62 matches found
The vulnerability of the Mozilla SeaMonkey software package, which allows a malicious individual to execute arbitrary code.
Mozilla SeaMonkey software contains a vulnerability related to implementation errors of the Web Workers technology. Exploiting this vulnerability allows malicious actors to execute arbitrary code by terminating the worker process that transfers objects between threads, using asm.js...
The vulnerability of the Firefox browser, which allows a malicious actor to execute arbitrary code
The Mozilla Firefox browser contains a vulnerability related to errors in the implementation of the Web Workers technology. Exploiting this vulnerability allows malicious actors to execute arbitrary code by terminating the worker process, thereby enabling them to transfer objects between threads...
Mozilla Firefox Multiple Vulnerabilities-01 (May 2015) - Windows
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
CVE-2015-2712
The asm.js implementation in Mozilla Firefox before 38.0 does not properly determine heap lengths during identification of cases in which bounds checking may be safely skipped, which allows remote attackers to trigger out-of-bounds write operations and possibly execute arbitrary code, or trigger...
Out-of-bounds
The asm.js implementation in Mozilla Firefox before 38.0 does not properly determine heap lengths during identification of cases in which bounds checking may be safely skipped, which allows remote attackers to trigger out-of-bounds write operations and possibly execute arbitrary code, or trigger...
CVE-2015-2712
Mozilla Firefox before 38.0 is affected by CVE-2015-2712 due to an issue in the asm.js validation that misdefines heap lengths, enabling out-of-bounds writes (and potentially reads) via crafted JavaScript and possibly allowing arbitrary code execution or memory leakage. The fault is described in ...
CVE-2015-2712
The asm.js implementation in Mozilla Firefox before 38.0 does not properly determine heap lengths during identification of cases in which bounds checking may be safely skipped, which allows remote attackers to trigger out-of-bounds write operations and possibly execute arbitrary code, or trigger...
Mozilla Firefox 'asm.js' Out-of-Bounds Read/Write Vulnerability
Mozilla Firefox is a popular open source WEB browser. Mozilla Firefox has an out-of-bounds read/write vulnerability in 'asm.js' when validating Javascript, which allows remote attackers to exploit the vulnerability to construct a malicious web page that can be parsed by the user and can be used t...
UBUNTU-CVE-2015-2712
The asm.js implementation in Mozilla Firefox before 38.0 does not properly determine heap lengths during identification of cases in which bounds checking may be safely skipped, which allows remote attackers to trigger out-of-bounds write operations and possibly execute arbitrary code, or trigger...
firefox: multiple issues
CVE-2015-2708 Memory safety bugs fixed in Firefox ESR 31.7 and Firefox 38: Jesse Ruderman, Mats Palmgren, Byron Campen, and Steve Fink reported memory safety problems and crashes that affect Firefox ESR 31.6 and Firefox 37. - CVE-2015-2709 Memory safety bugs fixed in Firefox 38: Gary Kwong,...
CVE-2015-2712
The asm.js implementation in Mozilla Firefox before 38.0 does not properly determine heap lengths during identification of cases in which bounds checking may be safely skipped, which allows remote attackers to trigger out-of-bounds write operations and possibly execute arbitrary code, or trigger...
Out-of-bounds read and write in asm.js validation — Mozilla
Security researcher Dougall Johnson reported an out-of-bounds read and write in asm.js during JavaScript validation due to an error in how heap lengths are defined. This results in a potentially exploitable crash and could allow for the reading of random memory which may contain sensitive data...
mozilla -- multiple vulnerabilities
The Mozilla Project reports: MFSA-2015-46 Miscellaneous memory safety hazards rv:38.0 / rv:31.7 MFSA-2015-47 Buffer overflow parsing H.264 video with Linux Gstreamer MFSA-2015-48 Buffer overflow with SVG content and CSS MFSA-2015-49 Referrer policy ignored when links opened by middle-click and...
Design/Logic Flaw
The asm.js implementation in Mozilla Firefox before 36.0.3, Firefox ESR 31.x before 31.5.2, and SeaMonkey before 2.33.1 does not properly determine the cases in which bounds checking may be safely skipped during JIT compilation and heap access, which allows remote attackers to read or write to...
CVE-2015-0817
CVE-2015-0817 is a vulnerability in the asm.js/JIT bounds checking of Mozilla Firefox (and related Mozilla products) that can allow a remote attacker to read/write memory and potentially execute arbitrary code due to improper bounds checks during JIT compilation. Connected IBM advisories confirm ...
CVE-2015-0817
The asm.js implementation in Mozilla Firefox before 36.0.3, Firefox ESR 31.x before 31.5.2, and SeaMonkey before 2.33.1 does not properly determine the cases in which bounds checking may be safely skipped during JIT compilation and heap access, which allows remote attackers to read or write to...
CVE-2014-1488
The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in conjunction with use of asm.js...
CVE-2014-1488
The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in conjunction with use of asm.js...
SeaMonkey < 2.24 Multiple Vulnerabilities
Binary data 8099.prm...
CVE-2014-1488
The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in conjunction with use of asm.js...