CVSS: 9.8EPSS: 4%CPEs: 18EXPL: 1CVE-2017-5439 – Mozilla: Use-after-free in nsTArray Length() during XSLT processing (MFSA 2017-11, MFSA 2017-12)
https://notcve.org/view.php?id=CVE-2017-5439
20 Apr 2017 — A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. Vulnerabilidad de uso de memoria previamente liberada durante el procesamiento XSLT debido a la mala gestión de parámetros de plantilla. Esto resulta en un cierre inesperado potencialmente explotable. • http://www.securityfocus.com/bid/103053 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 3%CPEs: 18EXPL: 1CVE-2017-5440 – Mozilla: Use-after-free in txExecutionState destructor during XSLT processing (MFSA 2017-11, MFSA 2017-12)
https://notcve.org/view.php?id=CVE-2017-5440
20 Apr 2017 — A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions during matching while evaluating context, leading to objects being used when they no longer exist. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. Vulnerabilidad de uso de memoria previamente liberada durante el procesamiento XSLT debido al error para propagar condiciones de error durante el proceso de b... • http://www.securityfocus.com/bid/97940 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 3%CPEs: 18EXPL: 1CVE-2017-5441 – Mozilla: Use-after-free with selection during scroll events (MFSA 2017-11, MFSA 2017-12)
https://notcve.org/view.php?id=CVE-2017-5441
20 Apr 2017 — A use-after-free vulnerability when holding a selection during scroll events. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. Vulnerabilidad de uso de memoria previamente liberada al mantener una selección durante los eventos de desplazamiento. Esto resulta en un cierre inesperado potencialmente explotable. • http://www.securityfocus.com/bid/97940 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 3%CPEs: 18EXPL: 0CVE-2017-5442 – Mozilla: Use-after-free during style changes (MFSA 2017-11, MFSA 2017-12)
https://notcve.org/view.php?id=CVE-2017-5442
20 Apr 2017 — A use-after-free vulnerability during changes in style when manipulating DOM elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. Vulnerabilidad de uso de memoria previamente liberada durante los cambios de estilo al manipular elementos DOM. Esto resulta en un cierre inesperado potencialmente explotable. • http://www.securityfocus.com/bid/97940 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 3%CPEs: 18EXPL: 1CVE-2017-5443 – Mozilla: Out-of-bounds write during BinHex decoding (MFSA 2017-11, MFSA 2017-12)
https://notcve.org/view.php?id=CVE-2017-5443
20 Apr 2017 — An out-of-bounds write vulnerability while decoding improperly formed BinHex format archives. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. Vulnerabilidad de escritura fuera de límites al descodificar archivos de formato BinHex creados incorrectamente. La vulnerabilidad afecta a Thunderbird en versiones anteriores a la 52.1, Firefox ESR en versiones anteriores a la 45.9, Firefox en versiones anteriores a la 52.1 y Firefox en versiones anteriores a l... • http://www.securityfocus.com/bid/97940 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 4%CPEs: 18EXPL: 0CVE-2017-5444 – Mozilla: Buffer overflow while parsing application/http-index-format content (MFSA 2017-11, MFSA 2017-12)
https://notcve.org/view.php?id=CVE-2017-5444
20 Apr 2017 — A buffer overflow vulnerability while parsing "application/http-index-format" format content when the header contains improperly formatted data. This allows for an out-of-bounds read of data from memory. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. Vulnerabilidad de desbordamiento de búfer al analizar contenido de formato "application/http-index-format" cuando la cabecera contiene datos formateados incorrectamente. Esto permite la lectura fuera de ... • http://www.securityfocus.com/bid/97940 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 2%CPEs: 18EXPL: 1CVE-2017-5445 – Mozilla: Uninitialized values used while parsing application/http-index-format content (MFSA 2017-11, MFSA 2017-12)
https://notcve.org/view.php?id=CVE-2017-5445
20 Apr 2017 — A vulnerability while parsing "application/http-index-format" format content where uninitialized values are used to create an array. This could allow the reading of uninitialized memory into the arrays affected. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. Vulnerabilidad al analizar contenido de formato "application/http-index-format" en el que se emplean variables no inicializadas para crear un array. Esto podría permitir la lectura de memoria no ... • http://www.securityfocus.com/bid/97940 • CWE-129: Improper Validation of Array Index •
CVSS: 9.8EPSS: 2%CPEs: 18EXPL: 1CVE-2017-5446 – Mozilla: Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data (MFSA 2017-11, MFSA 2017-12)
https://notcve.org/view.php?id=CVE-2017-5446
20 Apr 2017 — An out-of-bounds read when an HTTP/2 connection to a servers sends "DATA" frames with incorrect data content. This leads to a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. Lectura fuera de límites cuando una conexión HTTP/2 a un servidor envía frames "DATA" con contenido data erróneo. Esto resulta en un cierre inesperado potencialmente explotable. • http://www.securityfocus.com/bid/97940 • CWE-125: Out-of-bounds Read •
CVSS: 9.1EPSS: 28%CPEs: 18EXPL: 3CVE-2017-5447 – Mozilla Firefox < 53 - 'gfxTextRun' Out-of-Bounds Read
https://notcve.org/view.php?id=CVE-2017-5447
20 Apr 2017 — An out-of-bounds read during the processing of glyph widths during text layout. This results in a potentially exploitable crash and could allow an attacker to read otherwise inaccessible memory. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. Lectura fuera de límites durante el procesamiento de anchos de glifo durante el diseño de texto. Esto resulta en un cierre inesperado potencialmente explotable y podría permitir que un atacante lea datos de la me... • https://packetstorm.news/files/id/142668 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 2%CPEs: 16EXPL: 0CVE-2017-5449 – Mozilla: Crash during bidirectional unicode manipulation with animation (MFSA 2017-11, MFSA 2017-12)
https://notcve.org/view.php?id=CVE-2017-5449
20 Apr 2017 — A possibly exploitable crash triggered during layout and manipulation of bidirectional unicode text in concert with CSS animations. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53. Cierre inesperado posiblemente explotable desencadenado durante el diseño y manipulación de texto unicode bidireccional junto con animaciones CSS. La vulnerabilidad afecta a Thunderbird en versiones anteriores a la 52.1, Firefox ESR en versiones anteriores a la 52.1 y Firefox en versiones anter... • http://www.securityfocus.com/bid/97940 • CWE-20: Improper Input Validation •