Mozilla

Thunderbird

1713 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2013-1692

  • EPSS 1.02%
  • Veröffentlicht 26.06.2013 03:19:10
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not prevent the inclusion of body data in an XMLHttpRequest HEAD request, which makes it easier for remote attackers to ...

4.3

CVE-2013-1693

  • EPSS 0.62%
  • Veröffentlicht 26.06.2013 03:19:10
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The SVG filter implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to read pixel values, and possibly bypass the Same Origin Policy a...

7.5

CVE-2013-1694

  • EPSS 2.92%
  • Veröffentlicht 26.06.2013 03:19:10
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The PreserveWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly handle the lack of a wrapper, which allows remote attackers to caus...

9.3

CVE-2013-1697

  • EPSS 2.64%
  • Veröffentlicht 26.06.2013 03:19:10
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly restrict use of DefaultValue for method calls, which allows remote atta...

10

CVE-2013-1681

  • EPSS 2.8%
  • Veröffentlicht 16.05.2013 11:45:31
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Use-after-free vulnerability in the nsContentUtils::RemoveScriptBlocker function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbi...

10

CVE-2013-0801

  • EPSS 1.56%
  • Veröffentlicht 16.05.2013 11:45:30
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allow remote attackers to cause a denial of service (memory c...

4.3

CVE-2013-1670

  • EPSS 21.9%
  • Veröffentlicht 16.05.2013 11:45:30
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 does not prevent acquisition of chrome privileges during calls to content...

6.9

CVE-2013-1672

  • EPSS 0.03%
  • Veröffentlicht 16.05.2013 11:45:30
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The Mozilla Maintenance Service in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 on Windows allows local users to bypass integrity verification and gain privileges via v...

9.3

CVE-2013-1674

  • EPSS 4.48%
  • Veröffentlicht 16.05.2013 11:45:30
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Use-after-free vulnerability in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code via vectors involving an onresize event d...

6.5

CVE-2013-1675

Warnung Exploit
  • EPSS 7.95%
  • Veröffentlicht 16.05.2013 11:45:30
  • Zuletzt bearbeitet 22.04.2026 16:42:11

Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale funct...