Mozilla

Firefox

3184 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 1.74%
  • Veröffentlicht 11.05.2009 15:30:00
  • Zuletzt bearbeitet 16.06.2026 23:07:36

Mozilla Firefox executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file, which might allow remote attackers to bypass intended Adobe Acrobat JavaScript restrictions...

  • EPSS 8.39%
  • Veröffentlicht 30.04.2009 21:30:00
  • Zuletzt bearbeitet 16.06.2026 23:07:00

The nsTextFrame::ClearTextRun function in layout/generic/nsTextFrameThebes.cpp in Mozilla Firefox 3.0.9 allows remote attackers to cause a denial of service (memory corruption) and probably execute arbitrary code via unspecified vectors. NOTE: this ...

Exploit
  • EPSS 2.9%
  • Veröffentlicht 22.04.2009 18:30:00
  • Zuletzt bearbeitet 16.06.2026 23:06:58

The browser engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to (1...

  • EPSS 1.76%
  • Veröffentlicht 22.04.2009 18:30:00
  • Zuletzt bearbeitet 16.06.2026 23:06:59

The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to nsSVGE...

Exploit
  • EPSS 2.1%
  • Veröffentlicht 22.04.2009 18:30:00
  • Zuletzt bearbeitet 16.06.2026 23:06:59

The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving ...

Exploit
  • EPSS 1.95%
  • Veröffentlicht 22.04.2009 18:30:00
  • Zuletzt bearbeitet 16.06.2026 23:06:59

The JavaScript engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving JSOP...

  • EPSS 1.33%
  • Veröffentlicht 22.04.2009 18:30:00
  • Zuletzt bearbeitet 16.06.2026 23:06:59

The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other at...

  • EPSS 2.18%
  • Veröffentlicht 22.04.2009 18:30:00
  • Zuletzt bearbeitet 16.06.2026 23:06:59

The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to (1) bypass crossdomain.xml restrictions and connect to arbitrary web ...

Exploit
  • EPSS 2.29%
  • Veröffentlicht 22.04.2009 18:30:00
  • Zuletzt bearbeitet 16.06.2026 23:06:59

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey allows remote attackers to inject arbitrary web script or HTML via vectors involving XBL JavaScript bindings and remote stylesheets, as exploited in ...

  • EPSS 1.35%
  • Veröffentlicht 22.04.2009 18:30:00
  • Zuletzt bearbeitet 16.06.2026 23:07:00

Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for (1) XMLHttpRequest, involving a mismatch for a document's principal, and (2) XPCNativeWrapper.toString, involving an incorrect __proto__ sco...