324 matches found
CVE-2019-11710
Mozilla developers and community members reported memory safety bugs present in Firefox 67. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox 68...
UBUNTU-CVE-2019-11710
Mozilla developers and community members reported memory safety bugs present in Firefox 67. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox 68...
CVE-2018-12406
Mozilla developers and community members reported memory safety bugs present in Firefox 63. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox 64...
CVE-2018-12405
Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects...
Mozilla Firefox and Firefox ESR Memory Misreference Vulnerability (CNVD-2018-25867)
Mozilla Firefox and Firefox ESR are both browser products developed by the Mozilla Foundation in the U.S. Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox. A memory misreference vulnerability exists in Mozilla Firefox versions prior to 64 and Firefox ES...
UBUNTU-CVE-2018-5186
Memory safety bugs present in Firefox 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox 61...
CVE-2018-5151
Memory safety bugs were reported in Firefox 59. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox 60...
DEBIAN-CVE-2017-7826
Memory safety bugs were reported in Firefox 56 and Firefox ESR 52.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox 57, Firefox ESR 52.5, and Thunderbird...
Debian DSA-3987-1 : firefox-esr - security update
Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, buffer overflows and other implementation errors may lead to the execution of arbitrary code, denial of service, cross-site scripting or bypass of the phishing and malware...
Mozilla Firefox and Firefox ESR Memory Misreference Vulnerability (CNVD-2017-22580)
Mozilla Firefox and Firefox ESR are both browser products developed by the Mozilla Foundation in the U.S. Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox. A memory misreference vulnerability exists in Mozilla Firefox versions prior to 55 and Firefox ES...
Mozilla Firefox and Firefox ESR Graphite 2 out-of-bounds read vulnerability (CNVD-2017-12546)
Mozilla Firefox and Firefox ESR are both browser products developed by the Mozilla Foundation in the U.S. Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox.Graphite is a suite of enterprise-class open source system monitoring tools data mapping written i...
Mozilla Firefox Memory Misreference Vulnerability (CNVD-2017-04176)
Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the U.S. Thunderbird is a mail tool adapted from the mail widget of the Mozilla browser. A memory misreference vulnerability exists in Mozilla Firefox, where when adding a range to an object in the DOM, the range...
Mozilla Firefox and Firefox ESR memory corruption vulnerability (CNVD-2016-02688)
Mozilla Firefox and Firefox ESR are both browser products developed by the Mozilla Foundation in the U.S. Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox. A memory corruption vulnerability exists in the browser engines of Mozilla Firefox and Firefox ES...
Mozilla Firefox suffers from an unspecified memory corruption vulnerability (CNVD-2015-05435)
Mozilla Firefox is an open source WEB browser. An unspecified memory corruption vulnerability exists in Mozilla Firefox, which allows remote attackers to construct a malicious web page and trick users into parsing it, which could crash the application or execute arbitrary code...
USN-2702-2 ubufox update
USN-2702-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Ubufox. Original advisory details: Gary Kwong, Christian Holler, Byron Campen, Tyson Smith, Bobby Holley, Chris Coulson, and Eric Rahm discovered multiple memory safety issues in Firefox. If a user wer...
CVE-2015-4489
The nsTArrayImpl class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact by leveraging a self assignment...
Buffer underflow during MP3 playback — Mozilla
Security researcher Atte Kettunen used the Address Sanitizer tool to discover a buffer underflow during audio playback of a badly formatted MP3 audio files. Through memory allocation manipulation it may be possible to incorporate parts of Firefox memory into an MP3 stream accessible to scripts on...
Debian DSA-2881-1 : iceweasel - security update
Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, out of bound reads, use-after-frees and other implementation errors may lead to the execution of arbitrary code, information disclosure, denial of service...
CVE-2013-1684
Use-after-free vulnerability in the mozilla::dom::HTMLMediaElement::LookupMediaElementURITable function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a...
CVE-2011-2989
The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products does not properly implement WebGL, which allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code...