EUVD-2016-3910

Malware in sbrugna...

EUVD-2018-21133

Malware in sbrugna...

SUSE CVE-2016-2837

Heap-based buffer overflow in the ClearKey Content Decryption Module CDM in the Encrypted Media Extensions EME API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media...

Mozilla Firefox Security Advisory (MFSA2016-77) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

Out-of-bounds Write

Thunderbird, Firefox ESR, and Firefox are vulnerable to out-of-bounds write. ClearKeyDecryptor function can be exploited by a remote attacker to cause out-of-bounds write via decrypting some Clearkey-encrypted media content. This may lead to writing of arbitrary data within memory, resulting in a...

CVE-2018-9539

In the ClearKey CAS descrambler, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1...

Race condition

In the ClearKey CAS descrambler, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1...

CVE-2018-9539

In the ClearKey CAS descrambler, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1...

CVE-2018-9539

CVE-2018-9539 is a local elevation-of-privilege in the Android ClearKey CAS descrambler caused by a use-after-free race condition. Affects Android 8.0–9; exploitation requires local access with no user interaction. The Android Security Bulletin indicates patches at the 2018-11-01/2018-11-05 patch...

CVE-2018-9539

In the ClearKey CAS descrambler, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1...

CVE-2017-5448

An out-of-bounds write in "ClearKeyDecryptor" while decrypting some Clearkey-encrypted media content. The "ClearKeyDecryptor" code runs within the Gecko Media Plugin GMP sandbox. If a second mechanism is found to escape the sandbox, this vulnerability allows for the writing of arbitrary data with...

CVE-2017-5448

An out-of-bounds write in "ClearKeyDecryptor" while decrypting some Clearkey-encrypted media content. The "ClearKeyDecryptor" code runs within the Gecko Media Plugin GMP sandbox. If a second mechanism is found to escape the sandbox, this vulnerability allows for the writing of arbitrary data with...

SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2016:2195-1)

Mozilla Firefox was updated to 45.3.0 ESR to fix the following issues bsc991809 : - MFSA 2016-62/CVE-2016-2835/CVE-2016-2836 Miscellaneous memory safety hazards rv:48.0 / rv:45.3 - MFSA 2016-63/CVE-2016-2830 Favicon network connection can persist when page is closed - MFSA 2016-64/CVE-2016-2838...

Mozilla Firefox and Firefox ESR Stack Buffer Overflow Vulnerability

Mozilla Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox. A stack buffer overflow vulnerability exists in the ClearKey Content Decryption Module CDM in the Encrypted Media Extensions EME API of Mozilla Firefox and Firefox, which allows remote attackers ...

CVE-2016-2837

Heap-based buffer overflow in the ClearKey Content Decryption Module CDM in the Encrypted Media Extensions EME API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media...

CVE-2016-2837

Heap-based buffer overflow in the ClearKey Content Decryption Module CDM in the Encrypted Media Extensions EME API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media...

DEBIAN-CVE-2016-2837

Heap-based buffer overflow in the ClearKey Content Decryption Module CDM in the Encrypted Media Extensions EME API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media...

CVE-2016-2837

In IBM Storwize V7000 Unified, CVE-2016-2837 affects Mozilla Firefox components embedded via ClearKey CDM in the EME API. A heap-based buffer overflow during video playback could allow remote code execution. Affected versions: 1.5.0.0–1.5.2.4. Remediation: upgrade to 1.5.2.5 or later. If no furth...

CVE-2016-2837

Heap-based buffer overflow in the ClearKey Content Decryption Module CDM in the Encrypted Media Extensions EME API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media...

CVE-2016-2837

Heap-based buffer overflow in the ClearKey Content Decryption Module CDM in the Encrypted Media Extensions EME API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media...