Mozilla

Firefox

2867 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2014-1542

  • EPSS 4.72%
  • Veröffentlicht 11.06.2014 10:57:18
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Buffer overflow in the Speex resampler in the Web Audio subsystem in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code via vectors related to a crafted AudioBuffer channel count and sample rate.

7.5

CVE-2014-1543

  • EPSS 3.4%
  • Veröffentlicht 11.06.2014 10:57:18
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple heap-based buffer overflows in the navigator.getGamepads function in the Gamepad API in Mozilla Firefox before 30.0 allow remote attackers to execute arbitrary code by using non-contiguous axes with a (1) physical or (2) virtual Gamepad devi...

10

CVE-2014-1533

  • EPSS 3.24%
  • Veröffentlicht 11.06.2014 10:57:17
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or poss...

10

CVE-2014-1534

  • EPSS 3.24%
  • Veröffentlicht 11.06.2014 10:57:17
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

10

CVE-2014-1536

  • EPSS 1.36%
  • Veröffentlicht 11.06.2014 10:57:17
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The PropertyProvider::FindJustificationRange function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.

10

CVE-2014-1537

  • EPSS 3.33%
  • Veröffentlicht 11.06.2014 10:57:17
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in the mozilla::dom::workers::WorkerPrivateParent function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

10

CVE-2014-1538

  • EPSS 3.65%
  • Veröffentlicht 11.06.2014 10:57:17
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in the nsTextEditRules::CreateMozBR function in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap m...

5

CVE-2014-1539

  • EPSS 0.75%
  • Veröffentlicht 11.06.2014 10:57:17
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X do not ensure visibility of the cursor after interaction with a Flash object and a DIV element, which makes it easier for remote attackers to conduct clickjacking attacks via JavaScript...

9.3

CVE-2014-1540

  • EPSS 0.88%
  • Veröffentlicht 11.06.2014 10:57:17
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in the nsEventListenerManager::CompileEventHandlerInternal function in the Event Listener Manager in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory ...

10

CVE-2014-1541

  • EPSS 1.1%
  • Veröffentlicht 11.06.2014 10:57:17
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in the RefreshDriverTimer::TickDriver function in the SMIL Animation Controller in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code o...