Vulnerabilities > Canonical > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-02-25 | CVE-2015-0829 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in libstagefright in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code via a crafted MP4 video that is improperly handled during playback. | 6.8 |
| 2015-02-25 | CVE-2015-0826 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read of heap memory) via a crafted Cascading Style Sheets (CSS) token sequence that triggers a restyle or reflow operation. | 6.8 |
| 2015-02-25 | CVE-2015-0825 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Stack-based buffer underflow in the mozilla::MP3FrameParser::ParseBuffer function in Mozilla Firefox before 36.0 allows remote attackers to obtain sensitive information from process memory via a malformed MP3 file that improperly interacts with memory allocation during playback. | 4.3 |
| 2015-02-25 | CVE-2015-0824 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 36.0 allows remote attackers to cause a denial of service (out-of-bounds write of zero values, and application crash) via vectors that trigger use of DrawTarget and the Cairo library for image drawing. | 5.0 |
| 2015-02-25 | CVE-2015-0821 | Permissions, Privileges, and Access Controls vulnerability in multiple products Mozilla Firefox before 36.0 allows user-assisted remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions. | 6.8 |
| 2015-02-25 | CVE-2015-0819 | Data Processing Errors vulnerability in multiple products The UITour::onPageEvent function in Mozilla Firefox before 36.0 does not ensure that an API call originates from a foreground tab, which allows remote attackers to conduct spoofing and clickjacking attacks by leveraging access to a UI Tour web site. | 4.3 |
| 2015-02-24 | CVE-2015-1572 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in closefs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code by causing a crafted block group descriptor to be marked as dirty. | 4.6 |
| 2015-02-24 | CVE-2013-7423 | Code vulnerability in multiple products The send_dg function in resolv/res_send.c in GNU C Library (aka glibc or libc6) before 2.20 does not properly reuse file descriptors, which allows remote attackers to send DNS queries to unintended locations via a large number of requests that trigger a call to the getaddrinfo function. | 5.0 |
| 2015-02-19 | CVE-2014-9679 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Cups Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow. | 6.8 |
| 2015-02-17 | CVE-2015-0247 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in openfs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code via crafted block group descriptor data in a filesystem image. | 4.6 |