30 matches found
Mozilla Firefox ESR 45.x < 45.7 Multiple Vulnerabilities (macOS)
The version of Mozilla Firefox ESR installed on the remote macOS or Mac OS X host is 45.x prior to 45.7. It is, therefore, affected by the following vulnerabilities : - Mozilla developers and community members Christian Holler, Gary Kwong, Andre Bargull, Jan de Mooij, Tom Schuster, and Oriol...
Security vulnerabilities fixed in Firefox 51 — Mozilla
JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. Use-after-free while manipulating XSL in XSLT documents A memory corruption vulnerability in Skia that can occur when using transforms to make gradients, resulting in a potential...
Race condition
Race condition in the nsThreadManager::RegisterCurrentThread function in Mozilla Firefox before 38.0 allows remote attackers to execute arbitrary code or cause a denial of service use-after-free and heap memory corruption by leveraging improper Media Decoder Thread creation at the time of a...
CVE-2015-2715
Race condition in the nsThreadManager::RegisterCurrentThread function in Mozilla Firefox before 38.0 allows remote attackers to execute arbitrary code or cause a denial of service use-after-free and heap memory corruption by leveraging improper Media Decoder Thread creation at the time of a...
CVE-2015-2715
CVE-2015-2715 describes a race condition in Mozilla Firefox prior to 38.0 related to nsThreadManager::RegisterCurrentThread during shutdown when Media Decoder threads are created. This leads to use-after-free and heap memory corruption, enabling remote attackers to potentially execute arbitrary c...
Firefox < 38.0 Multiple Vulnerabilities
The version of Firefox installed on the remote Windows host is prior to 38.0. It is, therefore, affected by the following vulnerabilities : - A privilege escalation vulnerability exists in the Inter-process Communications IPC implementation due to a failure to validate the identity of a listener...
UBUNTU-CVE-2015-2715
Race condition in the nsThreadManager::RegisterCurrentThread function in Mozilla Firefox before 38.0 allows remote attackers to execute arbitrary code or cause a denial of service use-after-free and heap memory corruption by leveraging improper Media Decoder Thread creation at the time of a...
firefox: multiple issues
CVE-2015-2708 Memory safety bugs fixed in Firefox ESR 31.7 and Firefox 38: Jesse Ruderman, Mats Palmgren, Byron Campen, and Steve Fink reported memory safety problems and crashes that affect Firefox ESR 31.6 and Firefox 37. - CVE-2015-2709 Memory safety bugs fixed in Firefox 38: Gary Kwong,...
Use-after-free due to Media Decoder Thread creation during shutdown — Mozilla
Security researchers Tyson Smith and Jesse Schwartzentruber reported a use-after-free during the shutdown process. This was caused by a race condition when media decoder threads are created during the shutdown process in some circumstances. This leads to a potentially exploitable crash when...
mozilla -- multiple vulnerabilities
The Mozilla Project reports: MFSA-2015-46 Miscellaneous memory safety hazards rv:38.0 / rv:31.7 MFSA-2015-47 Buffer overflow parsing H.264 video with Linux Gstreamer MFSA-2015-48 Buffer overflow with SVG content and CSS MFSA-2015-49 Referrer policy ignored when links opened by middle-click and...