Mozilla

Firefox

3102 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2011-2598

Exploit
  • EPSS 0.11%
  • Veröffentlicht 30.06.2011 15:55:04
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The WebGL implementation in Mozilla Firefox 4.x allows remote attackers to obtain screenshots of the windows of arbitrary desktop applications via vectors involving an SVG filter, an IFRAME element, and uninitialized data in graphics memory.

4.3

CVE-2011-2366

Exploit
  • EPSS 0.61%
  • Veröffentlicht 30.06.2011 15:55:03
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Mozilla Gecko before 5.0, as used in Firefox before 5.0 and Thunderbird before 5.0, does not block use of a cross-domain image as a WebGL texture, which allows remote attackers to obtain approximate copies of arbitrary images via a timing attack invo...

4.3

CVE-2011-0082

Exploit
  • EPSS 0.43%
  • Veröffentlicht 06.06.2011 19:55:01
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The X.509 certificate validation functionality in Mozilla Firefox 4.0.x through 4.0.1 does not properly implement single-session security exceptions, which might make it easier for user-assisted remote attackers to spoof an SSL server via an untruste...

10

CVE-2011-0066

  • EPSS 5.63%
  • Veröffentlicht 07.05.2011 18:55:01
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mObserverList.

5

CVE-2011-0067

Exploit
  • EPSS 0.52%
  • Veröffentlicht 07.05.2011 18:55:01
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly implement autocompletion for forms, which allows remote attackers to read form history entries via a Java applet that spoofs interaction with the au...

10

CVE-2011-0069

Exploit
  • EPSS 4.13%
  • Veröffentlicht 07.05.2011 18:55:01
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory cor...

10

CVE-2011-0070

Exploit
  • EPSS 4.13%
  • Veröffentlicht 07.05.2011 18:55:01
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory cor...

5

CVE-2011-0071

Exploit
  • EPSS 1.67%
  • Veröffentlicht 07.05.2011 18:55:01
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Directory traversal vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 on Windows allows remote attackers to determine the existence of arbitrary files, and possibly load res...

10

CVE-2011-0072

  • EPSS 4.22%
  • Veröffentlicht 07.05.2011 18:55:01
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and applica...

10

CVE-2011-0073

  • EPSS 81.16%
  • Veröffentlicht 07.05.2011 18:55:01
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly use nsTreeRange data structures, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "dangling pointer."