Mozilla

Firefox

3184 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 5.27%
  • Veröffentlicht 10.09.2009 21:30:01
  • Zuletzt bearbeitet 16.06.2026 23:10:52

Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.2, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and...

  • EPSS 6.72%
  • Veröffentlicht 10.09.2009 21:30:01
  • Zuletzt bearbeitet 16.06.2026 23:10:53

Mozilla Firefox before 3.0.14 does not properly implement certain dialogs associated with the (1) pkcs11.addmodule and (2) pkcs11.deletemodule operations, which makes it easier for remote attackers to trick a user into installing or removing an arbit...

  • EPSS 4.62%
  • Veröffentlicht 10.09.2009 21:30:01
  • Zuletzt bearbeitet 16.06.2026 23:10:53

Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, does not properly manage pointers for the columns (aka TreeColumns) of a XUL tree element, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to a "dangl...

  • EPSS 2.25%
  • Veröffentlicht 10.09.2009 21:30:01
  • Zuletzt bearbeitet 16.06.2026 23:10:53

Visual truncation vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to trigger a vertical scroll and spoof URLs via unspecified Unicode characters with a tall line-height property.

  • EPSS 3.87%
  • Veröffentlicht 10.09.2009 21:30:01
  • Zuletzt bearbeitet 16.06.2026 23:10:53

Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter.

Exploit
  • EPSS 1.85%
  • Veröffentlicht 31.08.2009 16:30:06
  • Zuletzt bearbeitet 16.06.2026 23:10:43

Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1 pre; SeaMonkey 1.1.17; and Mozilla 1.7.x and earlier do not properly block data: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting ...

Exploit
  • EPSS 0.83%
  • Veröffentlicht 31.08.2009 16:30:06
  • Zuletzt bearbeitet 16.06.2026 23:10:43

Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1 pre does not properly block data: URIs in Location headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injec...

Exploit
  • EPSS 0.99%
  • Veröffentlicht 31.08.2009 16:30:06
  • Zuletzt bearbeitet 16.06.2026 23:10:43

Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1 pre; SeaMonkey 1.1.17; and Mozilla 1.7.x and earlier do not properly handle javascript: URIs in HTML links within 302 error documents sent from web servers, which allows user-assisted re...

  • EPSS 0.64%
  • Veröffentlicht 28.08.2009 15:30:00
  • Zuletzt bearbeitet 16.06.2026 23:10:42

Mozilla Firefox 3.5.1 and SeaMonkey 1.1.17, and Flock 2.5.1, allow context-dependent attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary file: URL after a victim has visited any file: URL, as demonstrated by ...

Exploit
  • EPSS 2.05%
  • Veröffentlicht 27.08.2009 17:30:00
  • Zuletzt bearbeitet 16.06.2026 23:10:38

Mozilla Firefox 3.5.2 on Windows XP, in some situations possibly involving an incompletely configured protocol handler, does not properly implement setting the document.location property to a value specifying a protocol associated with an external ap...