Mozilla

Thunderbird

1660 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2016-1523

  • EPSS 1.34%
  • Veröffentlicht 13.02.2016 02:59:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The SillMap::readFace function in FeatureMap.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, mishandles a return value, which allows remote attackers to cause a denial of service (mis...

9.3

CVE-2016-1522

Exploit
  • EPSS 2.42%
  • Veröffentlicht 13.02.2016 02:59:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Code.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not consider recursive load calls during a size check, which allows remote attackers to cause a denial of service (heap-based...

8.8

CVE-2016-1521

  • EPSS 0.85%
  • Veröffentlicht 13.02.2016 02:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary ...

10

CVE-2015-2740

  • EPSS 3.49%
  • Veröffentlicht 06.07.2015 02:01:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Buffer overflow in the nsXMLHttpRequest::AppendToResponseText function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 might allow remote attackers to cause a denial of service or have un...

10

CVE-2015-2738

  • EPSS 1.25%
  • Veröffentlicht 06.07.2015 02:01:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, wh...

10

CVE-2015-2739

  • EPSS 1.05%
  • Veröffentlicht 06.07.2015 02:01:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The ArrayBufferBuilder::append function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which has unspecified impact and attack vectors.

10

CVE-2015-2737

  • EPSS 1.25%
  • Veröffentlicht 06.07.2015 02:01:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecifi...

9.3

CVE-2015-2736

  • EPSS 1.19%
  • Veröffentlicht 06.07.2015 02:01:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The nsZipArchive::BuildFileList function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact ...

9.3

CVE-2015-2735

  • EPSS 1.19%
  • Veröffentlicht 06.07.2015 02:01:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

nsZipArchive.cpp in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archiv...

10

CVE-2015-2734

  • EPSS 1.25%
  • Veröffentlicht 06.07.2015 02:01:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, whic...