Lucene search
K

252 matches found

Cvelist
Cvelist
added 2015/08/16 1:0 a.m.24 views

CVE-2015-4486

The decreaserefcount function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds read via malformed WebM video data...

7.6AI score0.06612EPSS
Exploits0References16
Cvelist
Cvelist
added 2015/08/16 1:0 a.m.26 views

CVE-2015-4485

Heap-based buffer overflow in the resizecontextbuffers function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via malformed WebM video data...

7.8AI score0.08447EPSS
Exploits0References16
CVE
CVE
added 2015/08/16 1:0 a.m.144 views

CVE-2015-4485

Summary: CVE-2015-4485 is a heap-based buffer overflow in the libvpx decode path used by Mozilla Firefox when handling WebM video data. The flaw occurs in resize_context_buffers and can enable remote code execution. Affected products/versions: Mozilla Firefox before 40.0 and Firefox ESR 38.x befo...

10CVSS7.7AI score0.08447EPSS
Exploits0References16Affected Software1
Debian CVE
Debian CVE
added 2015/08/16 1:0 a.m.28 views

CVE-2015-4486

The decreaserefcount function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds read via malformed WebM video data...

10CVSS8.3AI score0.06612EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2015/08/11 7:47 p.m.5 views

Mozilla: Buffer overflows on Libvpx when decoding WebM video (MFSA 2015-89)

Heap-based buffer overflow in the resizecontextbuffers function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via malformed WebM video data...

10CVSS8AI score0.08447EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2015/08/11 7:47 p.m.3 views

Mozilla: Buffer overflows on Libvpx when decoding WebM video (MFSA 2015-89)

The decreaserefcount function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds read via malformed WebM video data...

10CVSS7.8AI score0.06612EPSS
Exploits0References5
FreeBSD
FreeBSD
added 2015/08/11 12:0 a.m.31 views

libvpx -- multiple buffer overflows

The Mozilla Project reports: Security researcher Abhishek Arya Inferno of the Google Chrome Security Team used the Address Sanitizer tool to discover two buffer overflow issues in the Libvpx library used for WebM video when decoding a malformed WebM video file. These buffer overflows result in...

10CVSS7.9AI score0.08447EPSS
Exploits0References1
OSV
OSV
added 2015/08/11 12:0 a.m.3 views

UBUNTU-CVE-2015-4486

The decreaserefcount function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds read via malformed WebM video data...

10CVSS7.1AI score0.06612EPSS
Exploits0References4
Mozilla
Mozilla
added 2015/08/11 12:0 a.m.51 views

Buffer overflows on Libvpx when decoding WebM video — Mozilla

Security researcher Abhishek Arya Inferno of the Google Chrome Security Team used the Address Sanitizer tool to discover two buffer overflow issues in the Libvpx library used for WebM video when decoding a malformed WebM video file. These buffer overflows result in potentially exploitable crashes...

10CVSS7.5AI score0.08447EPSS
Exploits0References4Affected Software4
UbuntuCve
UbuntuCve
added 2015/08/11 12:0 a.m.28 views

CVE-2015-4485

Heap-based buffer overflow in the resizecontextbuffers function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via malformed WebM video data...

10CVSS7.3AI score0.08447EPSS
Exploits0References3
OSV
OSV
added 2015/08/11 12:0 a.m.4 views

UBUNTU-CVE-2015-4485

Heap-based buffer overflow in the resizecontextbuffers function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via malformed WebM video data...

10CVSS7.4AI score0.08447EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2014/11/03 12:0 a.m.30 views

openSUSE Security Update : firefox / mozilla-nspr / mozilla-nss and seamonkey (openSUSE-SU-2014:1345-1)

update to Firefox 33.0 bnc900941 New features : - OpenH264 support sandboxed - Enhanced Tiles - Improved search experience through the location bar - Slimmer and faster JavaScript strings - New CSP Content Security Policy backend - Support for connecting to HTTP proxy over HTTPS - Improved...

10CVSS7.9AI score0.05811EPSS
Exploits1References37
OpenVAS
OpenVAS
added 2014/10/20 12:0 a.m.64 views

Mozilla Thunderbird Multiple Vulnerabilities-01 (Oct 2014) - Mac OS X

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

7.5CVSS9.6AI score0.04991EPSS
Exploits0References12
OpenVAS
OpenVAS
added 2014/10/20 12:0 a.m.30 views

Mozilla Thunderbird Multiple Vulnerabilities-01 (Oct 2014) - Windows

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

7.5CVSS9.6AI score0.04991EPSS
Exploits0References12
OpenVAS
OpenVAS
added 2014/10/17 12:0 a.m.27 views

Mozilla Firefox Multiple Vulnerabilities-01 (Oct 2014) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

7.5CVSS9.7AI score0.0527EPSS
Exploits1References17
Tenable Nessus
Tenable Nessus
added 2014/10/16 12:0 a.m.31 views

Oracle Linux 5 / 6 / 7 : firefox (ELSA-2014-1635)

The remote Oracle Linux 5 / 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1635 advisory. firefox 31.2.0-3.0.1.el70 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 31.2.0-3 - Update to 31.2.0 ESR - Fix...

7.5CVSS7.8AI score0.04991EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2014/10/15 4:12 p.m.9 views

Mozilla: Out-of-bounds write with WebM video (MFSA 2014-77)

The gettile function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to cause a denial of service out-of-bounds write and application crash or possibly execute arbitrary code via WebM frames with invalid tile sizes that are...

7.5CVSS7.3AI score0.03944EPSS
Exploits0References5
Ubuntu
Ubuntu
added 2014/10/15 2:27 p.m.64 views

USN-2373-1: Thunderbird vulnerabilities

Bobby Holley, Christian Holler, David Bolter, Byron Campen and Jon Coppeard discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service vi...

7.5CVSS8.4AI score0.04991EPSS
Exploits0
OSV
OSV
added 2014/10/15 2:27 p.m.5 views

USN-2373-1 thunderbird vulnerabilities

Bobby Holley, Christian Holler, David Bolter, Byron Campen and Jon Coppeard discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service vi...

7.5CVSS7.4AI score0.04991EPSS
Exploits0References8
NVD
NVD
added 2014/10/15 10:55 a.m.13 views

CVE-2014-1578

The gettile function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to cause a denial of service out-of-bounds write and application crash or possibly execute arbitrary code via WebM frames with invalid tile sizes that are...

7.5CVSS7.9AI score0.03944EPSS
Exploits0References27
Rows per page
Query Builder