Mozilla

Firefox

3184 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 3.14%
  • Veröffentlicht 17.12.2008 23:30:00
  • Zuletzt bearbeitet 16.06.2026 23:00:10

The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service via vectors that trigger an assertion failure.

  • EPSS 2.27%
  • Veröffentlicht 17.12.2008 23:30:00
  • Zuletzt bearbeitet 16.06.2026 23:00:12

The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) via vectors that trigger memory corruption, related to the GetXMLEnti...

  • EPSS 1.52%
  • Veröffentlicht 17.12.2008 23:30:00
  • Zuletzt bearbeitet 16.06.2026 23:00:24

The loadBindingDocument function in Mozilla Firefox 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not perform any security checks related to the same-domain policy, which allows remote attackers to read or...

  • EPSS 2.55%
  • Veröffentlicht 17.12.2008 23:30:00
  • Zuletzt bearbeitet 16.06.2026 23:00:25

Mozilla Firefox 2.x before 2.0.0.19 allows remote attackers to run arbitrary JavaScript with chrome privileges via vectors related to the feed preview, a different vulnerability than CVE-2008-3836.

  • EPSS 2.3%
  • Veröffentlicht 17.12.2008 23:30:00
  • Zuletzt bearbeitet 16.06.2026 23:00:25

Mozilla Firefox 3.x before 3.0.5 allows remote attackers to bypass intended privacy restrictions by using the persist attribute in an XUL element to create and access data entities that are similar to cookies.

  • EPSS 2.09%
  • Veröffentlicht 17.12.2008 23:30:00
  • Zuletzt bearbeitet 16.06.2026 23:00:25

Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy by causing the browser to issue an XMLHttpRequest to an attacker-contr...

  • EPSS 1.66%
  • Veröffentlicht 17.12.2008 23:30:00
  • Zuletzt bearbeitet 16.06.2026 23:00:25

Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allow remote attackers to bypass the same origin policy and access portions of data from another domain via a JavaScript URL th...

  • EPSS 2.22%
  • Veröffentlicht 17.12.2008 23:30:00
  • Zuletzt bearbeitet 16.06.2026 23:00:26

Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not properly parse URLs with leading whitespace or control characters, which might allow remote attackers to misrepresent ...

  • EPSS 2.21%
  • Veröffentlicht 17.12.2008 23:30:00
  • Zuletzt bearbeitet 16.06.2026 23:00:26

The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 ignores the '\0' escaped null character, which might allow remote attackers to bypass protection mechanisms s...

  • EPSS 1.86%
  • Veröffentlicht 17.12.2008 23:30:00
  • Zuletzt bearbeitet 16.06.2026 23:00:26

Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy and conduct cross-site scripting (XSS) attacks via an XBL binding to a...