Mozilla

Firefox

3184 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.96%
  • Veröffentlicht 30.07.2010 20:30:01
  • Zuletzt bearbeitet 16.06.2026 23:17:51

The importScripts Web Worker method in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not verify that content is valid JavaScript code, which allows r...

  • EPSS 7.59%
  • Veröffentlicht 30.07.2010 20:30:01
  • Zuletzt bearbeitet 16.06.2026 23:17:52

Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via plugin content with many parameter elements.

  • EPSS 1.49%
  • Veröffentlicht 30.07.2010 20:30:01
  • Zuletzt bearbeitet 16.06.2026 23:17:52

Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 do not properly implement access to a content object through a SafeJSObjectWrapper (aka SJOW) wrapper, which allows remote attackers to execute arbitrary JavaScript code with chrom...

  • EPSS 1.07%
  • Veröffentlicht 30.07.2010 13:26:18
  • Zuletzt bearbeitet 16.06.2026 23:21:26

dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppress a script's URL in certain circumstances involving...

  • EPSS 4.13%
  • Veröffentlicht 30.07.2010 13:26:18
  • Zuletzt bearbeitet 16.06.2026 23:21:26

layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via...

Exploit
  • EPSS 43.38%
  • Veröffentlicht 30.06.2010 18:30:01
  • Zuletzt bearbeitet 16.06.2026 23:17:50

Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.

Exploit
  • EPSS 1.1%
  • Veröffentlicht 25.06.2010 19:30:01
  • Zuletzt bearbeitet 16.06.2026 23:17:51

The startDocumentLoad function in browser/base/content/browser.js in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, does not properly implement the Same Origin Policy in certain circumstances related to the ab...

  • EPSS 3.95%
  • Veröffentlicht 24.06.2010 12:30:01
  • Zuletzt bearbeitet 16.06.2026 23:15:39

Use-after-free vulnerability in the nsCycleCollector::MarkRoots function in Mozilla Firefox 3.5.x before 3.5.10 and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a crafted HTML document, related to an improper frame con...

  • EPSS 4.88%
  • Veröffentlicht 24.06.2010 12:30:01
  • Zuletzt bearbeitet 16.06.2026 23:17:48

Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM nod...

  • EPSS 2.07%
  • Veröffentlicht 24.06.2010 12:30:01
  • Zuletzt bearbeitet 16.06.2026 23:17:49

Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, does not properly handle situations in which both "Content-Disposition: attachment" and "Content-Type: multipart" are present in HTTP headers, which allows remote...