Lucene search
K

20 matches found

Veracode
Veracode
added 2019/05/02 5:41 a.m.24 views

Arbitrary Code Execution

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

10CVSS8.3AI score0.09027EPSS
Exploits0References17Affected Software1
Veracode
Veracode
added 2019/05/02 5:41 a.m.30 views

Arbitrary Code Execution

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

10CVSS8.3AI score0.09027EPSS
Exploits0References20Affected Software1
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.31 views

Oracle: Security Advisory (ELSA-2015-1586)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.1AI score0.09027EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2015/10/01 12:59 a.m.26 views

CVE-2015-1539

Multiple integer underflows in the ESDS::parseESDescriptor function in ESDS.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to execute arbitrary code via crafted ESDS atoms, aka internal bug 20139950, a related issue to CVE-2015-4493...

10CVSS6.3AI score0.85792EPSS
Exploits0References2
Prion
Prion
added 2015/10/01 12:59 a.m.26 views

Integer overflow

Multiple integer underflows in the ESDS::parseESDescriptor function in ESDS.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to execute arbitrary code via crafted ESDS atoms, aka internal bug 20139950, a related issue to CVE-2015-4493...

10CVSS7.8AI score0.85792EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2015/10/01 12:0 a.m.30 views

CVE-2015-1539

Multiple integer underflows in the ESDS::parseESDescriptor function in ESDS.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to execute arbitrary code via crafted ESDS atoms, aka internal bug 20139950, a related issue to CVE-2015-4493...

9.6AI score0.85792EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2015/09/18 12:0 a.m.40 views

openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2015:1389-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/08/31 12:0 a.m.47 views

openSUSE Security Update : MozillaThunderbird (openSUSE-2015-559)

This update to Thunderbird 38.2.0 fixes the following issues bnc940806 : - MFSA 2015-79/CVE-2015-4473 Miscellaneous memory safety hazards - MFSA 2015-80/CVE-2015-4475 bmo1175396 Out-of-bounds read with malformed MP3 file - MFSA 2015-82/CVE-2015-4478 bmo1105914 Redefinition of non-configurable...

10CVSS7.2AI score0.09027EPSS
Exploits1References17
OpenVAS
OpenVAS
added 2015/08/19 12:0 a.m.36 views

Mozilla Firefox ESR Multiple Vulnerabilities (Aug 2015) - Windows

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

10CVSS7.4AI score0.09027EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2015/08/19 12:0 a.m.45 views

Mozilla Firefox ESR Multiple Vulnerabilities (Aug 2015) - Mac OS X

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

10CVSS7.4AI score0.09027EPSS
Exploits0References4
NVD
NVD
added 2015/08/16 1:59 a.m.27 views

CVE-2015-4493

Heap-based buffer overflow in the stagefright::ESDS::parseESDescriptor function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via an invalid size field in an esds chunk in MPEG-4 video data, a related issue to...

9.3CVSS9.9AI score0.07357EPSS
Exploits0References15
CVE
CVE
added 2015/08/16 1:0 a.m.106 views

CVE-2015-4493

CVE-2015-4493 describes a heap-based buffer overflow in libstagefright’s stagefright::ESDS::parseESDescriptor within Firefox before 40.0 and Firefox ESR 38.x before 38.2, exploitable via an invalid size in an esds chunk of MPEG-4 video data that could allow remote code execution. Connected CVE-20...

9.3CVSS9.7AI score0.07357EPSS
Exploits0References15Affected Software1
Cvelist
Cvelist
added 2015/08/16 1:0 a.m.32 views

CVE-2015-4493

Heap-based buffer overflow in the stagefright::ESDS::parseESDescriptor function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via an invalid size field in an esds chunk in MPEG-4 video data, a related issue to...

9.9AI score0.07357EPSS
Exploits0References15
OpenVAS
OpenVAS
added 2015/08/13 12:0 a.m.27 views

CentOS Update for firefox CESA-2015:1586 centos5

Check the version of firefox SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882244";...

10CVSS6.8AI score0.09027EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/08/13 12:0 a.m.39 views

Firefox ESR < 38.2 Multiple Vulnerabilities (Mac OS X)

The version of Firefox ESR installed on the remote Mac OS X host is prior to 38.2. It is, therefore, affected by the following vulnerabilities : - Multiple memory corruption issues exist that allow a remote attacker, via a specially crafted web page, to corrupt memory and potentially execute...

10CVSS7.4AI score0.09027EPSS
Exploits0References23
Tenable Nessus
Tenable Nessus
added 2015/08/12 12:0 a.m.43 views

CentOS 5 / 6 / 7 : firefox (CESA-2015:1586)

Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

10CVSS7.8AI score0.09027EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2015/08/12 12:0 a.m.30 views

Scientific Linux Security Update : firefox on SL5.x, SL6.x, SL7.x i386/x86_64 (20150811)

Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2015-4473, CVE-2015-4475, CVE-2015-4478, CVE-2015-4479,...

10CVSS7.7AI score0.09027EPSS
Exploits0References15
RedHat Linux
RedHat Linux
added 2015/08/11 7:47 p.m.44 views

Critical: Red Hat Security Advisory: firefox security update

Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

10CVSS7AI score0.09027EPSS
Exploits0References11
OpenVAS
OpenVAS
added 2015/08/11 12:0 a.m.33 views

Debian: Security Advisory (DSA-3333-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.5AI score0.09027EPSS
Exploits0References3
android
android
added 2015/08/01 12:0 a.m.30 views

CVE-2015-1539

Multiple integer underflows in the ESDS::parseESDescriptor function in ESDS.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to execute arbitrary code via crafted ESDS atoms, aka internal bug 20139950, a related issue to CVE-2015-4493...

10CVSS7.8AI score0.85792EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder