Mozilla

Firefox

2867 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2008-1240

  • EPSS 5.59%
  • Veröffentlicht 28.03.2008 01:44:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

LiveConnect in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 does not properly parse the content origin for jar: URIs before sending them to the Java plugin, which allows remote attackers to access arbitrary ports on the local machine. ...

6.8

CVE-2008-1233

  • EPSS 22.23%
  • Veröffentlicht 27.03.2008 10:44:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to execute arbitrary code via "XPCNativeWrapper pollution."

4.3

CVE-2008-1234

  • EPSS 8.25%
  • Veröffentlicht 27.03.2008 10:44:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to inject arbitrary web script or HTML via event handlers, aka "Universal XSS using event han...

9.3

CVE-2008-1235

  • EPSS 19.12%
  • Veröffentlicht 27.03.2008 10:44:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to execute arbitrary code via unknown vectors that cause JavaScript to execute with the wrong principal, aka...

6.8

CVE-2008-1236

  • EPSS 28.84%
  • Veröffentlicht 27.03.2008 10:44:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors relat...

6.8

CVE-2008-1237

  • EPSS 28.84%
  • Veröffentlicht 27.03.2008 10:44:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors relat...

5

CVE-2008-1238

Exploit
  • EPSS 6.24%
  • Veröffentlicht 27.03.2008 10:44:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when generating the HTTP Referer header, does not list the entire URL when it contains Basic Authentication credentials without a username, which makes it easier for remote attackers to bypa...

4.3

CVE-2008-1241

  • EPSS 3.83%
  • Veröffentlicht 27.03.2008 10:44:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 allows remote attackers to spoof form elements and redirect user inputs via a borderless XUL pop-up window from a background tab.

4.3

CVE-2008-0416

  • EPSS 6.63%
  • Veröffentlicht 12.02.2008 03:00:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allow remote attackers to inject arbitrary web script or HTML via certain character encodings, including ...

9.3

CVE-2008-0420

  • EPSS 2.1%
  • Veröffentlicht 12.02.2008 03:00:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 does not properly perform certain calculations related to the mColors table, which allows remote attackers to re...