Mozilla

Firefox

2867 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2011-0054

  • EPSS 8.82%
  • Veröffentlicht 02.03.2011 20:00:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Buffer overflow in the JavaScript engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via vectors involving non-local JavaScript variables, aka an "upvar...

10

CVE-2011-0055

  • EPSS 3.01%
  • Veröffentlicht 02.03.2011 20:00:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in the JSON.stringify method in js3250.dll in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via unspecified vectors related to t...

10

CVE-2011-0056

  • EPSS 8.82%
  • Veröffentlicht 02.03.2011 20:00:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Buffer overflow in the JavaScript engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via vectors involving exception timing and a large number of string...

10

CVE-2011-0057

  • EPSS 3.79%
  • Veröffentlicht 02.03.2011 20:00:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in the Web Workers implementation in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to execute arbitrary code via vectors related to a JavaScript Worker and gar...

10

CVE-2011-0058

  • EPSS 7.49%
  • Veröffentlicht 02.03.2011 20:00:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Buffer overflow in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a long string that triggers const...

6.8

CVE-2011-0059

  • EPSS 0.26%
  • Veröffentlicht 02.03.2011 20:00:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site request forgery (CSRF) vulnerability in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to hijack the authentication of arbitrary users for requests that were initiated by a plugi...

9.3

CVE-2011-0061

  • EPSS 3.96%
  • Veröffentlicht 02.03.2011 20:00:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Buffer overflow in Mozilla Firefox 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image.

10

CVE-2011-0062

  • EPSS 7.09%
  • Veröffentlicht 02.03.2011 20:00:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.14 and Thunderbird 3.1.x before 3.1.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arb...

9.3

CVE-2010-3766

  • EPSS 6.7%
  • Veröffentlicht 10.12.2010 19:00:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via vectors involving a change to an nsDOMAttribute node.

9.3

CVE-2010-3767

  • EPSS 4.15%
  • Veröffentlicht 10.12.2010 19:00:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Integer overflow in the NewIdArray function in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via a JavaScript array with many elements.