Mozilla

Firefox

2920 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2008-4059

  • EPSS 1.72%
  • Veröffentlicht 24.09.2008 20:37:04
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The XPConnect component in Mozilla Firefox before 2.0.0.17 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to a SCRIPT element.

7.5

CVE-2008-4060

  • EPSS 2.02%
  • Veröffentlicht 24.09.2008 20:37:04
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to create documents that lack script-handling objects, and execute arbitrary code with chrome privileges, via vector...

10

CVE-2008-4061

  • EPSS 3.9%
  • Veröffentlicht 24.09.2008 20:37:04
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Integer overflow in the MathML component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (memory corruption and application crash) ...

10

CVE-2008-4062

  • EPSS 2.91%
  • Veröffentlicht 24.09.2008 20:37:04
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or po...

9.3

CVE-2008-4063

  • EPSS 2.89%
  • Veröffentlicht 24.09.2008 20:37:04
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the layout engine and (1)...

10

CVE-2008-4064

  • EPSS 2.29%
  • Veröffentlicht 24.09.2008 20:37:04
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to graphics rendering and (1...

4.3

CVE-2008-4065

Exploit
  • EPSS 1.34%
  • Veröffentlicht 24.09.2008 20:37:04
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via byte order mark (BOM) charact...

4.3

CVE-2008-4066

Exploit
  • EPSS 1.2%
  • Veröffentlicht 24.09.2008 20:37:04
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Mozilla Firefox 2.0.0.14, and other versions before 2.0.0.17, allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via HTML-escaped low surrogate characters that are ignored by the HTML parser, as...

4.3

CVE-2008-4067

Exploit
  • EPSS 2.06%
  • Veröffentlicht 24.09.2008 20:37:04
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 on Linux allows remote attackers to read arbitrary files via a .. (dot dot) and URL-encoded / (slash) ...

7.8

CVE-2008-4068

  • EPSS 0.27%
  • Veröffentlicht 24.09.2008 20:37:04
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass "restrictions imposed on local HTML files," and obtain sensitive inf...