rpm package

suse/MozillaFirefox&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP1

pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1

Vulnerabilities (409)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2016-2821	Hig	7.5	< 45.2.0esr-75.2	45.2.0esr-75.2	Jun 13, 2016	Use-after-free vulnerability in the mozilla::dom::Element class in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2, when contenteditable mode is enabled, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by trigge
CVE-2016-2819	Hig	8.8	< 45.2.0esr-75.2	45.2.0esr-75.2	Jun 13, 2016	Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via foreign-context HTML5 fragments, as demonstrated by fragments within an SVG element.
CVE-2016-2818	Hig	8.8	< 45.2.0esr-75.2	45.2.0esr-75.2	Jun 13, 2016	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2016-2815	Hig	8.8	< 45.2.0esr-75.2	45.2.0esr-75.2	Jun 13, 2016	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2016-2814	Hig	8.8	< 38.8.0esr-66.2	38.8.0esr-66.2	Apr 30, 2016	Heap-based buffer overflow in the stagefright::SampleTable::parseSampleCencInfo function in libstagefright in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code via crafted CENC offsets tha
CVE-2016-2808	Hig	7.5	< 38.8.0esr-66.2	38.8.0esr-66.2	Apr 30, 2016	The watch implementation in the JavaScript engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code or cause a denial of service (generation-count overflow, out-of-bounds HashMap write
CVE-2016-2807	Hig	8.8	< 38.8.0esr-66.2	38.8.0esr-66.2	Apr 30, 2016	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary co
CVE-2016-2805	Hig	8.8	< 38.8.0esr-66.2	38.8.0esr-66.2	Apr 30, 2016	Unspecified vulnerability in the browser engine in Mozilla Firefox ESR 38.x before 38.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2016-2802	Hig	8.8	< 38.7.0esr-63.3	38.7.0esr-63.3	Mar 13, 2016	The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a
CVE-2016-2801	Hig	8.8	< 38.7.0esr-63.3	38.7.0esr-63.3	Mar 13, 2016	The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other imp
CVE-2016-2800	Hig	8.8	< 38.7.0esr-63.3	38.7.0esr-63.3	Mar 13, 2016	The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted G
CVE-2016-2799	Hig	8.8	< 38.7.0esr-63.3	38.7.0esr-63.3	Mar 13, 2016	Heap-based buffer overflow in the graphite2::Slot::setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Gr
CVE-2016-2798	Hig	8.8	< 38.7.0esr-63.3	38.7.0esr-63.3	Mar 13, 2016	The graphite2::GlyphCache::Loader::Loader function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted
CVE-2016-2797	Hig	8.8	< 38.7.0esr-63.3	38.7.0esr-63.3	Mar 13, 2016	The graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a craft
CVE-2016-2796	Hig	8.8	< 38.7.0esr-63.3	38.7.0esr-63.3	Mar 13, 2016	Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a
CVE-2016-2795	Hig	8.8	< 38.7.0esr-63.3	38.7.0esr-63.3	Mar 13, 2016	The graphite2::FileFace::get_table_fn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly
CVE-2016-2794	Hig	8.8	< 38.7.0esr-63.3	38.7.0esr-63.3	Mar 13, 2016	The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via
CVE-2016-2793	Hig	8.8	< 38.7.0esr-63.3	38.7.0esr-63.3	Mar 13, 2016	CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.
CVE-2016-2792	Hig	8.8	< 38.7.0esr-63.3	38.7.0esr-63.3	Mar 13, 2016	The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted G
CVE-2016-2791	Hig	8.8	< 38.7.0esr-63.3	38.7.0esr-63.3	Mar 13, 2016	The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite

CVE-2016-2821HigJun 13, 2016
affected < 45.2.0esr-75.2fixed 45.2.0esr-75.2
Use-after-free vulnerability in the mozilla::dom::Element class in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2, when contenteditable mode is enabled, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by trigge
CVE-2016-2819HigJun 13, 2016
affected < 45.2.0esr-75.2fixed 45.2.0esr-75.2
Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via foreign-context HTML5 fragments, as demonstrated by fragments within an SVG element.
CVE-2016-2818HigJun 13, 2016
affected < 45.2.0esr-75.2fixed 45.2.0esr-75.2
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2016-2815HigJun 13, 2016
affected < 45.2.0esr-75.2fixed 45.2.0esr-75.2
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2016-2814HigApr 30, 2016
affected < 38.8.0esr-66.2fixed 38.8.0esr-66.2
Heap-based buffer overflow in the stagefright::SampleTable::parseSampleCencInfo function in libstagefright in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code via crafted CENC offsets tha
CVE-2016-2808HigApr 30, 2016
affected < 38.8.0esr-66.2fixed 38.8.0esr-66.2
The watch implementation in the JavaScript engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code or cause a denial of service (generation-count overflow, out-of-bounds HashMap write
CVE-2016-2807HigApr 30, 2016
affected < 38.8.0esr-66.2fixed 38.8.0esr-66.2
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary co
CVE-2016-2805HigApr 30, 2016
affected < 38.8.0esr-66.2fixed 38.8.0esr-66.2
Unspecified vulnerability in the browser engine in Mozilla Firefox ESR 38.x before 38.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2016-2802HigMar 13, 2016
affected < 38.7.0esr-63.3fixed 38.7.0esr-63.3
The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a
CVE-2016-2801HigMar 13, 2016
affected < 38.7.0esr-63.3fixed 38.7.0esr-63.3
The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other imp
CVE-2016-2800HigMar 13, 2016
affected < 38.7.0esr-63.3fixed 38.7.0esr-63.3
The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted G
CVE-2016-2799HigMar 13, 2016
affected < 38.7.0esr-63.3fixed 38.7.0esr-63.3
Heap-based buffer overflow in the graphite2::Slot::setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Gr
CVE-2016-2798HigMar 13, 2016
affected < 38.7.0esr-63.3fixed 38.7.0esr-63.3
The graphite2::GlyphCache::Loader::Loader function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted
CVE-2016-2797HigMar 13, 2016
affected < 38.7.0esr-63.3fixed 38.7.0esr-63.3
The graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a craft
CVE-2016-2796HigMar 13, 2016
affected < 38.7.0esr-63.3fixed 38.7.0esr-63.3
Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a
CVE-2016-2795HigMar 13, 2016
affected < 38.7.0esr-63.3fixed 38.7.0esr-63.3
The graphite2::FileFace::get_table_fn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly
CVE-2016-2794HigMar 13, 2016
affected < 38.7.0esr-63.3fixed 38.7.0esr-63.3
The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via
CVE-2016-2793HigMar 13, 2016
affected < 38.7.0esr-63.3fixed 38.7.0esr-63.3
CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.
CVE-2016-2792HigMar 13, 2016
affected < 38.7.0esr-63.3fixed 38.7.0esr-63.3
The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted G
CVE-2016-2791HigMar 13, 2016
affected < 38.7.0esr-63.3fixed 38.7.0esr-63.3
The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite

Page 19 of 21