Page 7 of 36 results (0.012 seconds)

CVSS: 4.3EPSS: 0%CPEs: 30EXPL: 1

The XBL.__proto__.toString implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 makes it easier for remote attackers to bypass the ASLR protection mechanism by calling the toString function of an XBL object. La implementación de en el motor de navegación en Mozilla Firefox anterior a 18.0, Firefox ESR 10.x anterior a 10.0.12 y 17.x anterior a 17.0.2, Thunderbird anterior a 17.0.2, Thunderbird ESR 10.x anterior a 10.0.12 y 17.x anterior a 17.0.2, y SeaMonkey anterior a 2.15, facilita a atacantes remotos evitar los mecanismos de protección ASLR mediante la llamada a la función toString de un objeto XBL. • http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00017.html http://rhn.redhat.com/errata/RHSA-2013-0144.html http://rhn.redhat.com/errata/RHSA-2013-0145.html http://www.mozilla.org/security/announce/2013/mfsa2013-11.html http://www.ubuntu.com/usn/USN • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.3EPSS: 3%CPEs: 30EXPL: 0

Use-after-free vulnerability in the ListenerManager implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors involving the triggering of garbage collection after memory allocation for listener objects. Vulnerabilidad de uso después de la liberación en la implementación del ListenerManager en Mozilla Firefox anterior a 18.0, Firefox ESR 10.x anterior a 10.0.12 y 17.x anterior a 17.0.2, Thunderbird anterior a 17.0.2, Thunderbird ESR 10.x anterior a 10.0.12 y 17.x anterior a 17.0.2, y SeaMonkey anterior a 2.15, permite a atacantes remotos ejecutar códifo arbitrario a través de vectores que involucran el lanzamiento de colecciones de basura después de una asignación de memoria para los objetos "listener". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of ListenerManager event listeners. A dangling pointer can be created if a listener frees another listener. • http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00017.html http://rhn.redhat.com/errata/RHSA-2013-0144.html http://rhn.redhat.com/errata/RHSA-2013-0145.html http://www.mozilla.org/security/announce/2013/mfsa2013-17.html http://www.ubuntu.com/usn/USN • CWE-416: Use After Free •

CVSS: 9.3EPSS: 1%CPEs: 30EXPL: 0

Use-after-free vulnerability in the TableBackgroundPainter::TableBackgroundData::Destroy function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an HTML document with a table containing many columns and column groups. Vulnerabilidad de liberación después de uso en la función TableBackgroundPainter::TableBackgroundData::Destroy en Mozilla Firefox anterior a 18.0, Firefox ESR 10.x anterior a 10.0.12 y 17.x anterior a 17.0.2, Thunderbird anterior a 17.0.2, Thunderbird ESR 10.x anterior a 10.0.12 y 17.x anterior a 17.0.2, y SeaMonkey anterior a 2.15, permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria dinámica) a través de un documento HTML con una tabla que contiene multitud de columnas y grupos de estas. • http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00017.html http://rhn.redhat.com/errata/RHSA-2013-0144.html http://rhn.redhat.com/errata/RHSA-2013-0145.html http://www.mozilla.org/security/announce/2013/mfsa2013-05.html http://www.ubuntu.com/usn/USN • CWE-416: Use After Free •

CVSS: 9.3EPSS: 96%CPEs: 30EXPL: 1

Use-after-free vulnerability in the serializeToStream implementation in the XMLSerializer component in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via crafted web content. Vulnerabilidad de uso después de la liberación en la implementación del serializeToStream en el componente XMLSerializer en Mozilla Firefox anterior a 18.0, Firefox ESR 10.x anterior a 10.0.12 y 17.x anterior a 17.0.2, Thunderbird anterior a 17.0.2, Thunderbird ESR 10.x anterior a 10.0.12 y 17.x anterior a 17.0.2, y SeaMonkey anterior a 2.15, permite a atacantes remotos ejecutar código arbitrario a través de un contenido web modificado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XML serialization of the DOM. A certain method used during serialization is provided by the user and can be made to create a dangling pointer. • https://www.exploit-db.com/exploits/27940 http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00017.html http://rhn.redhat.com/errata/RHSA-2013-0144.html http://rhn.redhat.com/errata/RHSA-2013-0145.html http://www.mozilla.org/security/announce/2013/mfsa2013 • CWE-416: Use After Free •

CVSS: 9.3EPSS: 1%CPEs: 30EXPL: 0

Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 do not properly implement quickstubs that use the jsval data type for their return values, which allows remote attackers to execute arbitrary code or cause a denial of service (compartment mismatch and application crash) via crafted JavaScript code that is not properly handled during garbage collection. Mozilla Firefox anterior a 18.0, Firefox ESR 10.x anterior a 10.0.12 y 17.x anterior a 17.0.2, Thunderbird anterior a 17.0.2, Thunderbird ESR 10.x anterior a 10.0.12 y 17.x anterior a 17.0.2, y SeaMonkey anterior a 2.15, no implementa adecuadamente quickstubs que utiliza el tipo de dato jsval en las variables de retorno, lo que permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (caída de aplicación y desajuste del compartimiento) a través de código JavaScrip manipulado que no está manejado adecuadamente durante la recolección de basura. • http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00017.html http://rhn.redhat.com/errata/RHSA-2013-0144.html http://rhn.redhat.com/errata/RHSA-2013-0145.html http://www.mozilla.org/security/announce/2013/mfsa2013-09.html http://www.ubuntu.com/usn/USN •