Mozilla

Firefox

3184 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 13.23%
  • Veröffentlicht 22.07.2009 18:30:00
  • Zuletzt bearbeitet 16.06.2026 23:09:30

The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in Mozilla Firefox before 3.0.12, SeaMonkey 2.0a1pre, and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arb...

  • EPSS 5.41%
  • Veröffentlicht 22.07.2009 18:30:00
  • Zuletzt bearbeitet 16.06.2026 23:09:30

Mozilla Firefox before 3.0.12 and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via vectors involving double frame construction, related to (1) nsHTMLContentSink.cp...

Exploit
  • EPSS 6.62%
  • Veröffentlicht 22.07.2009 18:30:00
  • Zuletzt bearbeitet 16.06.2026 23:09:30

The JavaScript engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) nsDOMClassInfo.cpp, (2...

  • EPSS 5.42%
  • Veröffentlicht 22.07.2009 18:30:00
  • Zuletzt bearbeitet 16.06.2026 23:09:30

Mozilla Firefox before 3.0.12 and 3.5 before 3.5.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a Flash object, a slow script dialog, and the unloading of the Flash ...

  • EPSS 6.33%
  • Veröffentlicht 22.07.2009 18:30:00
  • Zuletzt bearbeitet 16.06.2026 23:09:30

Integer overflow in Apple CoreGraphics, as used in Safari before 4.0.3, Mozilla Firefox before 3.0.12, and Mac OS X 10.4.11 and 10.5.8, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a ...

  • EPSS 5.56%
  • Veröffentlicht 22.07.2009 18:30:00
  • Zuletzt bearbeitet 16.06.2026 23:09:31

Mozilla Firefox before 3.0.12 does not properly handle an SVG element that has a property with a watch function and an __defineSetter__ function, which allows remote attackers to cause a denial of service (memory corruption and application crash) or ...

  • EPSS 3.73%
  • Veröffentlicht 22.07.2009 18:30:00
  • Zuletzt bearbeitet 16.06.2026 23:09:31

The setTimeout function in Mozilla Firefox before 3.0.12 does not properly preserve object wrapping, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafted call, related to XPCNativeWrapper.

  • EPSS 2.24%
  • Veröffentlicht 22.07.2009 18:30:00
  • Zuletzt bearbeitet 16.06.2026 23:09:31

Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted document, re...

  • EPSS 9.4%
  • Veröffentlicht 20.07.2009 18:30:01
  • Zuletzt bearbeitet 16.06.2026 23:09:39

Mozilla Firefox before 2.0.0.19 and 3.x before 3.0.5, SeaMonkey, and Thunderbird allow remote attackers to cause a denial of service (memory consumption and application crash) via a large integer value for the length property of a Select object, a re...

Exploit
  • EPSS 7.81%
  • Veröffentlicht 16.07.2009 15:30:00
  • Zuletzt bearbeitet 16.06.2026 23:09:32

Mozilla Firefox 3.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors, related to a "flash bug."