Mozilla

Firefox

2867 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
2.6

CVE-2009-0071

Exploit
  • EPSS 5.85%
  • Published 08.01.2009 19:30:11
  • Last modified 09.04.2025 00:30:58

Mozilla Firefox 3.0.5 and earlier 3.0.x versions, when designMode is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a certain (a) replaceChild or (b) removeChild call, followed by a ...

5

CVE-2008-5715

  • EPSS 8.29%
  • Published 24.12.2008 18:29:15
  • Last modified 09.04.2025 00:30:58

Mozilla Firefox 3.0.5 on Windows Vista allows remote attackers to cause a denial of service (application crash) via JavaScript code with a long string value for the hash property (aka location.hash). NOTE: it was later reported that earlier versions ...

10

CVE-2008-5500

  • EPSS 3.55%
  • Published 17.12.2008 23:30:00
  • Last modified 09.04.2025 00:30:58

The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via ve...

5

CVE-2008-5501

  • EPSS 4.54%
  • Published 17.12.2008 23:30:00
  • Last modified 09.04.2025 00:30:58

The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service via vectors that trigger an assertion failure.

5

CVE-2008-5502

  • EPSS 3.77%
  • Published 17.12.2008 23:30:00
  • Last modified 09.04.2025 00:30:58

The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) via vectors that trigger memory corruption, related to the GetXMLEnti...

2.6

CVE-2008-5503

  • EPSS 1.14%
  • Published 17.12.2008 23:30:00
  • Last modified 09.04.2025 00:30:58

The loadBindingDocument function in Mozilla Firefox 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not perform any security checks related to the same-domain policy, which allows remote attackers to read or...

7.5

CVE-2008-5504

  • EPSS 3.7%
  • Published 17.12.2008 23:30:00
  • Last modified 09.04.2025 00:30:58

Mozilla Firefox 2.x before 2.0.0.19 allows remote attackers to run arbitrary JavaScript with chrome privileges via vectors related to the feed preview, a different vulnerability than CVE-2008-3836.

5

CVE-2008-5505

  • EPSS 0.83%
  • Published 17.12.2008 23:30:00
  • Last modified 09.04.2025 00:30:58

Mozilla Firefox 3.x before 3.0.5 allows remote attackers to bypass intended privacy restrictions by using the persist attribute in an XUL element to create and access data entities that are similar to cookies.

6.8

CVE-2008-5506

  • EPSS 1.24%
  • Published 17.12.2008 23:30:00
  • Last modified 09.04.2025 00:30:58

Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy by causing the browser to issue an XMLHttpRequest to an attacker-contr...

6

CVE-2008-5507

  • EPSS 0.54%
  • Published 17.12.2008 23:30:00
  • Last modified 09.04.2025 00:30:58

Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allow remote attackers to bypass the same origin policy and access portions of data from another domain via a JavaScript URL th...