Mozilla

Firefox

2867 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
2.6

CVE-2013-1729

  • EPSS 0.43%
  • Published 18.09.2013 10:08:24
  • Last modified 11.04.2025 00:51:21

The WebGL implementation in Mozilla Firefox before 24.0, when NVIDIA graphics drivers are used on Mac OS X, allows remote attackers to obtain desktop-screenshot data by reading from a CANVAS element.

6.8

CVE-2013-1730

  • EPSS 0.73%
  • Published 18.09.2013 10:08:24
  • Last modified 11.04.2025 00:51:21

Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly handle movement of XBL-backed nodes between documents, which allows remote attackers t...

6.8

CVE-2013-1731

  • EPSS 1%
  • Published 18.09.2013 10:08:24
  • Last modified 11.04.2025 00:51:21

Untrusted search path vulnerability in the GL tracing functionality in Mozilla Firefox before 24.0 on Android allows attackers to execute arbitrary code via a Trojan horse .so file in a world-writable directory.

9.3

CVE-2013-1732

  • EPSS 33.16%
  • Published 18.09.2013 10:08:24
  • Last modified 11.04.2025 00:51:21

Buffer overflow in the nsFloatManager::GetFlowArea function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbi...

9.3

CVE-2013-1735

  • EPSS 4.5%
  • Published 18.09.2013 10:08:24
  • Last modified 11.04.2025 00:51:21

Use-after-free vulnerability in the mozilla::layout::ScrollbarActivity function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attac...

10

CVE-2013-1736

  • EPSS 3.73%
  • Published 18.09.2013 10:08:24
  • Last modified 11.04.2025 00:51:21

The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or caus...

5

CVE-2013-1737

  • EPSS 0.42%
  • Published 18.09.2013 10:08:24
  • Last modified 11.04.2025 00:51:21

Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly identify the "this" object during use of user-defined getter methods on DOM proxies, w...

9.3

CVE-2013-1738

  • EPSS 3.36%
  • Published 18.09.2013 10:08:24
  • Last modified 11.04.2025 00:51:21

Use-after-free vulnerability in the JS_GetGlobalForScopeChain function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code by leveraging incorrect garbage collection in ...

10

CVE-2013-1718

  • EPSS 1.56%
  • Published 18.09.2013 10:08:22
  • Last modified 11.04.2025 00:51:21

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allow remote attackers to cause a denial...

5.4

CVE-2013-1717

  • EPSS 0.57%
  • Published 07.08.2013 01:55:05
  • Last modified 11.04.2025 00:51:21

Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly restrict local-filesystem access by Java applets, which allows user-assisted remote ...