Mozilla

Thunderbird

1542 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2016-1952

  • EPSS 0.61%
  • Veröffentlicht 13.03.2016 18:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary cod...

8.1

CVE-2016-1526

  • EPSS 0.52%
  • Veröffentlicht 13.02.2016 02:59:12
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, incorrectly validates a size value, which allows remote attackers to obtain sensitive inform...

6.5

CVE-2016-1523

  • EPSS 0.84%
  • Veröffentlicht 13.02.2016 02:59:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The SillMap::readFace function in FeatureMap.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, mishandles a return value, which allows remote attackers to cause a denial of service (mis...

9.3

CVE-2016-1522

Exploit
  • EPSS 1.86%
  • Veröffentlicht 13.02.2016 02:59:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Code.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not consider recursive load calls during a size check, which allows remote attackers to cause a denial of service (heap-based...

8.8

CVE-2016-1521

  • EPSS 0.75%
  • Veröffentlicht 13.02.2016 02:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary ...

10

CVE-2015-2740

  • EPSS 5.45%
  • Veröffentlicht 06.07.2015 02:01:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Buffer overflow in the nsXMLHttpRequest::AppendToResponseText function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 might allow remote attackers to cause a denial of service or have un...

10

CVE-2015-2738

  • EPSS 0.95%
  • Veröffentlicht 06.07.2015 02:01:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, wh...

10

CVE-2015-2739

  • EPSS 0.75%
  • Veröffentlicht 06.07.2015 02:01:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The ArrayBufferBuilder::append function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which has unspecified impact and attack vectors.

10

CVE-2015-2737

  • EPSS 0.95%
  • Veröffentlicht 06.07.2015 02:01:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecifi...

9.3

CVE-2015-2736

  • EPSS 2.04%
  • Veröffentlicht 06.07.2015 02:01:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The nsZipArchive::BuildFileList function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact ...