17 matches found
EUVD-2017-14483
Malware in sbrugna...
SUSE CVE-2014-1563
Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via an SVG animation...
SUSE CVE-2017-5379
Use-after-free vulnerability in Web Animations when interacting with cycle collection found through fuzzing. This vulnerability affects Firefox 51...
CVE-2017-5379
Use-after-free vulnerability in Web Animations when interacting with cycle collection found through fuzzing. This vulnerability affects Firefox 51...
CVE-2017-5379
CVE-2017-5379 is a use-after-free vulnerability in Web Animations when interacting with cycle collection, affecting Mozilla Firefox versions earlier than 51. It stems from memory safety issues in the Web Animations code path and is associated with the Firefox
[ASA-201701-39] firefox: multiple issues
Arch Linux Security Advisory ASA-201701-39 ========================================== Severity: Critical Date : 2017-01-29 CVE-ID : CVE-2017-5373 CVE-2017-5374 CVE-2017-5375 CVE-2017-5376 CVE-2017-5377 CVE-2017-5378 CVE-2017-5379 CVE-2017-5380 CVE-2017-5381 CVE-2017-5382 CVE-2017-5383 CVE-2017-53...
UBUNTU-CVE-2017-5379
Use-after-free vulnerability in Web Animations when interacting with cycle collection found through fuzzing. This vulnerability affects Firefox 51...
CVE-2017-5379
Use-after-free vulnerability in Web Animations when interacting with cycle collection found through fuzzing. This vulnerability affects Firefox 51...
CVE-2014-1563
Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via an SVG animation...
Firefox < 32.0 Multiple Vulnerabilities
The version of Firefox installed on the remote host is a version prior to 32.0. It is, therefore, affected by the following vulnerabilities : - Multiple memory safety flaws exist within the browser engine. Exploiting these, an attacker can cause a denial of service or execute arbitrary code...
Mozilla Thunderbird < 31.1 Multiple Vulnerabilities (Mac OS X)
The version of Thunderbird installed on the remote Mac OS X host is a version prior to 31.1. It is, therefore, affected by the following vulnerabilities : - Multiple memory safety flaws exist within the browser engine. Exploiting these, an attacker can cause a denial of service or execute arbitra...
CVE-2014-1563
Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via an SVG animation...
CVE-2013-5596
The cycle collection CC implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly determine the thread for release of an image object, which allows remote attackers to execute arbitrary code or cause a denial ...
CVE-2013-5596
The cycle collection CC implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly determine the thread for release of an image object, which allows remote attackers to execute arbitrary code or cause a denial ...
Race condition
The cycle collection CC implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly determine the thread for release of an image object, which allows remote attackers to execute arbitrary code or cause a denial ...
CVE-2013-5596
The cycle collection CC implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly determine the thread for release of an image object, which allows remote attackers to execute arbitrary code or cause a denial ...
Writing to cycle collected object during image decoding — Mozilla
Mozilla community member Ezra Pool reported a potentially exploitable crash on extremely large pages. This was caused when a cycle collected image object was released on the wrong thread during decoding, creating a race condition...