CVSS: 6.1EPSS: 0%CPEs: 8EXPL: 0CVE-2016-5262 – Mozilla: Scripts on marquee tag can execute in sandboxed iframes (MFSA 2016-76)
https://notcve.org/view.php?id=CVE-2016-5262
Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 process JavaScript event-handler attributes of a MARQUEE element within a sandboxed IFRAME element that lacks the sandbox="allow-scripts" attribute value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site. Mozilla Firefox en versiones anteriores a 48.0 y Firefox ESR 45.x en versiones anteriores a 45.3 procesa atributos de controladores de eventos JavaScript de un elemento MARQUEE dentro de un elemento IFRAME aislado que carece de valor de atributo sandbox="allow-scripts", lo que facilita a atacantes remotos llevar a cabo ataques XSS a través de un sitio web manipulado. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html http://rhn.redhat.com/errata/RHSA-2016-1551.html http://www.debian.org/security/2016/dsa-3640 http://www.mozilla.org/security/announce/2016/mfsa2016-76.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.securityfocus.com/bid/92258 http://www.securitytracker.com/id/1036508 http://www.ubuntu.c • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 2%CPEs: 8EXPL: 1CVE-2016-5264 – Mozilla: Use-after-free when applying SVG effects (MFSA 2016-79)
https://notcve.org/view.php?id=CVE-2016-5264
Use-after-free vulnerability in the nsNodeUtils::NativeAnonymousChildListChange function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG element that is mishandled during effect application. Vulnerabilidad de uso después de liberación de memoria en la función nsNodeUtils::NativeAnonymousChildListChange en Mozilla Firefox en versiones anteriores a 48.0 y Firefox ESR 45.x en versiones anteriores a 45.3 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria dinámica) a través de un elemento SVG que no se maneja correctamente durante el efecto de la aplicación. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html http://rhn.redhat.com/errata/RHSA-2016-1551.html http://www.debian.org/security/2016/dsa-3640 http://www.mozilla.org/security/announce/2016/mfsa2016-79.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.securityfocus.com/bid/92258 http://www.securitytracker.com/id/1036508 http://www.ubuntu.c • CWE-416: Use After Free •
CVSS: 9.8EPSS: 1%CPEs: 8EXPL: 0CVE-2016-5254 – Mozilla: Use-after-free when using alt key and toplevel menus (MFSA 2016-70)
https://notcve.org/view.php?id=CVE-2016-5254
Use-after-free vulnerability in the nsXULPopupManager::KeyDown function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by leveraging keyboard access to use the Alt key during selection of top-level menu items. Vulnerabilidad de uso después de liberación de memoria en la función nsXULPopupManager::KeyDown en Mozilla Firefox en versiones anteriores a 48.0 y Firefox ESR 45.x en versiones anteriores a 45.3 permite a atacantes ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria dinámica y caída de aplicación) aprovechando acceso a teclado para usar la tecla Alt durante la selección de ítems del menú de nivel superior. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html http://rhn.redhat.com/errata/RHSA-2016-1551.html http://www.debian.org/security/2016/dsa-3640 http://www.mozilla.org/security/announce/2016/mfsa2016-70.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.securityfocus.com/bid/92261 http://www.securitytracker.com/id/1036508 http://www.ubuntu.c • CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 0CVE-2016-5252 – Mozilla: Stack underflow during 2D graphics rendering (MFSA 2016-67)
https://notcve.org/view.php?id=CVE-2016-5252
Stack-based buffer underflow in the mozilla::gfx::BasePoint4d function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via crafted two-dimensional graphics data that is mishandled during clipping-region calculations. Desbordamiento inferior de búfer basado en pila en la función mozilla::gfx::BasePoint4d en Mozilla Firefox en versiones anteriores a 48.0 y Firefox ESR 45.x en versiones anteriores a 45.3 permite a atacantes remotos ejecutar código arbitrario a través de datos manipulados de gráficos en dos dimensiones que es manejado incorrectamente durante los cálculos clipping-región. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html http://rhn.redhat.com/errata/RHSA-2016-1551.html http://www.debian.org/security/2016/dsa-3640 http://www.mozilla.org/security/announce/2016/mfsa2016-67.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.securityfocus.com/bid/92261 http://www.securitytracker.com/id/1036508 http://www.ubuntu.c • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2016-5265 – Mozilla: Same-origin policy violation using local HTML file and saved shortcut file (MFSA 2016-80)
https://notcve.org/view.php?id=CVE-2016-5265
Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow user-assisted remote attackers to bypass the Same Origin Policy, and conduct Universal XSS (UXSS) attacks or read arbitrary files, by arranging for the presence of a crafted HTML document and a crafted shortcut file in the same local directory. Mozilla Firefox en versiones anteriores a 48.0 y Firefox ESR 45.x en versiones anteriores a 45.3 permite a atacantes remotos asistidos por usuario eludir el Same Origin Policy, y llevar a cabo ataques Universal XSS (UXSS) o leer archivos arbitrarios, disponiendo la presencia de un documento HTML manipulado y un archivo de acceso directo manipulado en el mismo directorio local. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html http://rhn.redhat.com/errata/RHSA-2016-1551.html http://www.debian.org/security/2016/dsa-3640 http://www.mozilla.org/security/announce/2016/mfsa2016-80.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.securityfocus.com/bid/92258 http://www.securitytracker.com/id/1036508 http://www.ubuntu.c • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •