Page 7 of 345 results (0.020 seconds)

CVSS: 5.0EPSS: 2%CPEs: 10EXPL: 0

The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger generation of a key that supports the Elliptic Curve ec-dual-use algorithm. El método crypto.generateCRMFRequest en Mozilla Firefox anterior a 28.0 y SeaMonkey anterior a 2.25 no valida debidamente cierto tipo de clave, lo que permite a atacantes remotos causar una denegación de servicio (caída de aplicación) a través de vectores que provocan la generación de una clave que soporta el algoritmo Elliptic Curve ec-dual-use. • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html http://www.mozilla.org/security/announce/2014/mfsa2014-18.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html https://bugzilla.mozilla.org/show_bug.cgi?id=935618 https://s • CWE-347: Improper Verification of Cryptographic Signature •

CVSS: 9.8EPSS: 95%CPEs: 26EXPL: 2

Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors. Mozilla Firefox anterior a 28.0, Firefox ESR 24.x anterior a 24.4, Thunderbird anterior a 24.4 y SeaMonkey anterior a 2.25 permiten a atacantes remotos evadir el bloqueo de ventanas emergentes a través de vectores no especificados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the pop-up blocker. The issue lies in the ability to forward calls to an unloaded window. • https://www.exploit-db.com/exploits/34448 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html http://rhn.redhat.com/errata/RHSA-2014-0310.html http://rhn.redhat.com/errata/RHSA-2014-0316.html http://www.debian.org/security/2014/dsa-2881 http&# • CWE-269: Improper Privilege Management •

CVSS: 2.6EPSS: 0%CPEs: 10EXPL: 0

The session-restore feature in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not consider the Content Security Policy of a data: URL, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document that is accessed after a browser restart. La funcionalidad session-restore en Mozilla Firefox anterior a 28.0 y SeaMonkey anterior a 2.25 no considera Content Security Policy de un dato: URL, lo que facilita a atacantes remotos realizar ataques de XSS a través de un documento manipulado que es accedido después de un reinicio de navegador. • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html http://www.mozilla.org/security/announce/2014/mfsa2014-23.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html https://bugzilla.mozilla.org/show_bug.cgi?id=911547 https://s • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 10.0EPSS: 92%CPEs: 26EXPL: 1

Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering extensive memory consumption while garbage collection is occurring, as demonstrated by improper handling of BumpChunk objects. Vulnerabilidad de uso después de liberación en la clase TypeObject en el motor JavaScript en Mozilla Firefox anterior a 28.0, Firefox ESR 24.x anterior a 24.4, Thunderbird anterior a 24.4 y SeaMonkey anterior a 2.25 permite a atacantes remotos ejecutar código arbitrario mediante el aprovechamiento del consumo de memoria extensivo mientras la recolección de basura está ocurriendo. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of TypeObjects. By manipulating a document's elements an attacker can force a dangling pointer to be reused after it has been freed. • http://archives.neohapsis.com/archives/bugtraq/2014-03/0145.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html http://rhn.redhat.com/errata/RHSA-2014-0310.html http://rhn.redhat.com/errata/RHSA-2014-0316.html http://www.debian.org/security&# • CWE-416: Use After Free •

CVSS: 9.3EPSS: 1%CPEs: 26EXPL: 1

TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based out-of-bounds write or read) via a crafted web site. TypedArrayObject.cpp en Mozilla Firefox anterior a 28.0, Firefox ESR 24.x anterior a 24.4, Thunderbird anterior a 24.4 y SeaMonkey anterior a 2.25 no previene una transición de longitud cero durante el uso de un objeto ArrayBuffer, lo que permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (escritura o lectura basado en memoria dinámica fuera de de rango) a través de un sitio web manipulado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of ArrayBuffer objects. The issue lies in improper handling when neutering an ArrayBuffer object. • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html http://rhn.redhat.com/errata/RHSA-2014-0310.html http://rhn.redhat.com/errata/RHSA-2014-0316.html http://www.debian.org/security/2014/dsa-2881 http://www.debian.org/security/2014/dsa-2911 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •