Mozilla

Firefox

2867 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2009-2044

Exploit
  • EPSS 5.05%
  • Veröffentlicht 12.06.2009 21:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Mozilla Firefox 3.0.10 and earlier on Linux allows remote attackers to cause a denial of service (application crash) via a URI for a large GIF image in the BACKGROUND attribute of a BODY element.

5

CVE-2009-1827

Exploit
  • EPSS 13.02%
  • Veröffentlicht 29.05.2009 20:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The SVG component in Mozilla Firefox 3.0.4 allows remote attackers to cause a denial of service (application hang) via a large value in the r (aka Radius) attribute of a circle element, related to an "unclamped loop."

5

CVE-2009-1828

Exploit
  • EPSS 19.5%
  • Veröffentlicht 29.05.2009 20:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Mozilla Firefox 3.0.10 allows remote attackers to cause a denial of service (infinite loop, application hang, and memory consumption) via a KEYGEN element in conjunction with (1) a META element specifying automatic page refresh or (2) a JavaScript on...

9.3

CVE-2009-1597

Exploit
  • EPSS 0.25%
  • Veröffentlicht 11.05.2009 15:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Mozilla Firefox executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file, which might allow remote attackers to bypass intended Adobe Acrobat JavaScript restrictions...

9.3

CVE-2009-1313

  • EPSS 37.93%
  • Veröffentlicht 30.04.2009 21:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The nsTextFrame::ClearTextRun function in layout/generic/nsTextFrameThebes.cpp in Mozilla Firefox 3.0.9 allows remote attackers to cause a denial of service (memory corruption) and probably execute arbitrary code via unspecified vectors. NOTE: this ...

5

CVE-2009-1302

Exploit
  • EPSS 3.28%
  • Veröffentlicht 22.04.2009 18:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The browser engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to (1...

5

CVE-2009-1303

  • EPSS 2.08%
  • Veröffentlicht 22.04.2009 18:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to nsSVGE...

5

CVE-2009-1304

Exploit
  • EPSS 5.02%
  • Veröffentlicht 22.04.2009 18:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving ...

5

CVE-2009-1305

Exploit
  • EPSS 3.52%
  • Veröffentlicht 22.04.2009 18:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The JavaScript engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving JSOP...

4.3

CVE-2009-1306

  • EPSS 1.36%
  • Veröffentlicht 22.04.2009 18:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other at...