CVE-2016-5280
- EPSS 5.04%
- Veröffentlicht 22.09.2016 22:59:14
- Zuletzt bearbeitet 06.05.2026 22:30:45
Use-after-free vulnerability in the mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code via bidirec...
CVE-2016-5279
- EPSS 1.38%
- Veröffentlicht 22.09.2016 22:59:13
- Zuletzt bearbeitet 06.05.2026 22:30:45
Mozilla Firefox before 49.0 allows user-assisted remote attackers to obtain sensitive full-pathname information during a local-file drag-and-drop operation via crafted JavaScript code.
CVE-2016-5278
- EPSS 4.16%
- Veröffentlicht 22.09.2016 22:59:12
- Zuletzt bearbeitet 06.05.2026 22:30:45
Heap-based buffer overflow in the nsBMPEncoder::AddImageFrame function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code via a crafted image data that is mishandled ...
CVE-2016-5277
- EPSS 4.01%
- Veröffentlicht 22.09.2016 22:59:11
- Zuletzt bearbeitet 06.05.2026 22:30:45
Use-after-free vulnerability in the nsRefreshDriver::Tick function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corrup...
CVE-2016-5276
- EPSS 4.01%
- Veröffentlicht 22.09.2016 22:59:10
- Zuletzt bearbeitet 06.05.2026 22:30:45
Use-after-free vulnerability in the mozilla::a11y::DocAccessible::ProcessInvalidationList function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code or cause a denia...
CVE-2016-5275
- EPSS 3.12%
- Veröffentlicht 22.09.2016 22:59:08
- Zuletzt bearbeitet 06.05.2026 22:30:45
Buffer overflow in the mozilla::gfx::FilterSupport::ComputeSourceNeededRegions function in Mozilla Firefox before 49.0 allows remote attackers to execute arbitrary code by leveraging improper interaction between empty filters and CANVAS element rende...
CVE-2016-5274
- EPSS 4.09%
- Veröffentlicht 22.09.2016 22:59:07
- Zuletzt bearbeitet 06.05.2026 22:30:45
Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction b...
CVE-2016-5273
- EPSS 1.8%
- Veröffentlicht 22.09.2016 22:59:06
- Zuletzt bearbeitet 06.05.2026 22:30:45
The mozilla::a11y::HyperTextAccessible::GetChildOffset function in the accessibility implementation in Mozilla Firefox before 49.0 allows remote attackers to execute arbitrary code via a crafted web site.
CVE-2016-5272
- EPSS 2.24%
- Veröffentlicht 22.09.2016 22:59:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
The nsImageGeometryMixin class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 does not properly perform a cast of an unspecified variable during handling of INPUT elements, which allows remote attackers to execut...
CVE-2016-5271
- EPSS 1.42%
- Veröffentlicht 22.09.2016 22:59:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
The PropertyProvider::GetSpacingInternal function in Mozilla Firefox before 49.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via text runs in conjunction with a "display: contents" Cascading Style S...