CVE-2010-3174
- EPSS 2.99%
- Veröffentlicht 21.10.2010 19:00:02
- Zuletzt bearbeitet 16.06.2026 23:22:18
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.14, Thunderbird before 3.0.9, and SeaMonkey before 2.0.9 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly ex...
CVE-2010-3175
- EPSS 3.73%
- Veröffentlicht 21.10.2010 19:00:02
- Zuletzt bearbeitet 16.06.2026 23:22:18
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.11 and Thunderbird 3.1.x before 3.1.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arb...
CVE-2010-3176
- EPSS 4.55%
- Veröffentlicht 21.10.2010 19:00:02
- Zuletzt bearbeitet 16.06.2026 23:22:18
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allow remote attackers to cause a denial of service...
CVE-2010-3171
- EPSS 4.46%
- Veröffentlicht 15.09.2010 20:00:02
- Zuletzt bearbeitet 16.06.2026 23:22:17
The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.10 through 3.5.11, 3.6.4 through 3.6.8, and 4.0 Beta1 uses a random number generator that is seeded only once per document object, which makes it easier for remote attac...
CVE-2010-3399
- EPSS 1.91%
- Veröffentlicht 15.09.2010 20:00:02
- Zuletzt bearbeitet 16.06.2026 23:22:41
The js_InitRandom function in the JavaScript implementation in Mozilla Firefox 3.5.10 through 3.5.11, 3.6.4 through 3.6.8, and 4.0 Beta1 uses a context pointer in conjunction with its successor pointer for seeding of a random number generator, which ...
CVE-2010-3400
- EPSS 1.41%
- Veröffentlicht 15.09.2010 20:00:02
- Zuletzt bearbeitet 16.06.2026 23:22:42
The js_InitRandom function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, uses the current time for seeding of a random number generator, which makes it easier for remote at...
CVE-2010-2760
- EPSS 3.95%
- Veröffentlicht 09.09.2010 19:00:02
- Zuletzt bearbeitet 16.06.2026 23:21:27
Use-after-free vulnerability in the nsTreeSelection function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code v...
CVE-2010-2762
- EPSS 2.02%
- Veröffentlicht 09.09.2010 19:00:02
- Zuletzt bearbeitet 16.06.2026 23:21:27
The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) implementation in Mozilla Firefox 3.6.x before 3.6.9 and Thunderbird 3.1.x before 3.1.3 does not properly restrict objects at the end of scope chains, which allows remote attacker...
CVE-2010-2763
- EPSS 1.59%
- Veröffentlicht 09.09.2010 19:00:02
- Zuletzt bearbeitet 16.06.2026 23:21:27
The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) implementation in Mozilla Firefox before 3.5.12, Thunderbird before 3.0.7, and SeaMonkey before 2.0.7 does not properly restrict scripted functions, which allows remote attackers ...
CVE-2010-2764
- EPSS 2%
- Veröffentlicht 09.09.2010 19:00:02
- Zuletzt bearbeitet 16.06.2026 23:21:27
Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict read access to the statusText property of XMLHttpRequest objects, which allows remote attackers...