CVE-2011-0054 – Mozilla Buffer overflow in JavaScript upvarMap (MFSA 2011-04)
https://notcve.org/view.php?id=CVE-2011-0054
Buffer overflow in the JavaScript engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via vectors involving non-local JavaScript variables, aka an "upvarMap" issue. Desbordamiento de búfer en el motor JavaScript de Mozilla Firefox antes de v3.5.17 y v3.6.x antes de v3.6.14, y SeaMonkey antes de v2.0.12, podría permitir a atacantes remotos ejecutar código arbitrario a través de vectores con variables JavaScript no locales. También conocido como el problema "upvarMap". • http://downloads.avaya.com/css/P8/documents/100133195 http://www.mandriva.com/security/advisories?name=MDVSA-2011:041 http://www.mozilla.org/security/announce/2011/mfsa2011-04.html http://www.securityfocus.com/bid/46648 https://bugzilla.mozilla.org/show_bug.cgi?id=615657 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14018 https://access.redhat.com/security/cve/CVE-2011-0054 https://bugzilla.redhat.com/show_bug.cgi?id=675091 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2011-0056 – Mozilla Buffer overflow in JavaScript atom map (MFSA 2011-05)
https://notcve.org/view.php?id=CVE-2011-0056
Buffer overflow in the JavaScript engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via vectors involving exception timing and a large number of string values, aka an "atom map" issue. Vulnerabilidad de desbordamiento de buffer en el motor Javascript de Mozilla Firefox antes de v3.5.17 y v3.6.x antes de v3.6.14, y SeaMonkey antes de v2.0.12, podría permitir a atacantes remotos ejecutar código de su elección a través de vectores relacionados con la temporización de las excepciones y un gran número de valores de cadena. También conocido como un problema "mapa átomo". • http://downloads.avaya.com/css/P8/documents/100133195 http://www.mandriva.com/security/advisories?name=MDVSA-2011:041 http://www.mozilla.org/security/announce/2011/mfsa2011-05.html http://www.securityfocus.com/bid/46650 https://bugzilla.mozilla.org/show_bug.cgi?id=622015 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14013 https://access.redhat.com/security/cve/CVE-2011-0056 https://bugzilla.redhat.com/show_bug.cgi?id=675092 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2011-0055 – Mozilla Firefox JSON.stringify Dangling Pointer Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0055
Use-after-free vulnerability in the JSON.stringify method in js3250.dll in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via unspecified vectors related to the js_HasOwnProperty function and garbage collection. Vulnerabilidad de uso después de liberación de memoria en el método JSON.stringify en js3250.dll en Mozilla Firefox en versiones anteriores a 3.5.17 y 3.6.x en versiones anteriores a 3.6.14 y SeaMonkey en versiones anteriores a 2.0.12, podría permitir a atacantes remotos ejecutar código arbitrario a través de vectores inespecificos relacionados con la función js_HasOwnProperty y garbage collection. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within js3250.dll. In the JSON.stringify() call chain js_HasOwnProperty() is called with an invalid pointer. • http://downloads.avaya.com/css/P8/documents/100133195 http://www.mandriva.com/security/advisories?name=MDVSA-2011:041 http://www.mozilla.org/security/announce/2011/mfsa2011-03.html http://www.securityfocus.com/archive/1/516802 http://www.securityfocus.com/bid/46661 http://www.zerodayinitiative.com/advisories/ZDI-11-103 https://bugzilla.mozilla.org/show_bug.cgi?id=616009 https://bugzilla.mozilla.org/show_bug.cgi?id=619255 https://oval.cisecurity.org/repository/search/definition/oval% • CWE-399: Resource Management Errors CWE-416: Use After Free •
CVE-2010-2764 – Mozilla Information leak via XMLHttpRequest statusText (MFSA 2010-63)
https://notcve.org/view.php?id=CVE-2010-2764
Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict read access to the statusText property of XMLHttpRequest objects, which allows remote attackers to discover the existence of intranet web servers via cross-origin requests. Mozilla Firefox anterior a v3.5.12 y v3.6.x anterior a v3.6.9, Thunderbird anterior a v3.0.7 y v3.1.x anterior a v3.1.3, SeaMonkey anterior a v2.0.7 no restringe correctamente el acceso de lectura a la propiedad statusText de los objetos XMLHttpRequest, permitiendo a atacantes remotos descubrir la existencia de servidores Web de Intranet a través de peticiones cruzadas de origen. • http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047282.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00002.html http://secunia.com/advisories/42867 http://support.avaya.com/css/P8/documents/100112690 http://www.mandriva.com/security/advisories?name=MDVSA-2010:173 http://www.mozilla.org/security/announce/2010/mfsa2010-63.html http://www.securityfocus.com/bid/43104 http:/ • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2010-3166 – nsTextFrameUtils:: TransformText (MFSA 2010-53)
https://notcve.org/view.php?id=CVE-2010-3166
Heap-based buffer overflow in the nsTextFrameUtils::TransformText function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a bidirectional text run. Desbordamiento de búfer basado en memoria dinámica en la función nsTextFrameUtils::TransformText en Mozilla Firefox anterior a v3.5.12 y v3.6.x anterior a v3.6.9, Thunderbird anterior a v3.0.7 y v3.1.x anterior a v3.1.3, y SeaMonkey anterior a v2.0.7 podría permitir a atacantes remotos ejecutar código arbitrario a través de un recorrido de texto bidireccional. • http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047282.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00002.html http://secunia.com/advisories/42867 http://support.avaya.com/css/P8/documents/100112690 http://www.mandriva.com/security/advisories?name=MDVSA-2010:173 http://www.mozilla.org/security/announce/2010/mfsa2010-53.html http://www.securityfocus.com/bid/43102 http:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •