|
280611
|
- |
|
mozilla
|
firefox
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 36.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly exe…
|
NVD-CWE-noinfo
|
CVE-2015-0835
|
2024-11-21 11:23 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280612
|
- |
|
canonical
opensuse
mozilla
|
ubuntu_linux
opensuse
firefox
|
The WebRTC subsystem in Mozilla Firefox before 36.0 recognizes turns: and stuns: URIs but accesses the TURN or STUN server without using TLS, which makes it easier for man-in-the-middle attackers to …
|
CWE-200
Information Exposure
|
CVE-2015-0834
|
2024-11-21 11:23 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280613
|
- |
|
opensuse
mozilla
|
evergreen
opensuse
firefox
thunderbird
firefox_esr
|
Multiple untrusted search path vulnerabilities in updater.exe in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 on Windows, when the Maintenance Service is not…
|
NVD-CWE-Other
|
CVE-2015-0833
|
2024-11-21 11:23 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280614
|
- |
|
opensuse
canonical
mozilla
|
opensuse
ubuntu_linux
firefox
|
Mozilla Firefox before 36.0 does not properly recognize the equivalence of domain names with and without a trailing . (dot) character, which allows man-in-the-middle attackers to bypass the HPKP and …
|
CWE-254
7PK - Security Features
|
CVE-2015-0832
|
2024-11-21 11:23 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280615
|
- |
|
mozilla
redhat
canonical
|
thunderbird
firefox
firefox_esr
enterprise_linux
ubuntu_linux
|
Use-after-free vulnerability in the mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remo…
|
NVD-CWE-Other
|
CVE-2015-0831
|
2024-11-21 11:23 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280616
|
- |
|
canonical
mozilla
opensuse
|
ubuntu_linux
firefox
opensuse
|
The WebGL implementation in Mozilla Firefox before 36.0 does not properly allocate memory for copying an unspecified string to a shader's compilation log, which allows remote attackers to cause a den…
|
CWE-399
Resource Management Errors
|
CVE-2015-0830
|
2024-11-21 11:23 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280617
|
- |
|
canonical
opensuse
mozilla
oracle
|
ubuntu_linux
opensuse
firefox
solaris
|
Buffer overflow in libstagefright in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code via a crafted MP4 video that is improperly handled during playback.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-0829
|
2024-11-21 11:23 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280618
|
- |
|
oracle
mozilla
opensuse
|
solaris
firefox
opensuse
|
Double free vulnerability in the nsXMLHttpRequest::GetResponse function in Mozilla Firefox before 36.0, when a nonstandard memory allocator is used, allows remote attackers to execute arbitrary code …
|
NVD-CWE-Other
|
CVE-2015-0828
|
2024-11-21 11:23 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280619
|
- |
|
mozilla
|
firefox
firefox_esr
thunderbird
|
Heap-based buffer overflow in the mozilla::gfx::CopyRect function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to obtain sensitive…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-0827
|
2024-11-21 11:23 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280620
|
- |
|
mozilla
opensuse
canonical
|
firefox
opensuse
ubuntu_linux
|
The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read of heap memory) …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-0826
|
2024-11-21 11:23 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
