11 matches found
Mageia: Security Advisory (MGASA-2015-0342)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mozilla Firefox Plugin Initialization Use-after-free Vulnerability (Apr 2015) - Mac OS X
Mozilla Firefox is prone to a use after free vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
CVE-2015-2706
Race condition in the AsyncPaintWaitEvent::AsyncPaintWaitEvent function in Mozilla Firefox before 37.0.2 allows remote attackers to execute arbitrary code or cause a denial of service use-after-free via a crafted plugin that does not properly complete initialization...
openSUSE Security Update : Mozille Firefox (openSUSE-2015-325)
Mozilla Firefox was updated to 37.0.2 to fix one security issue. The following vulnerability was fixed : - CVE-2015-2706 Memory corruption during failed plugin initialization bmo1141081 MFSA 2015-45 bnc928116 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...
Ubuntu 14.04 LTS : Firefox vulnerability (USN-2571-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2571-1 advisory. Robert Kaiser discovered a use-after-free during plugin initialization in some circumstances. If a user were tricked in to opening a specially crafted website, an...
Ubuntu: Security Advisory (USN-2571-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-2706
CVE-2015-2706 affects Mozilla Firefox before 37.0.2, where a race condition in AsyncPaintWaitEvent() during plugin initialization can lead to remote code execution or a denial of service via use-after-free. The vulnerability is confirmed in multiple advisories (e.g., Firefox updates to 37.0.2 add...
USN-2571-1: Firefox vulnerability
Robert Kaiser discovered a use-after-free during plugin initialization in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileg...
Firefox < 37.0.2 Failed Plugin Memory Corruption (Mac OS X)
The version of Firefox installed on the remote Mac OS X host is prior to 37.0.2. It is, therefore, affected by a use-after-free error, related to the AsyncPaintWaitEvent method, due to a race condition caused when plugin initialization fails. A remote attacker, using a crafted web page, can explo...
CVE-2015-2706
Race condition in the AsyncPaintWaitEvent::AsyncPaintWaitEvent function in Mozilla Firefox before 37.0.2 allows remote attackers to execute arbitrary code or cause a denial of service use-after-free via a crafted plugin that does not properly complete initialization...
KLA10554 Denial of service vulnerability in Mozilla Firefox
Race condition was found in Mozilla Firefox. By exploiting this vulnerability malicious users can cause denial of service or other unknown impact. This vulnerability can be exploited remotely via an unknown vectors related to plugins. Original advisories MFSA Related products Mozilla-Firefox CVE...