Page 95 of 744 results (0.016 seconds)

CVSS: 7.5EPSS: 3%CPEs: 12EXPL: 0

The nsTArray_Impl class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging a self assignment. Vulnerabilidad en la clase nsTArray_Impl en Mozilla Firefox en versiones anteriores a 40.0, Firefox ESR 38.x en versiones anteriores a 38.2 y Firefox OS en versiones anteriores a 2.2, podría permitir a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o posiblemente tener otro impacto no especificado mediante el aprovechamiento de una autoasignación. • http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html http://lists.opensuse.org/opensuse-updates/2015-08/msg00030.html http://lists.opensuse.org/opensuse-updates/2015-08/msg00031.html http • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0

The nsCSPHostSrc::permits function in dom/security/nsCSPUtils.cpp in Mozilla Firefox before 40.0 does not implement the Content Security Policy Level 2 exceptions for the blob, data, and filesystem URL schemes during wildcard source-expression matching, which might make it easier for remote attackers to conduct cross-site scripting (XSS) attacks by leveraging unexpected policy-enforcement behavior. Vulnerabilidad en la función nsCSPHostSrc::permits en dom/security/nsCSPUtils.cpp en Mozilla Firefox en versiones anteriores a 40.0, no implementa excepciones de nivel 2 del Content Security Policy para el blob, los datos y el sistema de archivos de esquemas URL durante la búsqueda de coincidencia entre expresiones de código y el comodín, lo que podría facilitar a atacantes remotos realizar ataques de XSS mediante el aprovechamiento del comportamiento inesperado del cumplimiento de políticas. • http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html http://www.mozilla.org/security/announce/2015/mfsa2015-91.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securitytracker.com/id/1033247 http://www.ubuntu.com/usn/USN-2702-1 http://www.ubuntu.com/usn/USN-2702-2 http://www.ubuntu.com/usn/USN-2702-3 https://bugzilla.mozilla.org/show_ • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.8EPSS: 1%CPEs: 17EXPL: 0

Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that are mishandled during scaling. Vulnerabilidad de desbordamiento de entero en la función make_filter_table en pixops/pixops.c en gdk-pixbuf en versiones anteriores a 2.31.5, tal como es usado en Mozilla Firefox en versiones anteriores a 40.0 y Firefox ESR 38.x en versiones anteriores a 38.2 en Linux, Google Chrome en Linux y otros productos, permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (desbordamiento de buffer basado en memoria dinámica y caída de aplicación) a través de dimensiones bitmap manipuladas que no son manejadas correctamente durante el escalado.. An integer overflow, leading to a heap-based buffer overflow, was found in the way gdk-pixbuf, an image loading library for GNOME, scaled certain bitmap format images. An attacker could use a specially crafted BMP image file that, when processed by an application compiled against the gdk-pixbuf library, would cause that application to crash or execute arbitrary code with the permissions of the user running the application. • http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165701.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165703.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165730.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165732.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html http://lists.opensuse.org/opensuse • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •

CVSS: 8.8EPSS: 89%CPEs: 49EXPL: 2

The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015. Vulnerabilidad en el lector de PDF en Mozilla Firefox en versiones anteriores a 39.0.3, Firefox ESR 38.x en versiones anteriores a 38.1.1 y Firefox OS en versiones anteriores a 2.2, permite a atacantes remotos eludir la Same Origin Policy y leer archivos arbitrarios u obtener privilegios a través de vectores que implican código JavaScript manipulado y un setter nativo, tal como se explotó activamente en agosto de 2015. A flaw was discovered in Mozilla Firefox that could be used to violate the same-origin policy and inject web script into a non-privileged part of the built-in PDF file viewer (PDF.js). An attacker could create a malicious web page that, when viewed by a victim, could steal arbitrary files (including private SSH keys, the /etc/passwd file, and other potentially sensitive files) from the system running Firefox. Moxilla Firefox allows remote attackers to bypass the Same Origin Policy to read arbitrary files or gain privileges. • https://www.exploit-db.com/exploits/37772 https://github.com/vincd/CVE-2015-4495 http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html http://lists.opensuse.org/opensuse-security- •

CVSS: 6.8EPSS: 3%CPEs: 27EXPL: 0

Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716. Múltiples vulnerabilidades de desbordamiento de entero en la función XML_GetBuffer en Expat hasta la versión 2.1.0 implementada en Chrome en versiones anteriores a la 44.0.2403.89 y otros productos permite a atacantes remotos causar una denegación de servicio mediante un desbordamiento de buffer basado en memoria dinámica o, posiblemente tener otro impacto no especificado a través de datos XML manipulados, un tema relacionado con CVE-2015-2716. • http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00010.html http://rhn.redhat.com/errata/RHSA-2015-1499.html http • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •