- EPSS 4.48%
- Veröffentlicht 18.08.2011 18:55:01
- Zuletzt bearbeitet 16.06.2026 23:32:22
The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products does not properly implement WebGL, which allows remote attackers to cause a denial of service (memory corruption and appl...
- EPSS 0.96%
- Veröffentlicht 18.08.2011 18:55:01
- Zuletzt bearbeitet 16.06.2026 23:32:22
The implementation of Content Security Policy (CSP) violation reports in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other products does not remove proxy-authorization credentials from the listed request headers, which allow...
- EPSS 4.48%
- Veröffentlicht 18.08.2011 18:55:01
- Zuletzt bearbeitet 16.06.2026 23:32:23
The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products does not properly implement JavaScript, which allows remote attackers to cause a denial of service (memory corruption and...
- EPSS 3.59%
- Veröffentlicht 18.08.2011 18:55:01
- Zuletzt bearbeitet 16.06.2026 23:32:23
The Ogg reader in the browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products allows remote attackers to cause a denial of service (memory corruption and application crash) or possi...
CVE-2008-7293
- EPSS 1.68%
- Veröffentlicht 09.08.2011 19:55:01
- Zuletzt bearbeitet 16.06.2026 23:04:00
Mozilla Firefox before 4 cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack o...
- EPSS 1.78%
- Veröffentlicht 30.06.2011 16:55:05
- Zuletzt bearbeitet 16.06.2026 23:31:10
Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 do not distinguish between cookies for two domain names that differ only in a trailing dot, which allows remote web servers to bypass the Same Origin Policy via Se...
- EPSS 5.77%
- Veröffentlicht 30.06.2011 16:55:05
- Zuletzt bearbeitet 16.06.2026 23:31:11
Use-after-free vulnerability in the nsSVGPointList::AppendElement function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial ...
- EPSS 5.46%
- Veröffentlicht 30.06.2011 16:55:05
- Zuletzt bearbeitet 16.06.2026 23:31:11
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via...
- EPSS 5.66%
- Veröffentlicht 30.06.2011 16:55:05
- Zuletzt bearbeitet 16.06.2026 23:31:11
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via...
CVE-2011-2367
- EPSS 1.79%
- Veröffentlicht 30.06.2011 16:55:05
- Zuletzt bearbeitet 16.06.2026 23:31:11
The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not properly restrict read operations, which allows remote attackers to obtain sensitive information from GPU memory associated with an arbitrary process, or cause a denial of service...