Page 67 of 495 results (0.017 seconds)

CVSS: 6.8EPSS: 2%CPEs: 8EXPL: 0

CVE-2016-2837 – Mozilla Firefox ClearKeyDecryptor Heap Buffer Overflow Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2016-2837

Heap-based buffer overflow in the ClearKey Content Decryption Module (CDM) in the Encrypted Media Extensions (EME) API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media Plugin (GMP) sandbox bypass. Desbordamiento de búfer basado en memoria dinámica en el ClearKey Content Decryption Module (CDM) en el Encrypted Media Extensions (EME) API en Mozilla Firefox en versiones anteriores a 48.0 y Firefox ESR 45.x en versiones anteriores a 45.3 podría permitir a atacantes remotos ejecutar código arbitrario proporcionando un vídeo malformado y aprovechando un Gecko Media Plugin (GMP) sandbox bypass. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html http://rhn.redhat.com/errata/RHSA-2016-1551.html http://www.debian.org/security/2016/dsa-3640 http://www.mozilla.org/security/announce/2016/mfsa2016-77.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.securityfocus.com/bid/92258 http://www.securitytracker.com/id/1036508 http://www.ubuntu.c • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-1706 – chromium-browser: sandbox escape in ppapi

https://notcve.org/view.php?id=CVE-2016-1706

The PPAPI implementation in Google Chrome before 52.0.2743.82 does not validate the origin of IPC messages to the plugin broker process that should have come from the browser process, which allows remote attackers to bypass a sandbox protection mechanism via an unexpected message type, related to broker_process_dispatcher.cc, ppapi_plugin_process_host.cc, ppapi_thread.cc, and render_frame_message_filter.cc. La implementación PPAPI en Google Chrome en versiones anteriores a 52.0.2743.82 no valida el origen de los mensajes IPC para el plugin del proceso broker que debería haber llegado desde el proceso navegador, lo que permite a atacantes remotos eludir un mecanismo de protección sandbox a través de un tipo de mensaje inesperado, relacionado con broker_process_dispatcher.cc, ppapi_plugin_process_host.cc, ppapi_thread.cc y render_frame_message_filter.cc. • http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html http://rhn.redhat.com/errata/RHSA-2016-1485.html http://www.debian.org/security/2016/dsa-3637 http://www.securitytracker.com • CWE-20: Improper Input Validation •

CVSS: 8.1EPSS: 0%CPEs: 18EXPL: 0

CVE-2016-1443

https://notcve.org/view.php?id=CVE-2016-1443

The virtual network stack on Cisco AMP Threat Grid Appliance devices before 2.1.1 allows remote attackers to bypass a sandbox protection mechanism, and consequently obtain sensitive interprocess information or modify interprocess data, via a crafted malware sample. La pila de red virtual en dispositivos Cisco AMP Threat Grid Appliance en versiones anteriores a 2.1.1 permite a atacantes remotos eludir el mecanismo de protección sandbox y consecuentemente obtener información sensible de interprocesos o modificar datos de interprocesos, a través de una muestra de malware manipulada. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160706-tg • CWE-254: 7PK - Security Features •

CVSS: 9.3EPSS: 23%CPEs: 3EXPL: 0

CVE-2016-3211 – Microsoft Internet Explorer PerformDoDragDrop Protected Mode Sandbox Escape Vulnerability

https://notcve.org/view.php?id=CVE-2016-3211

An attacker who has gained code execution within the Internet Explorer Protected Mode sandbox can leverage this method to place a malicious executable file in any location to which the user has write access. • http://www.securitytracker.com/id/1036096 http://www.zerodayinitiative.com/advisories/ZDI-16-366 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-063 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-1797 – Apple OS X fontd Sandbox Escape Vulnerability

https://notcve.org/view.php?id=CVE-2016-1797

Apple Type Services (ATS) in Apple OS X before 10.11.5 allows attackers to bypass intended FontValidator sandbox-policy restrictions and execute arbitrary code in a privileged context via a crafted app. Apple Type Services (ATS) en Apple OS X en versiones anteriores a 10.11.5 permite a atacantes eludir las restricciones de política de sandbox destinadas a FontValidator y ejecutar código arbitrario en un contexto privilegiado a través de una app manipulada. ... Authentication is not required to exploit this vulnerability. The specific flaw exists within the sandbox policy for the fontd process. ... An attacker can leverage this in conjunction with other vulnerabilities to execute code outside the context of the Safari sandbox. • http://lists.apple.com/archives/security-announce/2016/May/msg00004.html http://www.securityfocus.com/bid/90696 http://www.securitytracker.com/id/1035895 http://www.zerodayinitiative.com/advisories/ZDI-16-360 https://support.apple.com/HT206567 • CWE-284: Improper Access Control •