Mozilla

Firefox

2867 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2012-1965

  • EPSS 1.22%
  • Published 18.07.2012 10:26:49
  • Last modified 11.04.2025 00:51:21

Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not properly establish the security context of a feed: URL, which allows remote attackers to bypass unspecified cross-site scripting (XSS) protection mechanisms via a feed:javascr...

4.3

CVE-2012-1966

  • EPSS 1.35%
  • Published 18.07.2012 10:26:49
  • Last modified 11.04.2025 00:51:21

Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not have the same context-menu restrictions for data: URLs as for javascript: URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL.

10

CVE-2012-1967

  • EPSS 3.4%
  • Published 18.07.2012 10:26:49
  • Last modified 11.04.2025 00:51:21

Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly implement the JavaScript sandbox utility, which allows remote attackers to e...

9.3

CVE-2012-1948

  • EPSS 3.75%
  • Published 18.07.2012 10:26:48
  • Last modified 11.04.2025 00:51:21

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to caus...

9.3

CVE-2012-1949

  • EPSS 3.75%
  • Published 18.07.2012 10:26:48
  • Last modified 11.04.2025 00:51:21

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or p...

6.4

CVE-2012-1950

  • EPSS 2.28%
  • Published 18.07.2012 10:26:48
  • Last modified 11.04.2025 00:51:21

The drag-and-drop implementation in Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 allows remote attackers to spoof the address bar by canceling a page load.

10

CVE-2012-1951

  • EPSS 3.4%
  • Published 18.07.2012 10:26:48
  • Last modified 11.04.2025 00:51:21

Use-after-free vulnerability in the nsSMILTimeValueSpec::IsEventBased function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows rem...

9.3

CVE-2012-1952

  • EPSS 1.56%
  • Published 18.07.2012 10:26:48
  • Last modified 11.04.2025 00:51:21

The nsTableFrame::InsertFrames function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly perform a cast of a frame varia...

9.3

CVE-2012-1953

  • EPSS 1.72%
  • Published 18.07.2012 10:26:48
  • Last modified 11.04.2025 00:51:21

The ElementAnimations::EnsureStyleRuleFor function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a den...

10

CVE-2012-1954

  • EPSS 3.4%
  • Published 18.07.2012 10:26:48
  • Last modified 11.04.2025 00:51:21

Use-after-free vulnerability in the nsDocument::AdoptNode function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attacker...