4768 matches found
CVE-2016-1970
Integer underflow in the srtpunprotect function in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via unknown vectors...
CVE-2016-1968
Integer underflow in Brotli, as used in Mozilla Firefox before 45.0, allows remote attackers to execute arbitrary code or cause a denial of service buffer overflow via crafted data with brotli compression...
CVE-2016-1960
Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string parser in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service use-after-free by leveraging mishandling of end tags, as demonstrated by...
CVE-2016-1960
Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string parser in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service use-after-free by leveraging mishandling of end tags, as demonstrated by...
Integer overflow
Integer underflow in the srtpunprotect function in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via unknown vectors...
CVE-2016-1970
Integer underflow in the srtpunprotect function in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via unknown vectors...
CVE-2016-1970
Firefox before 45.0 on Windows is affected by CVE-2016-1970 due to an integer underflow in srtp_unprotect within WebRTC, potentially causing memory corruption and a denial of service via unknown vectors. MFSA 2016-32 references this CVE; the fix is integration in Firefox 45.0 and later. The conne...
CVE-2016-1968
CVE-2016-1968: An integer underflow in Brotli decompression used by Mozilla Firefox prior to 45.0 can be triggered by crafted brotli data, leading to remote code execution or a denial of service. The issue is documented in MFSA 2016-30 (CVE-2016-1968) and was addressed by Firefox 45.0, with relat...
CVE-2016-1960
Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string parser in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service use-after-free by leveraging mishandling of end tags, as demonstrated by...
CVE-2016-1968
Integer underflow in Brotli, as used in Mozilla Firefox before 45.0, allows remote attackers to execute arbitrary code or cause a denial of service buffer overflow via crafted data with brotli compression...
CVE-2016-1970
Integer underflow in the srtpunprotect function in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via unknown vectors...
CVE-2016-1960
CVE-2016-1960 is a vulnerability in Mozilla Firefox’s HTML5 parser (nsHtml5TreeBuilder) involving an integer underflow that enables a use-after-free scenario when parsing end tags in a foreign fragment context (SVG). Affects Firefox before 45.0 and Firefox ESR 38.x before 38.7; exploitation can l...
CVE-2016-1960
Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string parser in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service use-after-free by leveraging mishandling of end tags, as demonstrated by...
Mozilla: Use-after-free in HTML5 string parser (MFSA 2016-23)
Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string parser in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service use-after-free by leveraging mishandling of end tags, as demonstrated by...
LibreOffice and OpenOffice ODF Document PrinterSetup Integer Underflow (CVE-2015-5212)
An integer underflow vulnerability exists in LibreOffice and OpenOffice. The vulnerability is due to insufficient size checks when processing the PrinterSetup data within ODF documents. A remote unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted...
Ubuntu: Security Advisory (USN-2918-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
WebRTC and LibVPX vulnerabilities found through code inspection — Mozilla
Security researcher Ronald Crane reported five "moderate" rated vulnerabilities affecting released code that were found through code inspection. These included the following issues in WebRTC: an integer underflow, a missing status check, race condition, and a use of deleted pointers to create new...
CVE-2016-1968
Integer underflow in Brotli, as used in Mozilla Firefox before 45.0, allows remote attackers to execute arbitrary code or cause a denial of service buffer overflow via crafted data with brotli compression...
UBUNTU-CVE-2016-1960
Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string parser in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service use-after-free by leveraging mishandling of end tags, as demonstrated by...
Fedora 22 : wpa_supplicant-2.4-7.fc22 (2015-1521e91178)
wpasupplicant-2.4-7.fc22 - Make sure that network filesystems are unmounted when shutting down rh 1214466 - CVE-2015-4142: AP WMM: Fix integer underflow in WMM Action frame parser rh 1221178 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...