Vulnerability & Exploit Database

Displaying entries 81 - 90 of 121406 in total

MFSA2017-24 Firefox: Security vulnerabilities fixed in Firefox 57 (CVE-2017-7836) Vulnerability

  • Severity: 4
  • Published: November 13, 2017

The "pingsender" executable used by the Firefox Health Report dynamically loads a system copy of libcurl, which an attacker could replace. This allows for privilege escalation as the replaced libcurl code will run with Firefox's privileges. Note: This attack requires an attacker have local system access and only affects OS X and Linux. W...

Microsoft CVE-2017-11788: Windows Search Denial of Service Vulnerability Vulnerability

  • Severity: 4
  • Published: November 13, 2017

A denial of service vulnerability exists when Windows Search improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a remote denial of service against a system. To exploit the vulnerability, the attacker could send specially crafted messages to the Windows Search service. Additionally, ...

Oracle Linux: CVE-2017-7826: ELSA-2017-3247 - firefox security update Vulnerability

  • Severity: 4
  • Published: November 13, 2017

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From VID-F78EAC48-C3D1-4666-8DE5-63CEEA25A578:

Mozilla Foundation reports:

CVE-2017-7828: Use-after-free...

Microsoft CVE-2017-11862: Scripting Engine Memory Corruption Vulnerability Vulnerability

  • Severity: 4
  • Published: November 13, 2017

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same ...