Lucene search
K

38 matches found

Tenable Nessus
Tenable Nessus
added 2019/09/09 12:0 a.m.48 views

Oracle Linux 8 : firefox (ELSA-2019-2663)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2019-2663 advisory. 68.1.0-1.0.1 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat...

9.3CVSS7.4AI score0.0216EPSS
Exploits2References14
BDU FSTEC
BDU FSTEC
added 2015/06/05 12:0 a.m.5 views

The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure.

The vulnerability of Google Chrome’s browser in the content/renderer/media/usermediaclientimpl.cc file arises from the use of memory after it is freed. Exploiting this vulnerability allows an attacker, operating remotely, to cause a service failure by executing a specially crafted Java script upo...

7.5CVSS7.7AI score0.01649EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2015/05/25 3:25 a.m.5 views

chromium-browser: Use-after-free in WebRTC.

Multiple use-after-free vulnerabilities in content/renderer/media/usermediaclientimpl.cc in the WebRTC implementation in Google Chrome before 43.0.2357.65 allow remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that executes upon...

7.5CVSS7.6AI score0.01649EPSS
Exploits0References5
Prion
Prion
added 2015/05/20 10:59 a.m.12 views

Server side request forgery (ssrf)

Multiple use-after-free vulnerabilities in content/renderer/media/usermediaclientimpl.cc in the WebRTC implementation in Google Chrome before 43.0.2357.65 allow remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that executes upon...

7.5CVSS8AI score0.01649EPSS
Exploits0References9Affected Software2
Debian CVE
Debian CVE
added 2015/05/20 10:0 a.m.25 views

CVE-2015-1260

Removed by vendor...

7.5CVSS9.4AI score0.01649EPSS
Exploits0
CVE
CVE
added 2015/05/20 10:0 a.m.91 views

CVE-2015-1260

CVE-2015-1260 affects Google Chrome up to version 43.0.2357.65, where multiple use-after-free vulnerabilities exist in the WebRTC interface (content/renderer/media/user_media_client_impl.cc). Exploitation via crafted JavaScript after getUserMedia can lead to denial of service and possibly other i...

7.5CVSS7.4AI score0.01649EPSS
Exploits0References9Affected Software1
UbuntuCve
UbuntuCve
added 2015/05/20 12:0 a.m.27 views

CVE-2015-1260

Multiple use-after-free vulnerabilities in content/renderer/media/usermediaclientimpl.cc in the WebRTC implementation in Google Chrome before 43.0.2357.65 allow remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that executes upon...

7.5CVSS7.3AI score0.01649EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2013/11/19 12:0 a.m.29 views

openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2013:1142-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.8AI score0.05397EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2013/07/04 12:4 p.m.49 views

MozillaFirefox: Update to Firefox 22.0 release (important)

MozillaFirefox was updated to Firefox 22.0 bnc825935 Following security issues were fixed: MFSA 2013-49/CVE-2013-1682/CVE-2013-1683 Miscellaneous memory safety hazards MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686 Memory corruption found using Address Sanitizer MFSA 2013-51/CVE-2013-1687...

10CVSS1.8AI score0.69021EPSS
Exploits11References1
Tenable Nessus
Tenable Nessus
added 2013/06/27 12:0 a.m.37 views

FreeBSD : mozilla -- multiple vulnerabilities (b3fcb387-de4b-11e2-b1c6-0025905a4771)

The Mozilla Project reports : Miscellaneous memory safety hazards rv:22.0 / rv:17.0.7 Title: Memory corruption found using Address Sanitizer Privileged content access and execution via XBL Arbitrary code execution within Profiler Execution of unmapped memory through onreadystatechange Data in the...

10CVSS8.5AI score0.69021EPSS
Exploits11References33
Tenable Nessus
Tenable Nessus
added 2013/06/27 12:0 a.m.32 views

Ubuntu 12.04 LTS / 12.10 / 13.04 : firefox vulnerabilities (USN-1890-1)

Multiple memory safety issues were discovered in Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the privileges of the user invoking...

10CVSS8.7AI score0.69021EPSS
Exploits11References17
NVD
NVD
added 2013/06/26 3:19 a.m.12 views

CVE-2013-1698

The getUserMedia permission implementation in Mozilla Firefox before 22.0 references the URL of a top-level document instead of the URL of a specific page, which makes it easier for remote attackers to trick users into permitting camera or microphone access via a crafted web site that uses IFRAME...

4.3CVSS6.1AI score0.01486EPSS
Exploits0References5
Prion
Prion
added 2013/06/26 3:19 a.m.15 views

Code injection

The getUserMedia permission implementation in Mozilla Firefox before 22.0 references the URL of a top-level document instead of the URL of a specific page, which makes it easier for remote attackers to trick users into permitting camera or microphone access via a crafted web site that uses IFRAME...

4.3CVSS6.6AI score0.01486EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2013/06/26 1:0 a.m.18 views

CVE-2013-1698

The getUserMedia permission implementation in Mozilla Firefox before 22.0 references the URL of a top-level document instead of the URL of a specific page, which makes it easier for remote attackers to trick users into permitting camera or microphone access via a crafted web site that uses IFRAME...

6.1AI score0.01486EPSS
Exploits0References5
CVE
CVE
added 2013/06/26 1:0 a.m.131 views

CVE-2013-1698

CVE-2013-1698 is MFSA 2013-60 describing a getUserMedia permission dialog issue in Mozilla Firefox prior to 22.0, where the dialog displays the top-level page URL instead of the specific page URL, enabling a crafted site to trick users into granting camera/microphone access. Affected product: Moz...

4.3CVSS6AI score0.01486EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/06/26 12:0 a.m.29 views

Firefox < 22.0 Multiple Vulnerabilities

The installed version of Firefox is earlier than 22.0 and is, therefore, potentially affected by the following vulnerabilities : - Various, unspecified memory safety issues exist. CVE-2013-1682, CVE-2013-1683 - Heap-use-after-free errors exist related to 'LookupMediaElementURITable',...

10CVSS7.3AI score0.69021EPSS
Exploits11References31
UbuntuCve
UbuntuCve
added 2013/06/25 12:0 a.m.23 views

CVE-2013-1698

The getUserMedia permission implementation in Mozilla Firefox before 22.0 references the URL of a top-level document instead of the URL of a specific page, which makes it easier for remote attackers to trick users into permitting camera or microphone access via a crafted web site that uses IFRAME...

4.3CVSS7.1AI score0.01486EPSS
Exploits0References3
Mozilla
Mozilla
added 2013/06/25 12:0 a.m.62 views

getUserMedia permission dialog incorrectly displays location — Mozilla

Mozilla engineer Matt Wobensmith discovered that when the getUserMedia permission dialog for an iframe appears in one domain, it will display its origin as that of the top-level document and not the calling framed page. This could lead to users incorrectly giving camera or microphone permissions...

4.3CVSS5.8AI score0.01486EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder