Mozilla

Firefox

3184 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 4.72%
  • Veröffentlicht 02.03.2011 20:00:01
  • Zuletzt bearbeitet 16.06.2026 23:26:42

Use-after-free vulnerability in the Web Workers implementation in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to execute arbitrary code via vectors related to a JavaScript Worker and gar...

  • EPSS 5.5%
  • Veröffentlicht 02.03.2011 20:00:01
  • Zuletzt bearbeitet 16.06.2026 23:26:42

Buffer overflow in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a long string that triggers const...

  • EPSS 0.97%
  • Veröffentlicht 02.03.2011 20:00:01
  • Zuletzt bearbeitet 16.06.2026 23:26:42

Cross-site request forgery (CSRF) vulnerability in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to hijack the authentication of arbitrary users for requests that were initiated by a plugi...

  • EPSS 4.7%
  • Veröffentlicht 02.03.2011 20:00:01
  • Zuletzt bearbeitet 16.06.2026 23:26:43

Buffer overflow in Mozilla Firefox 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image.

  • EPSS 3.85%
  • Veröffentlicht 02.03.2011 20:00:01
  • Zuletzt bearbeitet 16.06.2026 23:26:43

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.14 and Thunderbird 3.1.x before 3.1.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arb...

  • EPSS 7%
  • Veröffentlicht 10.12.2010 19:00:02
  • Zuletzt bearbeitet 16.06.2026 23:23:28

Use-after-free vulnerability in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via vectors involving a change to an nsDOMAttribute node.

  • EPSS 4.81%
  • Veröffentlicht 10.12.2010 19:00:02
  • Zuletzt bearbeitet 16.06.2026 23:23:29

Integer overflow in the NewIdArray function in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via a JavaScript array with many elements.

  • EPSS 4.81%
  • Veröffentlicht 10.12.2010 19:00:02
  • Zuletzt bearbeitet 16.06.2026 23:23:29

Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate downloadable fonts before use within an operating system's font implementation, which allows...

  • EPSS 4.62%
  • Veröffentlicht 10.12.2010 19:00:02
  • Zuletzt bearbeitet 16.06.2026 23:23:29

The line-breaking implementation in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 on Windows does not properly handle long strings, which allows remote attackers t...

  • EPSS 4.45%
  • Veröffentlicht 10.12.2010 19:00:02
  • Zuletzt bearbeitet 16.06.2026 23:23:29

Multiple cross-site scripting (XSS) vulnerabilities in the rendering engine in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allow remote attackers to inject arbitrary web script or HTML via (1) x-mac-arabic, (2)...