rpm package
suse/firefox-fontconfig&distro=SUSE Linux Enterprise Server 11 SP2-LTSS
pkg:rpm/suse/firefox-fontconfig&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSS
Vulnerabilities (24)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-2821 | Hig | 7.5 | < 2.11.0-4.2 | 2.11.0-4.2 | Jun 13, 2016 | Use-after-free vulnerability in the mozilla::dom::Element class in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2, when contenteditable mode is enabled, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by trigge | |
| CVE-2016-2819 | Hig | 8.8 | < 2.11.0-4.2 | 2.11.0-4.2 | Jun 13, 2016 | Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via foreign-context HTML5 fragments, as demonstrated by fragments within an SVG element. | |
| CVE-2016-2818 | Hig | 8.8 | < 2.11.0-4.2 | 2.11.0-4.2 | Jun 13, 2016 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | |
| CVE-2016-2815 | Hig | 8.8 | < 2.11.0-4.2 | 2.11.0-4.2 | Jun 13, 2016 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
- affected < 2.11.0-4.2fixed 2.11.0-4.2
Use-after-free vulnerability in the mozilla::dom::Element class in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2, when contenteditable mode is enabled, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by trigge
- affected < 2.11.0-4.2fixed 2.11.0-4.2
Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via foreign-context HTML5 fragments, as demonstrated by fragments within an SVG element.
- affected < 2.11.0-4.2fixed 2.11.0-4.2
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
- affected < 2.11.0-4.2fixed 2.11.0-4.2
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Page 2 of 2