|
211911
|
- |
|
mozilla
|
firefox
|
The (1) AddWeightedPathSegLists and (2) SVGPathSegListSMILType::Interpolate functions in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lack status checking, which allows remote attacke…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-7199
|
2024-11-21 11:36 |
2015-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211912
|
- |
|
mozilla
|
firefox
|
Buffer overflow in the rx::TextureStorage11 class in ANGLE, as used in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, allows remote attackers to cause a denial of service (memory corru…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-7198
|
2024-11-21 11:36 |
2015-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211913
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 improperly control the ability of a web worker to create a WebSocket object, which allows remote attackers to bypass intended mixed-conten…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-7197
|
2024-11-21 11:36 |
2015-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211914
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, when a Java plugin is enabled, allow remote attackers to cause a denial of service (incorrect garbage collection and application crash) o…
|
CWE-17
Code
|
CVE-2015-7196
|
2024-11-21 11:36 |
2015-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211915
|
- |
|
mozilla
|
firefox
|
The URL parsing implementation in Mozilla Firefox before 42.0 improperly recognizes escaped characters in hostnames within Location headers, which allows remote attackers to obtain sensitive informat…
|
CWE-200
Information Exposure
|
CVE-2015-7195
|
2024-11-21 11:36 |
2015-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211916
|
- |
|
mozilla
|
firefox
|
Buffer underflow in libjar in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-7194
|
2024-11-21 11:36 |
2015-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211917
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 improperly follow the CORS cross-origin request algorithm for the POST method in situations involving an unspecified Content-Type header m…
|
CWE-254
7PK - Security Features
|
CVE-2015-7193
|
2024-11-21 11:36 |
2015-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211918
|
- |
|
mozilla
|
firefox
|
The accessibility-tools feature in Mozilla Firefox before 42.0 on OS X improperly interacts with the implementation of the TABLE element, which allows remote attackers to cause a denial of service (a…
|
CWE-17
Code
|
CVE-2015-7192
|
2024-11-21 11:36 |
2015-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211919
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox before 42.0 on Android improperly restricts URL strings in intents, which allows attackers to conduct cross-site scripting (XSS) attacks via vectors involving an intent: URL and fallb…
|
CWE-79
Cross-site Scripting
|
CVE-2015-7191
|
2024-11-21 11:36 |
2015-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211920
|
- |
|
mozilla
|
firefox
|
The Search feature in Mozilla Firefox before 42.0 on Android through 4.4 supports search-engine URL registration through an intent and can access this URL in a privileged context in conjunction with …
|
CWE-200
Information Exposure
|
CVE-2015-7190
|
2024-11-21 11:36 |
2015-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
