Mozilla

Firefox

2920 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2010-2755

  • EPSS 10.16%
  • Veröffentlicht 30.07.2010 13:26:18
  • Zuletzt bearbeitet 11.04.2025 00:51:21

layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via...

9.8

CVE-2010-1205

Exploit
  • EPSS 16.78%
  • Veröffentlicht 30.06.2010 18:30:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.

4.3

CVE-2010-1206

Exploit
  • EPSS 0.48%
  • Veröffentlicht 25.06.2010 19:30:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The startDocumentLoad function in browser/base/content/browser.js in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, does not properly implement the Same Origin Policy in certain circumstances related to the ab...

9.3

CVE-2010-0183

  • EPSS 3.92%
  • Veröffentlicht 24.06.2010 12:30:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in the nsCycleCollector::MarkRoots function in Mozilla Firefox 3.5.x before 3.5.10 and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a crafted HTML document, related to an improper frame con...

9.3

CVE-2010-1196

  • EPSS 5.23%
  • Veröffentlicht 24.06.2010 12:30:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM nod...

4.3

CVE-2010-1197

  • EPSS 1%
  • Veröffentlicht 24.06.2010 12:30:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, does not properly handle situations in which both "Content-Disposition: attachment" and "Content-Type: multipart" are present in HTTP headers, which allows remote...

9.3

CVE-2010-1198

  • EPSS 6.29%
  • Veröffentlicht 24.06.2010 12:30:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to execute arbitrary code via vectors involving multiple plugin instances.

9.3

CVE-2010-1199

  • EPSS 46.74%
  • Veröffentlicht 24.06.2010 12:30:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for ...

9.3

CVE-2010-1200

  • EPSS 6.22%
  • Veröffentlicht 24.06.2010 12:30:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and ...

9.3

CVE-2010-1201

Exploit
  • EPSS 4.59%
  • Veröffentlicht 24.06.2010 12:30:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.10, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly ex...