Page 87 of 672 results (0.017 seconds)

CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2019-9790 – Mozilla: Use-after-free when removing in-use DOM elements

https://notcve.org/view.php?id=CVE-2019-9790

A use-after-free vulnerability can occur when a raw pointer to a DOM element on a page is obtained using JavaScript and the element is then removed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66. Podría ocurrir una vulnerabilidad de uso después de liberación de memoria cuando es obtenido un puntero raw al elemento DOM en una página empleando JavaScript y el elemento es eliminado mientras sigue en uso. Esto resulta en un cierre inesperado potencialmente explotable. • https://access.redhat.com/errata/RHSA-2019:0966 https://access.redhat.com/errata/RHSA-2019:1144 https://bugzilla.mozilla.org/show_bug.cgi?id=1525145 https://www.mozilla.org/security/advisories/mfsa2019-07 https://www.mozilla.org/security/advisories/mfsa2019-08 https://www.mozilla.org/security/advisories/mfsa2019-11 https://access.redhat.com/security/cve/CVE-2019-9790 https://bugzilla.redhat.com/show_bug.cgi?id=1690675 • CWE-416: Use After Free •

CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0

CVE-2019-9793 – Mozilla: Improper bounds checks when Spectre mitigations are disabled

https://notcve.org/view.php?id=CVE-2019-9793

A mechanism was discovered that removes some bounds checking for string, array, or typed array accesses if Spectre mitigations have been disabled. This vulnerability could allow an attacker to create an arbitrary value in compiled JavaScript, for which the range analysis will infer a fully controlled, incorrect range in circumstances where users have explicitly disabled Spectre mitigations. *Note: Spectre mitigations are currently enabled for all users by default settings.*. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66. Se encontró un mecanismo que elimina algunos límites para comprobar los accesos de cadenas, matrices o matrices escritas si se han deshabilitado las mitigaciones de Specter. • https://access.redhat.com/errata/RHSA-2019:0966 https://access.redhat.com/errata/RHSA-2019:1144 https://bugzilla.mozilla.org/show_bug.cgi?id=1528829 https://www.mozilla.org/security/advisories/mfsa2019-07 https://www.mozilla.org/security/advisories/mfsa2019-08 https://www.mozilla.org/security/advisories/mfsa2019-11 https://access.redhat.com/security/cve/CVE-2019-9793 https://bugzilla.redhat.com/show_bug.cgi?id=1690678 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2018-18499 – Mozilla: Same-origin policy violation using meta refresh and performance.getEntries to steal cross-origin URLs

https://notcve.org/view.php?id=CVE-2018-18499

A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http-equiv="refresh" on a page to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1. Una violación de una política del mismo origen permite el robo de entradas URL Cross-Origin cuando utiliza meta http-equiv="refresh" en una página para provocar un redireccionamiento a otro sitio utilizando performance.getEntries(). Esta es una violación de la política del mismo origen y podría permitir el robo de datos. • https://bugzilla.mozilla.org/show_bug.cgi?id=1468523 https://www.mozilla.org/security/advisories/mfsa2018-20 https://www.mozilla.org/security/advisories/mfsa2018-21 https://www.mozilla.org/security/advisories/mfsa2018-25 https://access.redhat.com/security/cve/CVE-2018-18499 https://bugzilla.redhat.com/show_bug.cgi?id=1849971 • CWE-346: Origin Validation Error CWE-829: Inclusion of Functionality from Untrusted Control Sphere •

CVSS: 5.3EPSS: 1%CPEs: 1EXPL: 0

CVE-2018-18509 – thunderbird: flaw in verification of S/MIME signature resulting in signature spoofing

https://notcve.org/view.php?id=CVE-2018-18509

A flaw during verification of certain S/MIME signatures causes emails to be shown in Thunderbird as having a valid digital signature, even if the shown message contents aren't covered by the signature. The flaw allows an attacker to reuse a valid S/MIME signature to craft an email message with arbitrary content. This vulnerability affects Thunderbird < 60.5.1. Un fallo durante la comprobación de ciertas firmas S/MIME produce correos electrónicos que se mostrarán en Thunderbird con una firma digital válida, incluso si el contenido del mensaje mostrado no está cubierto por la firma. El fallo le permite a un atacante reutilizar una firma S/MIME válida para poder elaborar un mensaje de correo electrónico con contenido arbitrario. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00043.html http://packetstormsecurity.com/files/152703/Johnny-You-Are-Fired.html http://seclists.org/fulldisclosure/2019/Apr/38 http://www.openwall.com/lists/oss-security/2019/04/30/4 https://access.redhat.com/errata/RHSA-2019:1144 https://bugzilla.mozilla.org/show_bug.cgi?id=1507218 https://github.com/RUB-NDS/Johnny-You-Are-Fired https://github.com/RUB-NDS/Johnny-You-Are-Fired/blob/master/paper/johnny-fired.p • CWE-347: Improper Verification of Cryptographic Signature •

CVSS: 9.8EPSS: 28%CPEs: 18EXPL: 1

CVE-2018-18500 – Mozilla: Use-after-free parsing HTML5 stream

https://notcve.org/view.php?id=CVE-2018-18500

A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65. Una vulnerabilidad de memoria previamente liberada puede ocurrir a la hora de analizar una transmisión HTML5 junto con elementos HTML personalizados. Esto resulta en la liberación del objeto de análisis de transmisión mientras está en uso, conduciendo potencialmente a un cierre inesperado explotable. • https://github.com/sophoslabs/CVE-2018-18500 http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00021.html http://www.securityfocus.com/bid/106781 https://access.redhat.com/errata/RHSA-2019:0218 https://access.redhat.com/errata/RHSA-2019:0219 https://access.redhat.com/errata/RHSA-2019:0269 https://access.redhat.com/errata/RHSA-2019:0270 https://lists.debian.org/debian-lts-announce/2019/01/msg00025.html https://lists.debian.org/debian-lts-announce/2019/02/msg00024 • CWE-416: Use After Free •