Mozilla

Firefox

3184 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 3.81%
  • Veröffentlicht 29.08.2012 10:56:39
  • Zuletzt bearbeitet 16.06.2026 23:40:42

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly ex...

  • EPSS 5.57%
  • Veröffentlicht 29.08.2012 10:56:39
  • Zuletzt bearbeitet 16.06.2026 23:40:42

Use-after-free vulnerability in the nsHTMLEditor::CollapseAdjacentTextNodes function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote ...

  • EPSS 5.57%
  • Veröffentlicht 29.08.2012 10:56:39
  • Zuletzt bearbeitet 16.06.2026 23:40:42

Use-after-free vulnerability in the nsObjectLoadingContent::LoadObject function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attac...

  • EPSS 2.12%
  • Veröffentlicht 18.07.2012 10:26:49
  • Zuletzt bearbeitet 16.06.2026 23:40:40

Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly handle duplicate values in X-Frame-Options headers, which makes it easier fo...

  • EPSS 5.59%
  • Veröffentlicht 18.07.2012 10:26:49
  • Zuletzt bearbeitet 16.06.2026 23:40:40

Use-after-free vulnerability in the JSDependentString::undepend function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote at...

  • EPSS 1.61%
  • Veröffentlicht 18.07.2012 10:26:49
  • Zuletzt bearbeitet 16.06.2026 23:40:41

The Content Security Policy (CSP) functionality in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly restrict the strings pl...

  • EPSS 0.9%
  • Veröffentlicht 18.07.2012 10:26:49
  • Zuletzt bearbeitet 16.06.2026 23:40:41

The certificate-warning functionality in browser/components/certerror/content/aboutCertError.xhtml in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey be...

  • EPSS 2.21%
  • Veröffentlicht 18.07.2012 10:26:49
  • Zuletzt bearbeitet 16.06.2026 23:40:41

Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not properly establish the security context of a feed: URL, which allows remote attackers to bypass unspecified cross-site scripting (XSS) protection mechanisms via a feed:javascr...

  • EPSS 2.19%
  • Veröffentlicht 18.07.2012 10:26:49
  • Zuletzt bearbeitet 16.06.2026 23:40:41

Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not have the same context-menu restrictions for data: URLs as for javascript: URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL.

  • EPSS 4%
  • Veröffentlicht 18.07.2012 10:26:49
  • Zuletzt bearbeitet 16.06.2026 23:40:41

Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly implement the JavaScript sandbox utility, which allows remote attackers to e...