Page 59 of 784 results (0.012 seconds)

CVSS: 9.3EPSS: 91%CPEs: 3EXPL: 2

CVE-2020-26950 – Mozilla: Write side effects in MCallGetProperty opcode not accounted for

https://notcve.org/view.php?id=CVE-2020-26950

In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox < 82.0.3, Firefox ESR < 78.4.1, and Thunderbird < 78.4.2. En determinadas circunstancias, el opcode MCallGetProperty puede ser emitido con suposiciones no cumplidas, resultando en una condición de uso de la memoria previamente liberada explotable. Esta vulnerabilidad afecta a Firefox versiones anteriores a 82.0.3, Firefox ESR versiones anteriores a 78.4.1, y Thunderbird versiones anteriores a 78.4.2 • http://packetstormsecurity.com/files/166175/Firefox-MCallGetProperty-Write-Side-Effects-Use-After-Free.html https://bugzilla.mozilla.org/show_bug.cgi?id=1675905 https://www.mozilla.org/security/advisories/mfsa2020-49 https://access.redhat.com/security/cve/CVE-2020-26950 https://bugzilla.redhat.com/show_bug.cgi?id=1896306 https://www.mozilla.org/en-US/security/advisories/mfsa2020-49/#CVE-2020-26950 https://www.sentinelone.com/labs/firefox-jit-use-after-frees-exploiting-cve-2020-26950 • CWE-416: Use After Free •

CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 0

CVE-2020-15683 – Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4

https://notcve.org/view.php?id=CVE-2020-15683

Mozilla developers and community members reported memory safety bugs present in Firefox 81 and Firefox ESR 78.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.4, Firefox < 82, and Thunderbird < 78.4. Los desarrolladores de Mozilla y los miembros de la comunidad informaron bugs de seguridad de la memoria presentes en Firefox versión 81 y Firefox ESR versión 78.3.&#xa0;Algunos de estos bugs mostraron evidencia de corrupción de la memoria y suponemos que con suficiente esfuerzo algunos de ellos podrían haber sido explotados para ejecutar código arbitrario. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00057.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00062.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00074.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00077.html https://bugzilla.mozilla.org/buglist.cgi?bug_id=1576843%2C1656987%2C1660954%2C1662760%2C1663439%2C1666140 https://lists.debian.org/debian-lts-announce/2020/10/msg00027.html https://security.gentoo.org/glsa/202010 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-416: Use After Free CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2020-15670

https://notcve.org/view.php?id=CVE-2020-15670

Mozilla developers reported memory safety bugs present in Firefox for Android 79. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 80, Firefox ESR < 78.2, Thunderbird < 78.2, and Firefox for Android < 80. Los desarrolladores de Mozilla reportaron de unos bugs de seguridad de la memoria presentes en Firefox para Android versión 79. Algunos de estos bugs han mostrado evidencia de corrupción de la memoria y suponemos que con suficiente esfuerzo algunos de ellos podrían haber sido explotados para ejecutar código arbitrario. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1651001%2C1653626%2C1656957 https://www.mozilla.org/security/advisories/mfsa2020-36 https://www.mozilla.org/security/advisories/mfsa2020-38 https://www.mozilla.org/security/advisories/mfsa2020-39 https://www.mozilla.org/security/advisories/mfsa2020-41 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free CWE-617: Reachable Assertion •

CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0

CVE-2020-15676 – Mozilla: XSS when pasting attacker-controlled data into a contenteditable element

https://notcve.org/view.php?id=CVE-2020-15676

Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3. Firefox a veces ejecutaba el manejador de carga para elementos SVG que el saneador DOM decidió eliminar, resultando en que el JavaScript sea ejecutado después de pegar los datos controlados por el atacante en un elemento satisfactorio.&#xa0;Esta vulnerabilidad afecta a Firefox versiones anteriores a 81, Thunderbird versiones anteriores a 78.3, y Firefox ESR versiones anteriores a 78.3 The Mozilla Foundation Security Advisory describes this flaw as: Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00074.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00077.html https://bugzilla.mozilla.org/show_bug.cgi?id=1646140 https://lists.debian.org/debian-lts-announce/2020/10/msg00020.html https://security.gentoo.org/glsa/202010-02 https://www.debian.org/security/2020/dsa-4770 https://www.mozilla.org/security/advisories/mfsa2020-42 https://www.mozilla.org/security/advisories/mfsa2020-43 https://www.mozil • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0

CVE-2020-15678 – Mozilla: When recursing through layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free scenario

https://notcve.org/view.php?id=CVE-2020-15678

When recursing through graphical layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free. This occurs because the function APZCTreeManager::ComputeClippedCompositionBounds did not follow iterator invalidation rules. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3. Al volver a recorrer las capas gráficas mientras se desplaza, es posible que un iterador pueda convertirse en no válido, resultando en un potencial uso de la memoria previamente liberada.&#xa0;Esto ocurre porque la función APZCTreeManager::ComputeClippedCompositionBounds no siguió las reglas de invalidación del iterador. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00074.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00077.html https://bugzilla.mozilla.org/show_bug.cgi?id=1660211 https://lists.debian.org/debian-lts-announce/2020/10/msg00020.html https://security.gentoo.org/glsa/202010-02 https://www.debian.org/security/2020/dsa-4770 https://www.mozilla.org/security/advisories/mfsa2020-42 https://www.mozilla.org/security/advisories/mfsa2020-43 https://www.mozil • CWE-416: Use After Free •