva.com/security&# • CWE-399: Resource Management Errors •

CVSS: 5.8EPSS: 0%CPEs: 78EXPL: 0

CVE-2010-1125 – firefox: keystrokes sent to hidden frame rather than visible frame due to javascript flaw

https://notcve.org/view.php?id=CVE-2010-1125

The JavaScript implementation in Mozilla Firefox 3.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via certain calls to the focus method. La implementación de JavaScript en Firefox versiones 3.x anteriores a 3.5.10 y versiones 3.6.x anteriores a 3.6.4, y SeaMonkey anterior a versión 2.0.5, de Mozilla, permite a los atacantes remotos enviar pulsaciones de teclas (keystrokes) seleccionadas en un campo de formulario en un marco oculto, en lugar del campo de formulario previsto en un marco visible, por medio de ciertas llamadas al método focus. • http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043369.html http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043405.html http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00005.html http://secunia.com/advisories/40326 http://secunia.com/advisories/40401 http://secunia.com/advisories/40481 http://support.avaya.com/css/P8/documents/100091069 http://ubuntu.com/usn/usn-930-1 http://www.mandriva.com/security/advisories?name=MDVSA-2010:125 ht • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 10.0EPSS: 1%CPEs: 6EXPL: 0

CVE-2010-1122

https://notcve.org/view.php?id=CVE-2010-1122

Unspecified vulnerability in Mozilla Firefox 3.5.x through 3.5.8 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly have unknown other impact via vectors that might involve compressed data, a different vulnerability than CVE-2010-1028. Vulnerabilidad no especificada en Mozilla Firefox 3.5.x hasta 3.5.8 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) y puede que tenga otros impactos que no se conozcan utilizando vectores que puede que formen parte de datos comprimidos. Se trata de una vulnerabilidad diferente a CVE-2010-1028. • http://www.mandriva.com/security/advisories?name=MDVSA-2010:070 https://bugzilla.mozilla.org/show_bug.cgi?id=552216 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12448 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 7%CPEs: 1EXPL: 1

CVE-2010-0164 – Mozilla Firefox libpr0n imgContainer Bits-Per-Pixel Change Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2010-0164

Use-after-free vulnerability in the imgContainer::InternalAddFrameHelper function in src/imgContainer.cpp in libpr0n in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a multipart/x-mixed-replace animation in which the frames have different bits-per-pixel (bpp) values. Vulnerabilidad uso después de la liberación (use-after-free) en la función imgContainer::InternalAddFrameHelper en src/imgContainer.cpp en libpr0n en Mozilla Firefox v3.6 anterior a v3.6.2 permite a atacantes remotos producir una denegación de servicio (corrupción de la memoria de la pila y caída de la aplicación) o posiblemente ejecución arbitraria de código a través de una animación multipart/x-mixed-replace en el que los frames tienen valores diferentes de bit por pixel (bpp). This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the libpr0n library which is responsible for handling image caching and animation and is due to the way the application handles animations received from the server via the multipart/x-mixed-replace mimetype. During a case where the bits-per-pixel changes, the application will free a pointer and then can be made to reuse the freed pointer later. • http://www.mandriva.com/security/advisories?name=MDVSA-2010:070 http://www.mozilla.org/security/announce/2010/mfsa2010-09.html http://www.securityfocus.com/archive/1/510535/100/0/threaded http://www.securityfocus.com/bid/38918 http://www.securityfocus.com/bid/38921 http://www.vupen.com/english/advisories/2010/0692 http://www.zerodayinitiative.com/advisories/ZDI-10-047 https://bugzilla.mozilla.org/show_bug.cgi?id=547143 https://oval.cisecurity.org/repository/search/definition/oval • CWE-399: Resource Management Errors •