|
274831
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow user-assisted remote attackers to bypass intended access restrictions and discover a redirect's target URL via crafted JavaScript co…
|
CWE-200
Information Exposure
|
CVE-2015-4519
|
2024-11-21 11:31 |
2015-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274832
|
- |
|
mozilla
|
firefox
|
NetworkUtils.cpp in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have u…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4517
|
2024-11-21 11:31 |
2015-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274833
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox before 41.0 allows remote attackers to bypass certain ECMAScript 5 (aka ES5) API protection mechanisms and modify immutable properties, and consequently execute arbitrary JavaScript c…
|
CWE-254
7PK - Security Features
|
CVE-2015-4516
|
2024-11-21 11:31 |
2015-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274834
|
- |
|
mozilla
|
firefox
|
gfx/2d/DataSurfaceHelpers.cpp in Mozilla Firefox before 41.0 on Linux improperly attempts to use the Cairo library with 32-bit color-depth surface creation followed by 16-bit color-depth surface disp…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4512
|
2024-11-21 11:31 |
2015-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274835
|
- |
|
mozilla
|
firefox
|
Heap-based buffer overflow in the nestegg_track_codec_data function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allows remote attackers to execute arbitrary code via a crafted hea…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4511
|
2024-11-21 11:31 |
2015-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274836
|
- |
|
mozilla
|
firefox
|
Race condition in the WorkerPrivate::NotifyFeatures function in Mozilla Firefox before 41.0 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and applicat…
|
CWE-362
NVD-CWE-Other
Race Condition
|
CVE-2015-4510
|
2024-11-21 11:31 |
2015-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274837
|
- |
|
mozilla
|
firefox
|
Use-after-free vulnerability in the HTMLVideoElement interface in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allows remote attackers to execute arbitrary code via crafted JavaScript…
|
NVD-CWE-Other
|
CVE-2015-4509
|
2024-11-21 11:31 |
2015-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274838
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox before 41.0, when reader mode is enabled, allows remote attackers to spoof the relationship between address-bar URLs and web content via a crafted web site.
|
CWE-254
7PK - Security Features
|
CVE-2015-4508
|
2024-11-21 11:31 |
2015-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274839
|
- |
|
mozilla
|
firefox
|
The SavedStacks class in the JavaScript implementation in Mozilla Firefox before 41.0, when the Debugger API is enabled, allows remote attackers to cause a denial of service (getSlotRef assertion fai…
|
NVD-CWE-noinfo
|
CVE-2015-4507
|
2024-11-21 11:31 |
2015-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274840
|
- |
|
mozilla
|
firefox
|
Buffer overflow in the vp9_init_context_buffers function in libvpx, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3, allows remote attackers to execute arbitrary code via a cr…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4506
|
2024-11-21 11:31 |
2015-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
