Mozilla

Firefox

3184 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 3.43%
  • Veröffentlicht 21.10.2007 19:17:00
  • Zuletzt bearbeitet 16.06.2026 22:45:55

Multiple vulnerabilities in the Javascript engine in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption.

  • EPSS 1.01%
  • Veröffentlicht 14.10.2007 19:17:00
  • Zuletzt bearbeitet 16.06.2026 22:46:11

Cross-site scripting (XSS) vulnerability in the sidebar HTML page in the MouseoverDictionary before 0.6.2 extension for Mozilla Firefox allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • EPSS 0.9%
  • Veröffentlicht 12.10.2007 21:17:00
  • Zuletzt bearbeitet 16.06.2026 22:46:04

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0, when UTF-7 document content is rendered directly in UTF-7, allows remote attackers to inject arbitrary web script or HTML via a gopher URI that uses single quote characters to de...

  • EPSS 0.74%
  • Veröffentlicht 12.10.2007 21:17:00
  • Zuletzt bearbeitet 16.06.2026 22:46:05

Cross-site scripting (XSS) vulnerability in Mozilla Firefox 2.0, when UTF-7 document content is rendered directly in UTF-7, allows remote attackers to inject arbitrary web script or HTML via a gopher URI that uses '/' (slash) characters to delimit a ...

  • EPSS 3.45%
  • Veröffentlicht 24.09.2007 00:17:00
  • Zuletzt bearbeitet 16.06.2026 22:45:20

Argument injection vulnerability in Apple QuickTime 7.1.5 and earlier, when running on systems with Mozilla Firefox before 2.0.0.7 installed, allows remote attackers to execute arbitrary commands via a QuickTime Media Link (QTL) file with an embed XM...

  • EPSS 1.27%
  • Veröffentlicht 13.09.2007 18:17:00
  • Zuletzt bearbeitet 16.06.2026 22:44:55

Mozilla Firefox before Firefox 2.0.0.13, and SeaMonkey before 1.1.9, can automatically install TLS client certificates with minimal user interaction, and automatically sends these certificates when requested, which makes it easier for remote web site...

  • EPSS 2.65%
  • Veröffentlicht 12.09.2007 20:17:00
  • Zuletzt bearbeitet 16.06.2026 22:44:53

Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to execute arbitrary commands via a (1) mailto, (2) nntp, (3) news, or (4) snews URI with invalid "%" encoding, related to improper file ty...

Exploit
  • EPSS 1.33%
  • Veröffentlicht 15.08.2007 00:17:00
  • Zuletzt bearbeitet 16.06.2026 22:43:54

Mozilla Firefox 2.0.0.6 and earlier allows remote attackers to spoof the contents of the status bar via a link to a data: URI containing an encoded URL. NOTE: the severity of this issue has been disputed by a reliable third party, since the intended...

Exploit
  • EPSS 5.45%
  • Veröffentlicht 08.08.2007 01:17:00
  • Zuletzt bearbeitet 16.06.2026 22:42:52

Mozilla Firefox 2.0.0.5, Thunderbird 2.0.0.5 and before 1.5.0.13, and SeaMonkey 1.1.3 allows remote attackers to conduct cross-site scripting (XSS) attacks with chrome privileges via an addon that inserts a (1) javascript: or (2) data: link into an a...

  • EPSS 5.7%
  • Veröffentlicht 08.08.2007 01:17:00
  • Zuletzt bearbeitet 16.06.2026 22:42:52

Mozilla Firefox before 2.0.0.6, Thunderbird before 1.5.0.13 and 2.x before 2.0.0.6, and SeaMonkey before 1.1.4 allow remote attackers to execute arbitrary commands via certain vectors associated with launching "a file handling program based on the fi...