Lucene search
K

45 matches found

Veracode
Veracode
added 2020/09/21 6:28 a.m.21 views

Denial Of Service (DoS)

firefox is vulnerable to denial of service DoS. A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without triggering a user prompt or notification. This allows for...

4.3CVSS3.8AI score0.00896EPSS
Exploits0References5Affected Software2
RedhatCVE
RedhatCVE
added 2019/10/11 6:6 p.m.21 views

CVE-2019-11749

A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without triggering a user prompt or notification. This allows for the potential fingerprinting of users. This...

4.3CVSS3.8AI score0.00896EPSS
Exploits0References4
NVD
NVD
added 2019/09/27 6:15 p.m.14 views

CVE-2019-11749

A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without triggering a user prompt or notification. This allows for the potential fingerprinting of users. This...

4.3CVSS4.2AI score0.00896EPSS
Exploits0References5
Prion
Prion
added 2019/09/27 6:15 p.m.22 views

Design/Logic Flaw

A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without triggering a user prompt or notification. This allows for the potential fingerprinting of users. This...

4.3CVSS5.6AI score0.00896EPSS
Exploits0References5Affected Software2
CVE
CVE
added 2019/09/27 5:15 p.m.243 views

CVE-2019-11749

CVE-2019-11749 describes an information-disclosure vulnerability in WebRTC: malicious content can probe the getUserMedia constraints to reveal camera device properties without user prompt, enabling potential user fingerprinting. Affected products are Firefox prior to 69 and Firefox ESR prior to 6...

4.3CVSS5.6AI score0.00896EPSS
Exploits0References5Affected Software2
Cvelist
Cvelist
added 2019/09/27 5:15 p.m.17 views

CVE-2019-11749

A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without triggering a user prompt or notification. This allows for the potential fingerprinting of users. This...

5.8AI score0.00896EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2019/09/27 5:15 p.m.20 views

CVE-2019-11749

A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without triggering a user prompt or notification. This allows for the potential fingerprinting of users. This...

4.3CVSS7.1AI score0.00896EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/09/09 12:0 a.m.48 views

Oracle Linux 8 : firefox (ELSA-2019-2663)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2019-2663 advisory. 68.1.0-1.0.1 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat...

9.3CVSS7.4AI score0.0216EPSS
Exploits2References14
BDU FSTEC
BDU FSTEC
added 2015/06/05 12:0 a.m.5 views

The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure.

The vulnerability of Google Chrome’s browser in the content/renderer/media/usermediaclientimpl.cc file arises from the use of memory after it is freed. Exploiting this vulnerability allows an attacker, operating remotely, to cause a service failure by executing a specially crafted Java script upo...

7.5CVSS7.7AI score0.01649EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2015/05/25 3:25 a.m.7 views

chromium-browser: Use-after-free in WebRTC.

Multiple use-after-free vulnerabilities in content/renderer/media/usermediaclientimpl.cc in the WebRTC implementation in Google Chrome before 43.0.2357.65 allow remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that executes upon...

7.5CVSS7.6AI score0.01649EPSS
Exploits0References5
Prion
Prion
added 2015/05/20 10:59 a.m.12 views

Server side request forgery (ssrf)

Multiple use-after-free vulnerabilities in content/renderer/media/usermediaclientimpl.cc in the WebRTC implementation in Google Chrome before 43.0.2357.65 allow remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that executes upon...

7.5CVSS8AI score0.01649EPSS
Exploits0References9Affected Software2
CVE
CVE
added 2015/05/20 10:0 a.m.91 views

CVE-2015-1260

CVE-2015-1260 affects Google Chrome up to version 43.0.2357.65, where multiple use-after-free vulnerabilities exist in the WebRTC interface (content/renderer/media/user_media_client_impl.cc). Exploitation via crafted JavaScript after getUserMedia can lead to denial of service and possibly other i...

7.5CVSS7.4AI score0.01649EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2015/05/20 10:0 a.m.38 views

CVE-2015-1260

Removed by vendor...

7.5CVSS9.4AI score0.01649EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2015/05/20 12:0 a.m.28 views

CVE-2015-1260

Multiple use-after-free vulnerabilities in content/renderer/media/usermediaclientimpl.cc in the WebRTC implementation in Google Chrome before 43.0.2357.65 allow remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that executes upon...

7.5CVSS7.3AI score0.01649EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2013/11/19 12:0 a.m.29 views

openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2013:1142-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.8AI score0.05397EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2013/07/04 12:4 p.m.49 views

MozillaFirefox: Update to Firefox 22.0 release (important)

MozillaFirefox was updated to Firefox 22.0 bnc825935 Following security issues were fixed: MFSA 2013-49/CVE-2013-1682/CVE-2013-1683 Miscellaneous memory safety hazards MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686 Memory corruption found using Address Sanitizer MFSA 2013-51/CVE-2013-1687...

10CVSS1.8AI score0.69021EPSS
Exploits11References1
Tenable Nessus
Tenable Nessus
added 2013/06/27 12:0 a.m.32 views

Ubuntu 12.04 LTS / 12.10 / 13.04 : firefox vulnerabilities (USN-1890-1)

Multiple memory safety issues were discovered in Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the privileges of the user invoking...

10CVSS8.7AI score0.69021EPSS
Exploits11References17
Tenable Nessus
Tenable Nessus
added 2013/06/27 12:0 a.m.38 views

FreeBSD : mozilla -- multiple vulnerabilities (b3fcb387-de4b-11e2-b1c6-0025905a4771)

The Mozilla Project reports : Miscellaneous memory safety hazards rv:22.0 / rv:17.0.7 Title: Memory corruption found using Address Sanitizer Privileged content access and execution via XBL Arbitrary code execution within Profiler Execution of unmapped memory through onreadystatechange Data in the...

10CVSS8.5AI score0.69021EPSS
Exploits11References33
NVD
NVD
added 2013/06/26 3:19 a.m.12 views

CVE-2013-1698

The getUserMedia permission implementation in Mozilla Firefox before 22.0 references the URL of a top-level document instead of the URL of a specific page, which makes it easier for remote attackers to trick users into permitting camera or microphone access via a crafted web site that uses IFRAME...

4.3CVSS6.1AI score0.01486EPSS
Exploits0References5
Prion
Prion
added 2013/06/26 3:19 a.m.15 views

Code injection

The getUserMedia permission implementation in Mozilla Firefox before 22.0 references the URL of a top-level document instead of the URL of a specific page, which makes it easier for remote attackers to trick users into permitting camera or microphone access via a crafted web site that uses IFRAME...

4.3CVSS6.6AI score0.01486EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder