Lucene search
K

187 matches found

CNVD
CNVD
added 2017/06/23 12:0 a.m.2 views

Mozilla Firefox and Firefox ESR Graphite 2 out-of-bounds read vulnerability (CNVD-2017-12546)

Mozilla Firefox and Firefox ESR are both browser products developed by the Mozilla Foundation in the U.S. Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox.Graphite is a suite of enterprise-class open source system monitoring tools data mapping written i...

8.1CVSS6.7AI score0.01186EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2017/06/21 4:36 a.m.3 views

Mozilla: Vulnerabilities in the Graphite 2 library (MFSA 2017-16)

A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. These issues were addressed in Graphite 2 version 1.3.10. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird...

9.8CVSS7.6AI score0.05216EPSS
Exploits0References5
ALT Linux
ALT Linux
added 2017/06/21 12:0 a.m.57 views

Security fix for the ALT Linux 10 package firefox-esr version 52.2.0-alt1

June 21, 2017 Andrey Cherepanov 52.2.0-alt1 - New ESR version 52.2.0 - Security fixes: + CVE-2017-5472: Use-after-free using destroyed node when regenerating trees + CVE-2017-7749: Use-after-free during docshell reloading + CVE-2017-7750: Use-after-free with track elements + CVE-2017-7751:...

7.5CVSS10.3AI score0.05216EPSS
Exploits6
OPENSUSE Linux
OPENSUSE Linux
added 2017/06/20 12:9 a.m.65 views

Security update for Mozilla based packages (important)

This update for Mozilla Firefox, Thunderbird, and NSS fixes the following issues: Mozilla Firefox was updated to 52.2esr boo1043960 MFSA 2017-16: CVE-2017-5472 bmo1365602 Use-after-free using destroyed node when regenerating trees CVE-2017-7749 bmo1355039 Use-after-free during docshell reloading...

0.8AI score0.05216EPSS
Exploits12References2
Tenable Nessus
Tenable Nessus
added 2017/06/16 12:0 a.m.38 views

Ubuntu 14.04 LTS / 16.04 LTS : Firefox vulnerabilities (USN-3315-1)

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, obtain sensitive information, spoof the addressbar contents, or execute...

9.8CVSS7.4AI score0.05216EPSS
Exploits12References21
RedhatCVE
RedhatCVE
added 2017/06/14 4:51 a.m.47 views

CVE-2017-7778

A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. These issues were addressed in Graphite 2 version 1.3.10. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird...

9.8CVSS4.4AI score0.05216EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2017/06/14 12:0 a.m.37 views

CVE-2017-7778

A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. These issues were addressed in Graphite 2 version 1.3.10. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird...

9.8CVSS7.3AI score0.05216EPSS
Exploits0References5
Mozilla
Mozilla
added 2017/06/14 12:0 a.m.499 views

Security vulnerabilities fixed in Thunderbird 52.2 — Mozilla

A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable crash. A use-after-free vulnerability when using an incorrect URL during the...

9.8CVSS1.1AI score0.02869EPSS
Exploits3References22Affected Software1
Kaspersky
Kaspersky
added 2017/06/13 12:0 a.m.661 views

KLA11044 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR

Multiple serious vulnerabilities have been found in Firefox and Firefox ESR. Malicious users can exploit these vulnerabilities to gain privileges, cause a denial of service, read and write local files, spoof user interface and bypass security restrictions. Below is a complete list of...

9.8CVSS10AI score0.05216EPSS
Exploits14References5
Mozilla
Mozilla
added 2017/06/13 12:0 a.m.496 views

Security vulnerabilities fixed in Firefox ESR 52.2 — Mozilla

A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable crash. A use-after-free vulnerability when using an incorrect URL during the...

9.8CVSS0.9AI score0.02869EPSS
Exploits3References28Affected Software1
Mozilla
Mozilla
added 2017/06/13 12:0 a.m.541 views

Security vulnerabilities fixed in Firefox 54 — Mozilla

A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable crash. A use-after-free vulnerability when using an incorrect URL during the...

9.8CVSS0.7AI score0.02869EPSS
Exploits3References32Affected Software1
ALT Linux
ALT Linux
added 2017/05/02 12:0 a.m.31 views

Security fix for the ALT Linux 10 package thunderbird version 52.1.0-alt1

May 2, 2017 Andrey Cherepanov 52.1.0-alt1 - New version 52.0.1 - Security fixes: + CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR + CVE-2017-5430: Memory safety bugs fixed in Firefox 53, Firefox ESR + CVE-2017-5432: Use-after-free in text input selection + CVE-2017-5433:...

7.5CVSS8.2AI score0.18756EPSS
Exploits22
Tenable Nessus
Tenable Nessus
added 2017/04/24 12:0 a.m.80 views

Mozilla Firefox ESR < 52.1

The version of Firefox ESR installed on the remote Windows host is prior to 52.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-12 advisory. - Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex. CVE-2017-5469 - A...

9.8CVSS7.6AI score0.18756EPSS
Exploits24References34
Tenable Nessus
Tenable Nessus
added 2017/04/24 12:0 a.m.45 views

Mozilla Firefox ESR 45.x < 45.9 Multiple Vulnerabilities (macOS)

The version of Mozilla Firefox ESR installed on the remote macOS or Mac OS X host is 45.x prior to 45.9. It is, therefore, affected by the following vulnerabilities : - Multiple buffer overflow conditions exist in the FLEX generated code due to improper validation of certain input. An...

9.8CVSS7.4AI score0.18756EPSS
Exploits22References29
RedhatCVE
RedhatCVE
added 2017/04/20 5:48 a.m.35 views

CVE-2017-5436

An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox...

8.8CVSS3.3AI score0.02414EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2017/04/20 12:0 a.m.24 views

CVE-2017-5436

An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox...

8.8CVSS7.2AI score0.02414EPSS
Exploits0References4
ALT Linux
ALT Linux
added 2017/04/20 12:0 a.m.35 views

Security fix for the ALT Linux 10 package firefox-esr version 45.9.0-alt1

April 20, 2017 Andrey Cherepanov 45.9.0-alt1 - New ESR version - Security fixes: + CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, + CVE-2017-5462: DRBG flaw in NSS + CVE-2017-5445: Uninitialized values used while parsing + CVE-2017-5469: Potential Buffer overflow in...

7.5CVSS10.3AI score0.18756EPSS
Exploits19
Mozilla
Mozilla
added 2017/04/19 12:0 a.m.518 views

Security vulnerabilities fixed in Firefox ESR 52.1 — Mozilla

A use-after-free vulnerability in SMIL animation functions occurs when pointers to animation elements in an array are dropped from the animation controller while still in use. This results in a potentially exploitable crash. A use-after-free vulnerability occurs during transaction processing in t...

9.8CVSS1.6AI score0.04741EPSS
Exploits4References36Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/05/02 12:0 a.m.35 views

Ubuntu 14.04 LTS / 16.04 LTS : Thunderbird vulnerabilities (USN-2934-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2934-1 advisory. Bob Clary, Christoph Diehl, Christian Holler, Andrew McCreight, Daniel Holbert, Jesse Ruderman, and Randell Jesup discovered multiple memory...

9.3CVSS8.3AI score0.30946EPSS
Exploits9References24
Ubuntu
Ubuntu
added 2016/04/27 10:32 p.m.88 views

USN-2934-1: Thunderbird vulnerabilities

Bob Clary, Christoph Diehl, Christian Holler, Andrew McCreight, Daniel Holbert, Jesse Ruderman, and Randell Jesup discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denia...

9.3CVSS8.2AI score0.30946EPSS
Exploits9
Rows per page
Query Builder