Mozilla

Firefox

3184 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.55%
  • Veröffentlicht 26.02.2007 20:28:00
  • Zuletzt bearbeitet 16.06.2026 22:36:16

GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot...

  • EPSS 2.49%
  • Veröffentlicht 26.02.2007 20:28:00
  • Zuletzt bearbeitet 16.06.2026 22:36:16

browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked...

  • EPSS 1.14%
  • Veröffentlicht 26.02.2007 19:28:00
  • Zuletzt bearbeitet 16.06.2026 22:36:15

Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allow remote attackers to cause a denial of service (crash) and potentially e...

  • EPSS 6.74%
  • Veröffentlicht 26.02.2007 19:28:00
  • Zuletzt bearbeitet 16.06.2026 22:36:15

Heap-based buffer overflow in the _cairo_pen_init function in Mozilla Firefox 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to execute arbitrary code via a large stroke-width attribute in the clip...

  • EPSS 7.56%
  • Veröffentlicht 26.02.2007 19:28:00
  • Zuletzt bearbeitet 16.06.2026 22:36:16

The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vect...

  • EPSS 2.13%
  • Veröffentlicht 26.02.2007 19:28:00
  • Zuletzt bearbeitet 16.06.2026 22:36:42

Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 ignores trailing invalid HTML characters in attribute names, which allows remote attackers to bypass content filters that use regular expressions.

Exploit
  • EPSS 7.07%
  • Veröffentlicht 26.02.2007 17:28:00
  • Zuletzt bearbeitet 16.06.2026 22:36:55

Mozilla Firefox 1.5.0.9 and 2.0.0.1, and SeaMonkey before 1.0.8 allow remote attackers to execute arbitrary code via JavaScript onUnload handlers that modify the structure of a document, wich triggers memory corruption due to the lack of a finalize h...

  • EPSS 2.19%
  • Veröffentlicht 26.02.2007 17:28:00
  • Zuletzt bearbeitet 16.06.2026 22:36:56

Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 do not properly implement JavaScript onUnload handlers, which allows remote attackers to run certain JavaScript code and access the location DOM hierarchy in the context of the next web site t...

  • EPSS 1.47%
  • Veröffentlicht 23.02.2007 02:28:00
  • Zuletzt bearbeitet 16.06.2026 22:36:54

Mozilla Firefox 2.0.0.1 and earlier does not prompt users before saving bookmarklets, which allows remote attackers to bypass the same-domain policy by tricking a user into saving a bookmarklet with a data: scheme, which is executed in the context of...

  • EPSS 1.21%
  • Veröffentlicht 20.02.2007 02:28:00
  • Zuletzt bearbeitet 16.06.2026 22:36:44

Mozilla Firefox might allow remote attackers to conduct spoofing and phishing attacks by writing to an about:blank tab and overlaying the location bar.