Mozilla

Firefox

3184 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.19%
  • Veröffentlicht 05.04.2010 17:30:00
  • Zuletzt bearbeitet 16.06.2026 23:15:39

The XMLDocument::load function in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 does not perform the expected nsIContentPolicy checks during loading of content by XML documents, which allows...

  • EPSS 2.02%
  • Veröffentlicht 26.03.2010 20:30:00
  • Zuletzt bearbeitet 16.06.2026 23:17:33

The JavaScript implementation in Mozilla Firefox 3.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visi...

  • EPSS 2.84%
  • Veröffentlicht 25.03.2010 22:30:00
  • Zuletzt bearbeitet 16.06.2026 23:17:33

Unspecified vulnerability in Mozilla Firefox 3.5.x through 3.5.8 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly have unknown other impact via vectors that might involve compressed data, a d...

  • EPSS 5.77%
  • Veröffentlicht 25.03.2010 21:00:01
  • Zuletzt bearbeitet 16.06.2026 23:17:33

Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes of DOM nodes that are moved from one document to another, which allows remote attackers to conduct use-after-free attacks and execute arbitrary code via unspecified vectors involv...

Exploit
  • EPSS 5.72%
  • Veröffentlicht 25.03.2010 21:00:00
  • Zuletzt bearbeitet 16.06.2026 23:15:36

Use-after-free vulnerability in the imgContainer::InternalAddFrameHelper function in src/imgContainer.cpp in libpr0n in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of service (heap memory corruption and application cras...

  • EPSS 3.76%
  • Veröffentlicht 25.03.2010 21:00:00
  • Zuletzt bearbeitet 16.06.2026 23:15:36

The TraceRecorder::traverseScopeChain function in js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitr...

  • EPSS 6.76%
  • Veröffentlicht 25.03.2010 21:00:00
  • Zuletzt bearbeitet 16.06.2026 23:15:36

The gfxTextRun::SanitizeGlyphRuns function in gfx/thebes/src/gfxFont.cpp in the browser engine in Mozilla Firefox 3.6 before 3.6.2 on Mac OS X, when the Core Text API is used, does not properly perform certain deletions, which allows remote attackers...

  • EPSS 10.51%
  • Veröffentlicht 25.03.2010 21:00:00
  • Zuletzt bearbeitet 16.06.2026 23:15:36

The browser engine in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash)...

  • EPSS 12.41%
  • Veröffentlicht 25.03.2010 21:00:00
  • Zuletzt bearbeitet 16.06.2026 23:15:36

The nsDocument::MaybePreLoadImage function in content/base/src/nsDocument.cpp in the image-preloading implementation in Mozilla Firefox 3.6 before 3.6.2 does not apply scheme restrictions and policy restrictions to the image's URL, which might allow ...

  • EPSS 1.69%
  • Veröffentlicht 25.03.2010 21:00:00
  • Zuletzt bearbeitet 16.06.2026 23:15:37

The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes the case of certain strings i...