14 matches found
Mozilla Firefox and Firefox ESR DOMSVGLength Class Memory Misreference Vulnerability
Mozilla Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox. A memory misreference vulnerability exists in the Mozilla Firefox and Firefox ESR DOMSVGLength class, which allows remote attackers to construct a malicious web page that can be tricked into...
CVE-2016-5281
Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between JavaScript code and an SVG document...
DEBIAN-CVE-2016-5281
Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between JavaScript code and an SVG document...
Design/Logic Flaw
Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between JavaScript code and an SVG document...
CVE-2016-5281
IBM Storwize V7000 Unified is affected by CVE-2016-5281 (Mozilla Firefox use-after-free in DOMSVGLength) as part of a set of Firefox vulnerabilities bundled in IBM advisories. The IBM Security Bulletin lists affected code releases 1.5.1.0 to 1.5.2.4 and states a fix is available in version 1.5.2....
CVE-2016-5281
Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between JavaScript code and an SVG document...
CVE-2016-5281
Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between JavaScript code and an SVG document...
UBUNTU-CVE-2016-5281
Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between JavaScript code and an SVG document...
Mozilla: use-after-free in DOMSVGLength (MFSA 2016-85, MFSA 2016-86)
Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between JavaScript code and an SVG document...
CVE-2016-5281
Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between JavaScript code and an SVG document...
Mozilla Firefox DOMSVGLength Reflected Attribute Use-After-Free (CVE-2014-1563)
A use after free vulnerability exists in Mozilla Firefox. The vulnerability is due to an issue with handling DOMSVGLength objects. A remote unauthenticated attacker could exploit this vulnerability by enticing a user into opening a malicious page. Successful exploitation could lead to arbitrary...
Design/Logic Flaw
Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via an SVG animation...
CVE-2014-1563
Mozilla Firefox before 32.0 (and ESR 31.x before 31.1) and Thunderbird 31.x before 31.1 are affected by a use-after-free in mozilla::DOMSVGLength::GetTearOff triggered by an SVG animation with DOM interactions, enabling remote code execution or a denial of service via heap memory corruption. Upgr...
UBUNTU-CVE-2014-1563
Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via an SVG animation...