Page 88 of 529 results (0.041 seconds)

CVSS: 9.3EPSS: 6%CPEs: 100EXPL: 0

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades no especificados en el motor JavaScript en Mozilla Firefox v3.5.x anterior v3.5.10 y v3.6.x anterior v3.6.4, Thunderbird anterior v3.0.5, y SeaMonkey anterior v2.0.5 permite a atacantes remotos causar una denegación de servicio (corrupción de memoria y caída de programa) o probablemente ejecutar código de su elección a través de vectores no especificados. • http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043369.html http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043405.html http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00005.html http://secunia.com/advisories/40323 http://secunia.com/advisories/40326 http://secunia.com/advisories/40401 http://secunia.com/advisories/40481 http://support.avaya.com/css/P8/documents/100091069 http://ubuntu.com/usn/usn-930-1 http://www.mandriva.com/ •

CVSS: 9.3EPSS: 18%CPEs: 100EXPL: 0

Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a heap-based buffer overflow. Desbordamiento de enteros en la función GenericDOMDataNode::SetTextInternal en Mozilla Firefox v3.5.x anterior v3.5.10 y v3.6.x anterior v3.6.4, Thunderbird anterior v3.0.5, y SeaMonkey anterior v2.0.5 permite a atacantes remotos ejecutar código de su elección a través de un nodo DOM con un valor de texto largo que provoca un desbordamiento de búfer basado en la memoria dinámica • http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043369.html http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043405.html http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00005.html http://secunia.com/advisories/40323 http://secunia.com/advisories/40326 http://secunia.com/advisories/40401 http://secunia.com/advisories/40481 http://support.avaya.com/css/P8/documents/100091069 http://ubuntu.com/usn/usn-930-1 http://www.mandriva.com/ • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •

CVSS: 10.0EPSS: 77%CPEs: 100EXPL: 3

Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node. Desbordamiento de enteros en la implementación del nodo de ordenación XSLT en Mozilla Firefox v3.5.x anterior v3.5.10 y v3.6.x anterior v3.6.4, Thunderbird anterior v3.0.5, y SeaMonkey anterior v2.0.5 permite a atacantes remotos ejecutar código de su elección a través de un valor de texto largo para el nodo. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or otherwise render a malicious file. The specific flaw exists within a particular XSLT transformation when applied to an XML document. If a large number of elements have this transformation applied to them, the application will misallocate a buffer. • https://www.exploit-db.com/exploits/34192 https://www.exploit-db.com/exploits/14949 http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043369.html http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043405.html http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00005.html http://secunia.com/advisories/40323 http://secunia.com/advisories/40326 http://secunia.com/advisories/40401 http://secunia.com/advisories/40481 http://support.avaya.com/css& • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •

CVSS: 9.3EPSS: 2%CPEs: 238EXPL: 1

The nsIScriptableUnescapeHTML.parseFragment method in the ParanoidFragmentSink protection mechanism in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 does not properly sanitize HTML in a chrome document, which makes it easier for remote attackers to execute arbitrary JavaScript with chrome privileges via a javascript: URI in input to an extension, as demonstrated by a javascript:alert sequence in (1) the HREF attribute of an A element or (2) the ACTION attribute of a FORM element. El método nsIScriptableUnescapeHTML.parseFragment en el mecanismo de protección ParanoidFragmentSink en Mozilla Firefox en versiones anteriores a 3.5.17 y 3.6.x en versiones anteriores a 3.6.14, Thunderbird en versiones anteriores a 3.1.8 y SeaMonkey en versiones anteriores a 2.0.12 no desinfecta adecuadamente HTML en un documento chrome, lo que hace más fácil a atacantes remotos ejecutar JavaScript arbitrario con privilegios de chrome a través de un javascript: URI en entrada a una extensión, como se demuestra por una secuencia javascript:alert en el atributo (1) HREF de un elemento A o el atributo (2) ACTION de un elemento FORM. • http://downloads.avaya.com/css/P8/documents/100133195 http://wizzrss.blat.co.za/2009/11/17/so-much-for-nsiscriptableunescapehtmlparsefragment http://www.mandriva.com/security/advisories?name=MDVSA-2011:041 http://www.mandriva.com/security/advisories?name=MDVSA-2011:042 http://www.mozilla.org/security/announce/2011/mfsa2011-08.html http://www.security-assessment.com/files/whitepapers/Cross_Context_Scripting_with_Firefox.pdf http://www.securityfocus.com/archive/1/510883/100/0/threaded https://bug • CWE-20: Improper Input Validation •

CVSS: 7.6EPSS: 2%CPEs: 144EXPL: 0

Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, does not prevent applets from interpreting mouse clicks as drag-and-drop actions, which allows remote attackers to execute arbitrary JavaScript with Chrome privileges by loading a chrome: URL and then loading a javascript: URL. Mozilla Firefox anteriores a v3.0.19, 3.5.x anteriores a v3.5.9, y v3.6.x anteriores a v3.6.2, y SeaMonkey anteriores a v2.0.4, no impide que los applets interpreten los clicks del ratón como acciones drag-and-drop, lo que permite a atacantes remotos ejecutar JavaScript arbitrario con privilegios chrome mediante la carga de un chrome: URL cuando se carga un JavaScript : URL. • http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html http://secunia.com/advisories/39136 http://secunia.com/advisories/39240 http://secunia.com/advisories/39243 http://secunia.com/advisories/39308 http://secunia.com/advisories/39397 http://securitytracker.com/id?1023776 http://ubuntu.com/usn/usn-921-1 http://www.debian.org/security/2010/dsa-2027 http://www.mandriva.com/security/advisories?name=MDVSA-2010:070 http://www.mozilla.org/security/announce/201 • CWE-94: Improper Control of Generation of Code ('Code Injection') •