Mozilla

Firefox

2920 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.8

CVE-2008-7293

  • EPSS 0.59%
  • Veröffentlicht 09.08.2011 19:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Mozilla Firefox before 4 cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack o...

5

CVE-2011-2362

  • EPSS 1.23%
  • Veröffentlicht 30.06.2011 16:55:05
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 do not distinguish between cookies for two domain names that differ only in a trailing dot, which allows remote web servers to bypass the Same Origin Policy via Se...

10

CVE-2011-2363

  • EPSS 2.45%
  • Veröffentlicht 30.06.2011 16:55:05
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in the nsSVGPointList::AppendElement function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial ...

10

CVE-2011-2364

  • EPSS 2.06%
  • Veröffentlicht 30.06.2011 16:55:05
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via...

10

CVE-2011-2365

  • EPSS 1.85%
  • Veröffentlicht 30.06.2011 16:55:05
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via...

6.4

CVE-2011-2367

  • EPSS 0.68%
  • Veröffentlicht 30.06.2011 16:55:05
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not properly restrict read operations, which allows remote attackers to obtain sensitive information from GPU memory associated with an arbitrary process, or cause a denial of service...

10

CVE-2011-2368

  • EPSS 4.63%
  • Veröffentlicht 30.06.2011 16:55:05
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not properly restrict write operations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.

4.3

CVE-2011-2369

  • EPSS 0.26%
  • Veröffentlicht 30.06.2011 16:55:05
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x through 4.0.1 allows remote attackers to inject arbitrary web script or HTML via an SVG element containing an HTML-encoded entity.

5

CVE-2011-2370

  • EPSS 0.31%
  • Veröffentlicht 30.06.2011 16:55:05
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Mozilla Firefox before 5.0 does not properly enforce the whitelist for the xpinstall functionality, which allows remote attackers to trigger an installation dialog for a (1) add-on or (2) theme via unspecified vectors.

10

CVE-2011-2371

  • EPSS 87%
  • Veröffentlicht 30.06.2011 16:55:05
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Integer overflow in the Array.reduceRight method in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via vectors involving a long JavaScript...