CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-11014
https://notcve.org/view.php?id=CVE-2017-11014
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while parsing a Measurement Request IE in a Roam Neighbor Action Report, a buffer overflow can occur. En Android for MSM, Firefox OS for MSM, QRD Android, con todas las distribuciones de Android de CAF que utilizan el kernel de Linux, mientras se analiza sintácticamente un Measurement Request IE en un Roam Neighbor Action Report, puede ocurrir una desbordamiento de búfer. • http://www.securityfocus.com/bid/101774 https://source.android.com/security/bulletin/2017-11-01 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-11013
https://notcve.org/view.php?id=CVE-2017-11013
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, countOffset (in function UnpackCore) is increased for each loop, while there is no boundary check against "pIe->arraybound". En Android for MSM, Firefox OS for MSM, QRD Android, con todas las distribuciones de Android de CAF que utilizan el kernel de Linux, countOffset (en la función UnpackCore) se incrementa con cada bucle, ya que no hay ningún chequeo de límites en "ple->arraybound". • http://www.securityfocus.com/bid/101774 https://source.android.com/security/bulletin/2017-11-01 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 17EXPL: 0CVE-2017-7826 – Mozilla: Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5 (MFSA 2017-25)
https://notcve.org/view.php?id=CVE-2017-7826
Memory safety bugs were reported in Firefox 56 and Firefox ESR 52.4. ... This vulnerability affects Firefox < 57, Firefox ESR < 52.5, and Thunderbird < 52.5. Se han informado de errores de seguridad de memoria en Firefox 56 y Firefox ESR 52.4. ... Esta vulnerabilidad afecta a las versiones anteriores a la 57 de Firefox, las versiones anteriores a la 52.5 de Firefox ESR y las versiones anteriores a la 52.5 de Thunderbird. • http://www.securityfocus.com/bid/101832 http://www.securitytracker.com/id/1039803 https://access.redhat.com/errata/RHSA-2017:3247 https://access.redhat.com/errata/RHSA-2017:3372 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1394530%2C1369561%2C1411458%2C1400003%2C1395138%2C1408412%2C1393840%2C1400763%2C1339259%2C1394265%2C1407740%2C1407751%2C1408005%2C1406398%2C1387799%2C1261175%2C1400554%2C1375146%2C1397811%2C1404636%2C1401804 https://lists.debian.org/debian-lts-announce/2017/11/msg00018.html https://lists.debian.org/de • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 15EXPL: 0CVE-2017-7828 – Mozilla: Use-after-free of PressShell while restyling layout (MFSA 2017-25)
https://notcve.org/view.php?id=CVE-2017-7828
This vulnerability affects Firefox < 57, Firefox ESR < 52.5, and Thunderbird < 52.5. ... Esta vulnerabilidad afecta a las versiones anteriores a la 57 de Firefox, las versiones anteriores a la 52.5 de Firefox ESR y las versiones anteriores a la 52.5 de Thunderbird. • http://www.securityfocus.com/bid/101832 http://www.securitytracker.com/id/1039803 https://access.redhat.com/errata/RHSA-2017:3247 https://access.redhat.com/errata/RHSA-2017:3372 https://bugzilla.mozilla.org/show_bug.cgi?id=1406750 https://bugzilla.mozilla.org/show_bug.cgi?id=1412252 https://lists.debian.org/debian-lts-announce/2017/11/msg00018.html https://lists.debian.org/debian-lts-announce/2017/12/msg00001.html https://www.debian.org/security/2017/dsa-4035 https:// • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2017-7811
https://notcve.org/view.php?id=CVE-2017-7811
Memory safety bugs were reported in Firefox 55. ... This vulnerability affects Firefox < 56. Se han informado de errores de seguridad de memoria en Firefox 55. ... Esta vulnerabilidad afecta a las versiones anteriores a la 56 de Firefox. • http://www.securityfocus.com/bid/101057 http://www.securitytracker.com/id/1039465 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1392105%2C1395919%2C1388113%2C1348955%2C1394522%2C1387659%2C1369560%2C1388045%2C1378658%2C1379414%2C1385112%2C1367497 https://www.mozilla.org/security/advisories/mfsa2017-21 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •