Mozilla

Thunderbird

1542 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2014-1497

Exploit
  • EPSS 0.5%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause...

7.5

CVE-2014-1505

Exploit
  • EPSS 0.54%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the S...

9.1

CVE-2014-1508

Exploit
  • EPSS 0.99%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of...

8.8

CVE-2014-1509

Exploit
  • EPSS 0.81%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a ...

9.8

CVE-2014-1510

Exploit
  • EPSS 77.56%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment t...

9.8

CVE-2014-1511

Exploit
  • EPSS 75.96%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors.

10

CVE-2014-1512

Exploit
  • EPSS 17.91%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by trigge...

9.3

CVE-2014-1513

Exploit
  • EPSS 2.03%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to exec...

9.8

CVE-2014-1514

Exploit
  • EPSS 4.17%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to ex...

4.3

CVE-2014-2018

  • EPSS 0.73%
  • Veröffentlicht 17.02.2014 22:55:05
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in Mozilla Thunderbird 17.x through 17.0.8, Thunderbird ESR 17.x through 17.0.10, and SeaMonkey before 2.20 allows user-assisted remote attackers to inject arbitrary web script or HTML via an e-mail message co...