CVSS: 9.8EPSS: 0%CPEs: 25EXPL: 0CVE-2016-1908 – openssh: possible fallback from untrusted to trusted X11 forwarding
https://notcve.org/view.php?id=CVE-2016-1908
22 Mar 2016 — The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server. El cliente en OpenSSH en versiones anteriores a 7.2 no maneja correctamente falló en la generación de cookies para el reenvío... • http://openwall.com/lists/oss-security/2016/01/15/13 • CWE-284: Improper Access Control CWE-287: Improper Authentication •
CVSS: 8.8EPSS: 2%CPEs: 22EXPL: 0CVE-2016-1954 – Mozilla: Local file overwriting and potential privilege escalation through CSP reports (MFSA 2016-17)
https://notcve.org/view.php?id=CVE-2016-1954
09 Mar 2016 — The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote attackers to cause a denial of service (data overwrite) or possibly gain privileges by specifying a URL of a local file. La función nsCSPContext::SendReports en dom/security/nsCSPContext.cpp en Mozilla Firefox en versiones anteriores a 45.0 y Firefox ESR 3... • http://hg.mozilla.org/releases/mozilla-release/rev/5154bb929236 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 4%CPEs: 22EXPL: 0CVE-2016-2802 – graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
https://notcve.org/view.php?id=CVE-2016-2802
09 Mar 2016 — The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font. La función graphite2::TtfUtil::CmapSubtable4NextCodepoint en Graphite 2 en versiones anteriores a 1.3.6, como se utiliza en Mozilla Firefox en versiones anteriores a 45.0 y Firefox ESR 38.x en versiones... • http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 4%CPEs: 22EXPL: 0CVE-2016-2792 – graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
https://notcve.org/view.php?id=CVE-2016-2792
09 Mar 2016 — The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2800. La función graphite2::Slot::getAttr en Slot.cpp en Graphite 2 en versiones anteriores a 1.3.6, como se utiliza en Mozilla Firefox en versiones anteriores a 45.0 y Fir... • http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 1%CPEs: 18EXPL: 0CVE-2016-1962 – Mozilla: Use-after-free when using multiple WebRTC data channels (MFSA 2016-25)
https://notcve.org/view.php?id=CVE-2016-1962
09 Mar 2016 — Use-after-free vulnerability in the mozilla::DataChannelConnection::Close function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of WebRTC data-channel connections. Vulnerabilidad de uso después de liberación de memoria en la función mozilla::DataChannelConnection::Close en Mozilla Firefox en versiones anteriores a 45.0 y Firefox ESR 38.x en versiones anteriores a 38.7 permite a atacantes remotos ejecutar código ar... • http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 4%CPEs: 22EXPL: 0CVE-2016-2798 – graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
https://notcve.org/view.php?id=CVE-2016-2798
09 Mar 2016 — The graphite2::GlyphCache::Loader::Loader function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font. La función graphite2::GlyphCache::Loader::Loader en Graphite 2 en versiones anteriores a 1.3.6, como se utiliza en Mozilla Firefox en versiones anteriores a 45.0 y Firefox ESR 38.x en versiones anteriores a 38.7... • http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 22EXPL: 0CVE-2016-1952 – Mozilla: Miscellaneous memory safety hazards (rv:38.7) (MFSA 2016-16)
https://notcve.org/view.php?id=CVE-2016-1952
09 Mar 2016 — Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades no especificadas en el navegador en Mozilla Firefox en versiones anteriores a 45.0 y Firefox ESR 38.x en versiones anteriores a 38.7 permite a atacantes remotos causar una denegación de servicio (corrupción de la... • http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 4%CPEs: 22EXPL: 0CVE-2016-2795 – graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
https://notcve.org/view.php?id=CVE-2016-2795
09 Mar 2016 — The graphite2::FileFace::get_table_fn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted Graphite smart font. La función graphite2::FileFace::get_table_fn en Graphite 2 en versiones anteriores a 1.3.6, como se utiliza en Mozilla Firefox en versiones anteriores a 45.0 y Firefox ES... • http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html • CWE-19: Data Processing Errors •
CVSS: 8.8EPSS: 3%CPEs: 22EXPL: 0CVE-2016-2797 – graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
https://notcve.org/view.php?id=CVE-2016-2797
09 Mar 2016 — The graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2801. La función graphite2::TtfUtil::CmapSubtable12Lookup en Graphite 2 en versiones anteriores a 1.3.6, como se utiliza en Mozilla Firefox en versiones anteriores a 45... • http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 3%CPEs: 22EXPL: 0CVE-2016-2793 – graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
https://notcve.org/view.php?id=CVE-2016-2793
09 Mar 2016 — CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font. CachedCmap.cpp en Graphite 2 en versiones anteriores a 1.3.6, como se utiliza en Mozilla Firefox en versiones anteriores a 45.0 y Firefox ESR 38.x en versiones anteriores a 38.7, permite a atacantes remotos causar una denegación de servicio (sobre... • http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •