Mozilla

Firefox

2867 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2012-1940

  • EPSS 3.04%
  • Veröffentlicht 05.06.2012 23:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attack...

9.3

CVE-2012-1941

  • EPSS 6.29%
  • Veröffentlicht 05.06.2012 23:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Heap-based buffer overflow in the nsHTMLReflowState::CalculateHypotheticalBox function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 al...

7.2

CVE-2012-1942

  • EPSS 0.05%
  • Veröffentlicht 05.06.2012 23:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The Mozilla Updater and Windows Updater Service in Mozilla Firefox 12.0, Thunderbird 12.0, and SeaMonkey 2.9 on Windows allow local users to gain privileges by loading a DLL file in a privileged context.

6.9

CVE-2012-1943

  • EPSS 0.05%
  • Veröffentlicht 05.06.2012 23:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Untrusted search path vulnerability in Updater.exe in the Windows Updater Service in Mozilla Firefox 12.0, Thunderbird 12.0, and SeaMonkey 2.9 on Windows allows local users to gain privileges via a Trojan horse wsock32.dll file in an application dire...

4.3

CVE-2012-1944

  • EPSS 0.7%
  • Veröffentlicht 05.06.2012 23:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The Content Security Policy (CSP) implementation in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 does not block inline event handlers, wh...

2.9

CVE-2012-1945

  • EPSS 0.19%
  • Veröffentlicht 05.06.2012 23:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow local users to obtain sensitive information via an HTML document that loads a shortcut...

9.3

CVE-2012-1946

  • EPSS 1.45%
  • Veröffentlicht 05.06.2012 23:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in the nsINode::ReplaceOrInsertBefore function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 might allow r...

9.3

CVE-2012-1947

  • EPSS 5.79%
  • Veröffentlicht 05.06.2012 23:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to ...

9.3

CVE-2012-3105

  • EPSS 3.22%
  • Veröffentlicht 05.06.2012 23:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The glBufferData function in the WebGL implementation in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 does not properly mitigate an unspe...

10

CVE-2011-3079

  • EPSS 0.83%
  • Veröffentlicht 01.05.2012 10:12:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors.