Mozilla

Thunderbird

1542 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2016-1952

  • EPSS 0.61%
  • Published 13.03.2016 18:59:01
  • Last modified 12.04.2025 10:46:40

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary cod...

8.1

CVE-2016-1526

  • EPSS 0.52%
  • Published 13.02.2016 02:59:12
  • Last modified 12.04.2025 10:46:40

The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, incorrectly validates a size value, which allows remote attackers to obtain sensitive inform...

6.5

CVE-2016-1523

  • EPSS 0.84%
  • Published 13.02.2016 02:59:08
  • Last modified 12.04.2025 10:46:40

The SillMap::readFace function in FeatureMap.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, mishandles a return value, which allows remote attackers to cause a denial of service (mis...

9.3

CVE-2016-1522

Exploit
  • EPSS 1.86%
  • Published 13.02.2016 02:59:07
  • Last modified 12.04.2025 10:46:40

Code.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not consider recursive load calls during a size check, which allows remote attackers to cause a denial of service (heap-based...

8.8

CVE-2016-1521

  • EPSS 0.75%
  • Published 13.02.2016 02:59:06
  • Last modified 12.04.2025 10:46:40

The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary ...

10

CVE-2015-2740

  • EPSS 5.45%
  • Published 06.07.2015 02:01:08
  • Last modified 12.04.2025 10:46:40

Buffer overflow in the nsXMLHttpRequest::AppendToResponseText function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 might allow remote attackers to cause a denial of service or have un...

10

CVE-2015-2738

  • EPSS 0.95%
  • Published 06.07.2015 02:01:07
  • Last modified 12.04.2025 10:46:40

The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, wh...

10

CVE-2015-2739

  • EPSS 0.75%
  • Published 06.07.2015 02:01:07
  • Last modified 12.04.2025 10:46:40

The ArrayBufferBuilder::append function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which has unspecified impact and attack vectors.

10

CVE-2015-2737

  • EPSS 0.95%
  • Published 06.07.2015 02:01:06
  • Last modified 12.04.2025 10:46:40

The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecifi...

9.3

CVE-2015-2736

  • EPSS 2.04%
  • Published 06.07.2015 02:01:05
  • Last modified 12.04.2025 10:46:40

The nsZipArchive::BuildFileList function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact ...