CVE-2009-3375
- EPSS 1.67%
- Veröffentlicht 29.10.2009 14:30:00
- Zuletzt bearbeitet 16.06.2026 23:11:29
content/html/document/src/nsHTMLDocument.cpp in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allows user-assisted remote attackers to bypass the Same Origin Policy and read an arbitrary content selection via the document.getSelection fu...
CVE-2009-3376
- EPSS 3.18%
- Veröffentlicht 29.10.2009 14:30:00
- Zuletzt bearbeitet 16.06.2026 23:11:29
Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, does not properly handle a right-to-left override (aka RLO or U+202E) Unicode character in a download filename, which allows remote attackers to spoof file extensions via...
CVE-2009-3274
- EPSS 0.29%
- Veröffentlicht 21.09.2009 19:30:00
- Zuletzt bearbeitet 16.06.2026 23:11:17
Mozilla Firefox 3.6a1, 3.5.3, 3.5.2, and earlier 3.5.x versions, and 3.0.14 and earlier 2.x and 3.x versions, on Linux uses a predictable /tmp pathname for files selected from the Downloads window, which allows local users to replace an arbitrary dow...
- EPSS 4.47%
- Veröffentlicht 18.09.2009 22:30:00
- Zuletzt bearbeitet 16.06.2026 23:03:54
Mozilla Firefox 3.0.1 and earlier allows remote attackers to cause a denial of service (browser hang) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821.
- EPSS 3.73%
- Veröffentlicht 10.09.2009 21:30:01
- Zuletzt bearbeitet 16.06.2026 23:10:50
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
- EPSS 5.45%
- Veröffentlicht 10.09.2009 21:30:01
- Zuletzt bearbeitet 16.06.2026 23:10:51
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
- EPSS 5.45%
- Veröffentlicht 10.09.2009 21:30:01
- Zuletzt bearbeitet 16.06.2026 23:10:52
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via ...
- EPSS 5.27%
- Veröffentlicht 10.09.2009 21:30:01
- Zuletzt bearbeitet 16.06.2026 23:10:52
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and ap...
- EPSS 4.64%
- Veröffentlicht 10.09.2009 21:30:01
- Zuletzt bearbeitet 16.06.2026 23:10:52
Unspecified vulnerability in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
- EPSS 5.45%
- Veröffentlicht 10.09.2009 21:30:01
- Zuletzt bearbeitet 16.06.2026 23:10:52
Unspecified vulnerability in the JavaScript engine in Mozilla Firefox before 3.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.