Mozilla

Firefox

2920 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2012-4212

  • EPSS 2.16%
  • Veröffentlicht 21.11.2012 12:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in the XPCWrappedNative::Mark function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corrupt...

9.3

CVE-2012-4213

Exploit
  • EPSS 2.87%
  • Veröffentlicht 21.11.2012 12:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in the nsEditor::FindNextLeafNode function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory cor...

9.3

CVE-2012-4214

Exploit
  • EPSS 4.32%
  • Veröffentlicht 21.11.2012 12:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attac...

9.3

CVE-2012-4215

Exploit
  • EPSS 4.32%
  • Veröffentlicht 21.11.2012 12:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in the nsPlaintextEditor::FireClipboardEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote ...

9.3

CVE-2012-4216

Exploit
  • EPSS 6.39%
  • Veröffentlicht 21.11.2012 12:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in the gfxFont::GetFontEntry function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to exe...

9.3

CVE-2012-4217

Exploit
  • EPSS 2.87%
  • Veröffentlicht 21.11.2012 12:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in the nsViewManager::ProcessPendingUpdates function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap ...

10

CVE-2012-4218

  • EPSS 2.16%
  • Veröffentlicht 21.11.2012 12:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in the BuildTextRunsScanner::BreakSink::SetBreaks function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service ...

4.3

CVE-2012-4201

Exploit
  • EPSS 2.61%
  • Veröffentlicht 21.11.2012 12:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The evalInSandbox implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 uses an incorrect context during the handling of JavaScript code...

9.3

CVE-2012-4202

  • EPSS 6.75%
  • Veröffentlicht 21.11.2012 12:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attacker...

6.8

CVE-2012-4203

  • EPSS 2.47%
  • Veröffentlicht 21.11.2012 12:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The New Tab page in Mozilla Firefox before 17.0 uses a privileged context for execution of JavaScript code by bookmarklets, which allows user-assisted remote attackers to run arbitrary programs by leveraging a javascript: URL in a bookmark.