Mozilla

Firefox

2867 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2009-3978

  • EPSS 0.71%
  • Veröffentlicht 19.11.2009 00:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The nsGIFDecoder2::GifWrite function in decoders/gif/nsGIFDecoder2.cpp in libpr0n in Mozilla Firefox before 3.5.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an animated GIF file with a la...

10

CVE-2009-3377

  • EPSS 8.22%
  • Veröffentlicht 29.10.2009 14:30:01
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple unspecified vulnerabilities in liboggz before cf5feeaab69b05e24, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.

9.3

CVE-2009-3378

  • EPSS 3.67%
  • Veröffentlicht 29.10.2009 14:30:01
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The oggplay_data_handle_theora_frame function in media/liboggplay/src/liboggplay/oggplay_data.c in liboggplay, as used in Mozilla Firefox 3.5.x before 3.5.4, attempts to reuse an earlier frame data structure upon encountering a decoding error for the...

10

CVE-2009-3379

  • EPSS 5.15%
  • Veröffentlicht 29.10.2009 14:30:01
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. NOTE: this might overla...

10

CVE-2009-3380

  • EPSS 3.35%
  • Veröffentlicht 29.10.2009 14:30:01
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code ...

10

CVE-2009-3381

  • EPSS 6.19%
  • Veröffentlicht 29.10.2009 14:30:01
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

10

CVE-2009-3382

  • EPSS 18.23%
  • Veröffentlicht 29.10.2009 14:30:01
  • Zuletzt bearbeitet 09.04.2025 00:30:58

layout/base/nsCSSFrameConstructor.cpp in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 does not properly handle first-letter frames, which allows remote attackers to cause a denial of service (memory corruption and application crash) or p...

10

CVE-2009-3383

  • EPSS 6.62%
  • Veröffentlicht 29.10.2009 14:30:01
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

5

CVE-2009-3370

  • EPSS 0.56%
  • Veröffentlicht 29.10.2009 14:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Mozilla Firefox before 3.0.15, and 3.5.x before 3.5.4, allows remote attackers to read form history by forging mouse and keyboard events that leverage the auto-fill feature to populate form fields, in an attacker-readable form, with history entries.

10

CVE-2009-3371

Exploit
  • EPSS 3.18%
  • Veröffentlicht 29.10.2009 14:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by creating JavaScript web-workers recursively.