rpm package

suse/MozillaFirefox&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP1

pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1

Vulnerabilities (409)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2016-1930	Cri	9.8	< 38.6.0esr-57.3	38.6.0esr-57.3	Jan 31, 2016	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2015-7222		—	< 38.5.0esr-54.1	38.5.0esr-54.1	Dec 16, 2015	Integer underflow in the Metadata::setData function in MetaData.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect memory allocation and application crash)
CVE-2015-7214		—	< 38.5.0esr-54.1	38.5.0esr-54.1	Dec 16, 2015	Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to bypass the Same Origin Policy via data: and view-source: URIs.
CVE-2015-7213		—	< 38.5.0esr-54.1	38.5.0esr-54.1	Dec 16, 2015	Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote attackers to execute arbitrary code via a crafted MP4 video file that triggers a
CVE-2015-7212		—	< 38.5.0esr-54.1	38.5.0esr-54.1	Dec 16, 2015	Integer overflow in the mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering a graphics operation that requires a large texture allocation.
CVE-2015-7210		—	< 38.5.0esr-54.1	38.5.0esr-54.1	Dec 16, 2015	Use-after-free vulnerability in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering attempted use of a data channel that has been closed by a WebRTC function.
CVE-2015-7205		—	< 38.5.0esr-54.1	38.5.0esr-54.1	Dec 16, 2015	Integer underflow in the RTPReceiverVideo::ParseRtpPacket function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 might allow remote attackers to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a cr
CVE-2015-7202		—	< 38.5.0esr-54.1	38.5.0esr-54.1	Dec 16, 2015	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2015-7201		—	< 38.5.0esr-54.1	38.5.0esr-54.1	Dec 16, 2015	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVE-2016-1930CriJan 31, 2016
affected < 38.6.0esr-57.3fixed 38.6.0esr-57.3
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2015-7222Dec 16, 2015
affected < 38.5.0esr-54.1fixed 38.5.0esr-54.1
Integer underflow in the Metadata::setData function in MetaData.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect memory allocation and application crash)
CVE-2015-7214Dec 16, 2015
affected < 38.5.0esr-54.1fixed 38.5.0esr-54.1
Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to bypass the Same Origin Policy via data: and view-source: URIs.
CVE-2015-7213Dec 16, 2015
affected < 38.5.0esr-54.1fixed 38.5.0esr-54.1
Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote attackers to execute arbitrary code via a crafted MP4 video file that triggers a
CVE-2015-7212Dec 16, 2015
affected < 38.5.0esr-54.1fixed 38.5.0esr-54.1
Integer overflow in the mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering a graphics operation that requires a large texture allocation.
CVE-2015-7210Dec 16, 2015
affected < 38.5.0esr-54.1fixed 38.5.0esr-54.1
Use-after-free vulnerability in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering attempted use of a data channel that has been closed by a WebRTC function.
CVE-2015-7205Dec 16, 2015
affected < 38.5.0esr-54.1fixed 38.5.0esr-54.1
Integer underflow in the RTPReceiverVideo::ParseRtpPacket function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 might allow remote attackers to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a cr
CVE-2015-7202Dec 16, 2015
affected < 38.5.0esr-54.1fixed 38.5.0esr-54.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2015-7201Dec 16, 2015
affected < 38.5.0esr-54.1fixed 38.5.0esr-54.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Page 21 of 21