NotCVE - vendor:"Mozilla" product:"Firefox" version:"17.0.2"

Page 96 of 1660 results (0.029 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-5471 – Ubuntu Security Notice USN-3315-1

https://notcve.org/view.php?id=CVE-2017-5471

15 Jun 2017 — Memory safety bugs were reported in Firefox 53. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 54. Se han reportado errores de seguridad de memoria en Firefox 53. Algunos de estos errores mostraron evidencias de corrupción de memoria y se entiende que, con el suficiente esfuerzo, algunos de estos podrían explotarse para ejecutar código arbitrario. • http://www.securityfocus.com/bid/99042 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 1

CVE-2017-7762 – Mozilla: address bar username and password spoofing in reader mode

https://notcve.org/view.php?id=CVE-2017-7762

15 Jun 2017 — When entered directly, Reader Mode did not strip the username and password section of URLs displayed in the addressbar. This can be used for spoofing the domain of the current page. This vulnerability affects Firefox < 54. Al acceder a él directamente, Reader Mode no eliminó la sección de nombre de usuario y contraseña de las URL mostradas en la barra de direcciones. Esto puede emplearse para suplantar el dominio de la página actual. • http://www.securityfocus.com/bid/99047 • CWE-20: Improper Input Validation CWE-290: Authentication Bypass by Spoofing •

CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 1

CVE-2017-7776 – graphite2: heap-buffer-overflow read "graphite2::Silf::getClassGlyph"

https://notcve.org/view.php?id=CVE-2017-7776

14 Jun 2017 — Heap-based Buffer Overflow read in Graphite2 library in Firefox before 54 in graphite2::Silf::getClassGlyph. La librería Graphite2, en versiones de Firefox anteriores a la 54, es vulnerable a un desbordamiento de búfer de lectura basado en memoria dinámica en graphite2::Silf::getClassGlyph. An out of bounds read flaw related to "graphite2::Silf::getClassGlyph" has been reported in graphite2. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash. ... • https://www.mozilla.org/en-US/security/advisories/mfsa2017-15 • CWE-125: Out-of-bounds Read •

CVSS: 9.8EPSS: 0%CPEs: 18EXPL: 0

CVE-2017-5472 – Mozilla: Use-after-free using destroyed node when regenerating trees (MFSA 2017-16)

https://notcve.org/view.php?id=CVE-2017-5472

14 Jun 2017 — A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. Vulnerabilidad de uso de memoria previamente liberada en el frameloader durante la reconstrucción de árboles cuando se regenera el diseño CSS al intentar emplear un nodo en el árbol que ya no existe. Esto... • http://www.securityfocus.com/bid/99040 • CWE-416: Use After Free •

CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 1

CVE-2017-7771 – graphite2: out of bounds read in "graphite2::Pass::readPass"

https://notcve.org/view.php?id=CVE-2017-7771

14 Jun 2017 — Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Pass::readPass function. Lectura fuera de límites en la librería Graphite2 para versiones de Firefox anteriores a la 54 en la función graphite2::Pass::readPass. An out of bounds read flaw related to "graphite2::Pass::readPass" has been reported in graphite2. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash. Multiple security issues were discovered in Firefox. • https://bugzilla.redhat.com/show_bug.cgi?id=1472212 • CWE-125: Out-of-bounds Read •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1

CVE-2017-7772 – graphite2: heap-buffer-overflow write "lz4::decompress" (CVE-2017-7772)

https://notcve.org/view.php?id=CVE-2017-7772

14 Jun 2017 — Heap-based Buffer Overflow in Graphite2 library in Firefox before 54 in lz4::decompress function. Desbordamiento de búfer basado en memoria dinámica (heap) en Graphinte2 en versiones de Firefox anteriores a la 54 en lz4::decompress function. A heap-based buffer overflow flaw related to "lz4::decompress" has been reported in graphite2. An attacker could exploit this issue to cause a crash or, possibly, execute arbitrary code. Multiple security issues were discovered in Firefox. • https://www.mozilla.org/en-US/security/advisories/mfsa2017-15 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •

CVSS: 9.8EPSS: 0%CPEs: 18EXPL: 1

CVE-2017-7751 – Mozilla: Use-after-free with content viewer listeners (MFSA 2017-16)

https://notcve.org/view.php?id=CVE-2017-7751

14 Jun 2017 — A use-after-free vulnerability with content viewer listeners that results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. Vulnerabilidad de uso de memoria previamente liberada en los escuchadores del visor de contenido que resulta en un cierre inesperado potencialmente explotable. La vulnerabilidad afecta a Firefox en versiones anteriores a la 54, Firefox ESR en versiones anteriores a la 52.2 y Thunderbird en versiones anteriores a la ... • http://www.securityfocus.com/bid/99057 • CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1

CVE-2017-7773 – graphite2: heap-buffer-overflow write "lz4::decompress" (src/Decompressor)

https://notcve.org/view.php?id=CVE-2017-7773

14 Jun 2017 — Heap-based Buffer Overflow write in Graphite2 library in Firefox before 54 in lz4::decompress src/Decompressor. La librería Graphite2, en versiones de Firefox anteriores a la 54, es vulnerable a un desbordamiento de búfer de escritura basado en memoria dinámica en lz4::decompress src/Decompressor. A heap-based buffer overflow flaw related to "lz4::decompress" (src/Decompressor) has been reported in graphite2. An attacker could exploit this issue to cause a crash or, possibly, execute arbitrary code. Multipl... • https://www.mozilla.org/en-US/security/advisories/mfsa2017-15 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •

CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2017-7757 – Mozilla: Use-after-free in IndexedDB (MFSA 2017-16)

https://notcve.org/view.php?id=CVE-2017-7757

14 Jun 2017 — A use-after-free vulnerability in IndexedDB when one of its objects is destroyed in memory while a method on it is still being executed. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. Vulnerabilidad de uso de memoria previamente liberada en IndexedDB cuando uno de sus objetos se destruye en la memoria mientras un método se sigue ejecutando dentro. Esto resulta en un cierre inesperado potencialmente explotable. • http://www.securityfocus.com/bid/99057 • CWE-416: Use After Free •

CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2017-7756 – Mozilla: Use-after-free and use-after-scope logging XHR header errors (MFSA 2017-16)

https://notcve.org/view.php?id=CVE-2017-7756

14 Jun 2017 — A use-after-free and use-after-scope vulnerability when logging errors from headers for XML HTTP Requests (XHR). This could result in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. Vulnerabilidad de uso de memoria previamente liberada y "use-after-scope" al registrar errores de las cabeceras XHR (XML HTTP Request). Esto podría resultar en un cierre inesperado potencialmente explotable. • http://www.securityfocus.com/bid/99057 • CWE-416: Use After Free •

1...94 95 96 97 98