CVE-2009-0772
- EPSS 3.72%
- Veröffentlicht 05.03.2009 02:30:00
- Zuletzt bearbeitet 16.06.2026 23:05:46
The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetO...
- EPSS 5.79%
- Veröffentlicht 05.03.2009 02:30:00
- Zuletzt bearbeitet 16.06.2026 23:05:46
The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a splice of an array that contains "some...
CVE-2009-0774
- EPSS 4.05%
- Veröffentlicht 05.03.2009 02:30:00
- Zuletzt bearbeitet 16.06.2026 23:05:46
The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different v...
- EPSS 4.71%
- Veröffentlicht 05.03.2009 02:30:00
- Zuletzt bearbeitet 16.06.2026 23:05:47
Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not...
CVE-2009-0776
- EPSS 1.6%
- Veröffentlicht 05.03.2009 02:30:00
- Zuletzt bearbeitet 16.06.2026 23:05:47
nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect.
CVE-2009-0777
- EPSS 1.5%
- Veröffentlicht 05.03.2009 02:30:00
- Zuletzt bearbeitet 16.06.2026 23:05:47
Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 decode invisible characters when they are displayed in the location bar, which causes an incorrect address to be displayed and makes it easier for remote attackers...
- EPSS 5.29%
- Veröffentlicht 05.03.2009 02:30:00
- Zuletzt bearbeitet 16.06.2026 23:05:53
Mozilla Firefox 2.0.0.20 and earlier allows remote attackers to cause a denial of service (application crash) via nested calls to the window.print function, as demonstrated by a window.print(window.print()) in the onclick attribute of an INPUT elemen...
CVE-2009-0652
- EPSS 1.5%
- Veröffentlicht 20.02.2009 19:30:00
- Zuletzt bearbeitet 16.06.2026 23:05:30
The Internationalized Domain Names (IDN) blacklist in Mozilla Firefox 3.0.6 and other versions before 3.0.9; Thunderbird before 2.0.0.21; and SeaMonkey before 1.1.15 does not include box-drawing characters, which allows remote attackers to spoof URLs...
- EPSS 4.33%
- Veröffentlicht 04.02.2009 19:30:00
- Zuletzt bearbeitet 16.06.2026 23:04:50
Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbit...
- EPSS 4.33%
- Veröffentlicht 04.02.2009 19:30:00
- Zuletzt bearbeitet 16.06.2026 23:04:50
Unspecified vulnerability in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code ...