CVSS: 4.3EPSS: 1%CPEs: 165EXPL: 0CVE-2012-0479 – Mozilla: Potential site identity spoofing when loading RSS and Atom feeds (MFSA 2012-33)
https://notcve.org/view.php?id=CVE-2012-0479
Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to spoof the address bar via an https URL for invalid (1) RSS or (2) Atom XML content. Mozilla Firefox v4.x hasta v11.0, Firefox ESR v10.x antes de v10.0.4, Thunderbird v5.0 hasta v11.0, Thunderbird ESR v10.x antes de v10.0.4, y SeaMonkey antes de v2.9 permite a atacantes remotos falsificar la barra de dirección a través de una URL https hacia contenido no válido (1) RSS o (2) Atom XML. • http://secunia.com/advisories/48920 http://secunia.com/advisories/48922 http://secunia.com/advisories/48972 http://secunia.com/advisories/49047 http://secunia.com/advisories/49055 http://www.debian.org/security/2012/dsa-2457 http://www.debian.org/security/2012/dsa-2458 http://www.debian.org/security/2012/dsa-2464 http://www.mandriva.com/security/advisories?name=MDVSA-2012:066 http://www.mandriva.com/security/advisories?name=MDVSA-2012:081 http://www.mozilla.org/security •
CVSS: 6.8EPSS: 2%CPEs: 6EXPL: 0CVE-2011-3062 – Mozilla: Off-by-one error in OpenType Sanitizer (MFSA 2012-31)
https://notcve.org/view.php?id=CVE-2011-3062
Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted OpenType file. Error de tipo "Off-by-one" en OpenType Sanitizer en Google Chrome anterior a v18.0.1025.142 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de un archivo modificado de OpenType. • http://code.google.com/p/chromium/issues/detail?id=116524 http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html http://osvdb.org/80740 http://secunia.com/advisories/48618 http://secunia.com/advisories/48691 http://secunia.com/advisories/48763 http://secunia.com/advisories/48972 http://secunia.com/advisories/49047 http://secunia.com/advisories/49055 http://www.mandriva.com/security/advisories?name=MDVSA-2012:066 http://www.mandriva.com/secu • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-682: Incorrect Calculation •
CVSS: 6.8EPSS: 0%CPEs: 271EXPL: 0CVE-2011-2983 – Mozilla: Private data leakage using RegExp.input
https://notcve.org/view.php?id=CVE-2011-2983
Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products does not properly handle the RegExp.input property, which allows remote attackers to bypass the Same Origin Policy and read data from a different domain via a crafted web site, possibly related to a use-after-free. Firefox anterior a versión 3.6.20, Thunderbird versiones 2.x y versiones 3.x anteriores a 3.1.12, SeaMonkey versiones 1.x y 2.x, y posiblemente otros productos de Mozilla, no manejan apropiadamente la propiedad RegExp.input, lo que permite a los atacantes remotos omitir la Política del Mismo Origen y leer datos de un dominio diferente por medio de un sitio web diseñado, posiblemente relacionado con un uso de memoria previamente liberada. • http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00027.html http://www.debian.org/security/2011/dsa-2295 http://www.debian.org/security/2011/dsa-2296 http://www.debian.org/security/2011/dsa-2297 http://www.mandriva.com/security/advisories?name=MDVSA-2011:127 http://www.mozilla.org/security/announce/2011/mfsa2011-30.html http://www.redhat.com/support/errata/RHSA-2011-1164.html http://ww • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 1%CPEs: 210EXPL: 0CVE-2011-2984 – Mozilla: Privilege escalation dropping a tab element in content area
https://notcve.org/view.php?id=CVE-2011-2984
Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly handle the dropping of a tab element, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by establishing a content area and registering for drop events. Firefox anterior a versión 3.6.20, SeaMonkey versiones 2.x, Thunderbird versiones 3.x anteriores a 3.1.12, y posiblemente otros productos de Mozilla, no manejan apropiadamente la caída de un elemento de pestaña, que permite a los atacantes remotos ejecutar código JavaScript arbitrario con privilegios de chrome al establecer un área de contenido y registrando eventos de caída. • http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00027.html http://www.debian.org/security/2011/dsa-2295 http://www.debian.org/security/2011/dsa-2296 http://www.debian.org/security/2011/dsa-2297 http://www.mandriva.com/security/advisories?name=MDVSA-2011:127 http://www.mozilla.org/security/announce/2011/mfsa2011-30.html http://www.redhat.com/support/errata/RHSA-2011-1164.html https://b • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 76%CPEs: 208EXPL: 0CVE-2011-2378 – Mozilla Firefox appendChild DOM Tree Inconsistency Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-2378
The appendChild function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, SeaMonkey 2.x, and possibly other products does not properly handle DOM objects, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to dereferencing of a "dangling pointer." La función appendChild en Firefox anterior a versión 3.6.20, Thunderbird versiones 3.x anteriores a 3.1.12, SeaMonkey versiones 2.x, y posiblemente otros productos de Mozilla, no maneja apropiadamente objetos DOM, lo que permite a los atacantes remotos ejecutar código arbitrario por medio de vectores no especificados que conlleva al desreferenciado de un "dangling pointer” This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw results when .setUserData() handlers are used with an object and .appendChild() is called within a handler. Ultimately the import operation resulting from an .appendChild() is not guarded from mutation, and invalid DOM trees can result. Invalid DOM trees can be navigated resulting in dereferencing invalid pointers which can be leveraged to execute arbitrary code in the context of the browser. • http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00027.html http://www.debian.org/security/2011/dsa-2295 http://www.debian.org/security/2011/dsa-2296 http://www.debian.org/security/2011/dsa-2297 http://www.mandriva.com/security/advisories?name=MDVSA-2011:127 http://www.mozilla.org/security/announce/2011/mfsa2011-30.html http://www.redhat.com/support/errata/RHSA-2011-1164.html http://ww • CWE-94: Improper Control of Generation of Code ('Code Injection') •