Mozilla

Firefox

2920 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.2

CVE-2013-1726

  • EPSS 0.11%
  • Veröffentlicht 18.09.2013 10:08:24
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Mozilla Updater in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 does not ensure exclusive access to a MAR file, which allows local users to gain pr...

4

CVE-2013-1727

  • EPSS 2.24%
  • Veröffentlicht 18.09.2013 10:08:24
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Mozilla Firefox before 24.0 on Android allows attackers to bypass the Same Origin Policy, and consequently conduct cross-site scripting (XSS) attacks or obtain password or cookie information, by using a symlink in conjunction with a file: URL for a l...

4.3

CVE-2013-1728

  • EPSS 0.77%
  • Veröffentlicht 18.09.2013 10:08:24
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The IonMonkey JavaScript engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21, when Valgrind mode is used, does not properly initialize memory, which makes it easier for remote attackers to obtain sensitive inform...

2.6

CVE-2013-1729

  • EPSS 0.43%
  • Veröffentlicht 18.09.2013 10:08:24
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The WebGL implementation in Mozilla Firefox before 24.0, when NVIDIA graphics drivers are used on Mac OS X, allows remote attackers to obtain desktop-screenshot data by reading from a CANVAS element.

6.8

CVE-2013-1730

  • EPSS 0.73%
  • Veröffentlicht 18.09.2013 10:08:24
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly handle movement of XBL-backed nodes between documents, which allows remote attackers t...

6.8

CVE-2013-1731

  • EPSS 1%
  • Veröffentlicht 18.09.2013 10:08:24
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Untrusted search path vulnerability in the GL tracing functionality in Mozilla Firefox before 24.0 on Android allows attackers to execute arbitrary code via a Trojan horse .so file in a world-writable directory.

9.3

CVE-2013-1732

  • EPSS 33.16%
  • Veröffentlicht 18.09.2013 10:08:24
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Buffer overflow in the nsFloatManager::GetFlowArea function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbi...

9.3

CVE-2013-1735

  • EPSS 4.5%
  • Veröffentlicht 18.09.2013 10:08:24
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in the mozilla::layout::ScrollbarActivity function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attac...

10

CVE-2013-1736

  • EPSS 3.73%
  • Veröffentlicht 18.09.2013 10:08:24
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or caus...

5

CVE-2013-1737

  • EPSS 0.42%
  • Veröffentlicht 18.09.2013 10:08:24
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly identify the "this" object during use of user-defined getter methods on DOM proxies, w...