Mozilla

Firefox

3184 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 4.63%
  • Veröffentlicht 24.08.2009 15:30:00
  • Zuletzt bearbeitet 16.06.2026 23:10:35

Mozilla Firefox 3.0.6 through 3.0.13, and 3.5.x, allows remote attackers to cause a denial of service (CPU consumption) via JavaScript code with a long string value for the hash property (aka location.hash), a related issue to CVE-2008-5715.

  • EPSS 1.99%
  • Veröffentlicht 04.08.2009 16:30:00
  • Zuletzt bearbeitet 16.06.2026 23:09:31

Mozilla Firefox before 3.0.12, and 3.5.x before 3.5.2, allows remote SOCKS5 proxy servers to cause a denial of service (data stream corruption) via a long domain name in a reply.

  • EPSS 4.94%
  • Veröffentlicht 04.08.2009 16:30:00
  • Zuletzt bearbeitet 16.06.2026 23:09:56

The browser engine in Mozilla Firefox 3.5.x before 3.5.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the TraceRecorder::snapshot function in ...

  • EPSS 2.72%
  • Veröffentlicht 04.08.2009 16:30:00
  • Zuletzt bearbeitet 16.06.2026 23:09:56

libvorbis before r16182, as used in Mozilla Firefox 3.5.x before 3.5.2 and other products, allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .ogg...

  • EPSS 2.8%
  • Veröffentlicht 04.08.2009 16:30:00
  • Zuletzt bearbeitet 16.06.2026 23:09:57

The js_watch_set function in js/src/jsdbgapi.cpp in the JavaScript engine in Mozilla Firefox before 3.0.12 allows remote attackers to cause a denial of service (assertion failure and application exit) or possibly execute arbitrary code via a crafted ...

  • EPSS 2.53%
  • Veröffentlicht 04.08.2009 16:30:00
  • Zuletzt bearbeitet 16.06.2026 23:09:57

The nsDocument::SetScriptGlobalObject function in content/base/src/nsDocument.cpp in Mozilla Firefox 3.5.x before 3.5.2, when certain add-ons are enabled, does not properly handle a Link HTTP header, which allows remote attackers to execute arbitrary...

Exploit
  • EPSS 4.75%
  • Veröffentlicht 03.08.2009 14:30:00
  • Zuletzt bearbeitet 16.06.2026 23:09:55

Mozilla Firefox before 3.0.13, and 3.5.x before 3.5.2, allows remote attackers to spoof the address bar, and possibly conduct phishing attacks, via a crafted web page that calls window.open with an invalid character in the URL, makes document.write c...

Medienbericht
  • EPSS 5.74%
  • Veröffentlicht 30.07.2009 19:30:00
  • Zuletzt bearbeitet 16.06.2026 23:09:22

Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certif...

  • EPSS 5.41%
  • Veröffentlicht 22.07.2009 18:30:00
  • Zuletzt bearbeitet 16.06.2026 23:09:29

The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) the frame chain and synch...

  • EPSS 6.43%
  • Veröffentlicht 22.07.2009 18:30:00
  • Zuletzt bearbeitet 16.06.2026 23:09:30

Multiple integer overflows in the (1) PL_Base64Decode and (2) PL_Base64Encode functions in nsprpub/lib/libc/src/base64.c in Mozilla Firefox before 3.0.12, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a deni...