13 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-7810
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory safety bugs were reported in Firefox 55 and Firefox ESR 52.3. Some of these bugs showed evidence of memory corruption and we presume that with enough...
SUSE CVE-2017-5401
A crash triggerable by web content in which an "ErrorResult" references unassigned memory due to a logic error. The resulting crash may be exploitable. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...
SUSE CVE-2017-7778
A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. These issues were addressed in Graphite 2 version 1.3.10. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird...
DEBIAN-CVE-2018-5125
Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird 52.7, Firefox ESR 52.7, and Firef...
DEBIAN-CVE-2017-7818
A use-after-free vulnerability can occur when manipulating arrays of Accessible Rich Internet Applications ARIA elements within containers through the DOM. This results in a potentially exploitable crash. This vulnerability affects Firefox 56, Firefox ESR 52.4, and Thunderbird 52.4...
Mozilla: Use-after-free with SVG animations and text paths
A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.8, Thunderbird ESR 52.8, Firefox 60, and Firefox ESR 52.8...
Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8
Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird 52.8,...
Mozilla: Use-after-free with SVG animations and clip paths
A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.8, Thunderbird ESR 52.8, Firefox 60, and Firefox ESR 52.8...
Mozilla: Use-after-free with SVG animations and clip paths
A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.8, Thunderbird ESR 52.8, Firefox 60, and Firefox ESR 52.8...
Mozilla: Use-after-free while editing form elements (MFSA 2018-03)
A use-after-free vulnerability can occur while editing events in form elements on a page, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR 52.6 and Thunderbird 52.6...
Mozilla: Use-after-free resizing image elements (MFSA 2017-19)
A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur when the freed elements are accessed. This vulnerability affects...
Mozilla: Memory safety bugs fixed in Firefox 52 and Firefox ESR 45.8 (MFSA 2017-06)
Memory safety bugs were reported in Thunderbird 45.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbir...
UBUNTU-CVE-2017-5407
Using SVG filters that don't use the fixed point math implementation on a target iframe, a malicious page can extract pixel values from a targeted user. This can be used to extract history information and read text values across domains. This violates same-origin policy and leads to information...