|
277611
|
- |
|
mozilla
|
firefox
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 37.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly exe…
|
NVD-CWE-noinfo
|
CVE-2015-0814
|
2024-11-21 11:23 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277612
|
- |
|
mozilla
|
firefox
firefox_esr
thunderbird
|
Use-after-free vulnerability in the AppendElements function in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 on Linux, when the Fluendo MP3 plugin for GStream…
|
NVD-CWE-Other
|
CVE-2015-0813
|
2024-11-21 11:23 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277613
|
- |
|
mozilla
opensuse
canonical
|
firefox
opensuse
ubuntu_linux
|
Mozilla Firefox before 37.0 does not require an HTTPS session for lightweight theme add-on installations, which allows man-in-the-middle attackers to bypass an intended user-confirmation requirement …
|
CWE-17
Code
|
CVE-2015-0812
|
2024-11-21 11:23 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277614
|
- |
|
mozilla
opensuse
canonical
|
firefox
opensuse
ubuntu_linux
|
The QCMS implementation in Mozilla Firefox before 37.0 allows remote attackers to obtain sensitive information from process heap memory or cause a denial of service (out-of-bounds read) via an image …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-0811
|
2024-11-21 11:23 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277615
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox before 37.0 on OS X does not ensure that the cursor is visible, which allows remote attackers to conduct clickjacking attacks via a Flash object in conjunction with DIV elements assoc…
|
CWE-20
Improper Input Validation
|
CVE-2015-0810
|
2024-11-21 11:23 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277616
|
- |
|
opensuse
canonical
mozilla
|
opensuse
ubuntu_linux
firefox
|
The webrtc::VPMContentAnalysis::Release function in the WebRTC implementation in Mozilla Firefox before 37.0 uses incompatible approaches to the deallocation of memory for simple-type arrays, which m…
|
CWE-17
Code
|
CVE-2015-0808
|
2024-11-21 11:23 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277617
|
- |
|
mozilla
|
firefox_esr
firefox
thunderbird
|
The navigator.sendBeacon implementation in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 processes HTTP 30x status codes for redirects after a preflight reque…
|
CWE-352
Origin Validation Error
|
CVE-2015-0807
|
2024-11-21 11:23 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277618
|
- |
|
canonical
mozilla
opensuse
|
ubuntu_linux
firefox
opensuse
|
The Off Main Thread Compositing (OMTC) implementation in Mozilla Firefox before 37.0 attempts to use memset for a memory region of negative length during interaction with the mozilla::layers::BufferT…
|
CWE-17
Code
|
CVE-2015-0806
|
2024-11-21 11:23 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277619
|
- |
|
opensuse
mozilla
canonical
|
opensuse
firefox
ubuntu_linux
|
The Off Main Thread Compositing (OMTC) implementation in Mozilla Firefox before 37.0 makes an incorrect memset call during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurfac…
|
CWE-17
Code
|
CVE-2015-0805
|
2024-11-21 11:23 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277620
|
- |
|
mozilla
opensuse
canonical
|
firefox
opensuse
ubuntu_linux
|
The HTMLSourceElement::BindToTree function in Mozilla Firefox before 37.0 does not properly constrain a data type after omitting namespace validation during certain tree-binding operations, which all…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-0804
|
2024-11-21 11:23 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
