- EPSS 2.41%
- Veröffentlicht 18.07.2012 10:26:48
- Zuletzt bearbeitet 16.06.2026 23:40:40
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not consider the presence of same-compartment security wrappers (SCSW) during the cross-c...
- EPSS 2.95%
- Veröffentlicht 05.06.2012 23:55:01
- Zuletzt bearbeitet 16.06.2026 23:37:16
The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey b...
CVE-2012-1937
- EPSS 4.74%
- Veröffentlicht 05.06.2012 23:55:01
- Zuletzt bearbeitet 16.06.2026 23:40:36
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow remote attackers to caus...
CVE-2012-1939
- EPSS 3.16%
- Veröffentlicht 05.06.2012 23:55:01
- Zuletzt bearbeitet 16.06.2026 23:40:36
jsinfer.cpp in Mozilla Firefox ESR 10.x before 10.0.5 and Thunderbird ESR 10.x before 10.0.5 does not properly determine data types, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly exec...
CVE-2012-1940
- EPSS 4.53%
- Veröffentlicht 05.06.2012 23:55:01
- Zuletzt bearbeitet 16.06.2026 23:40:36
Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attack...
CVE-2012-1941
- EPSS 4.85%
- Veröffentlicht 05.06.2012 23:55:01
- Zuletzt bearbeitet 16.06.2026 23:40:36
Heap-based buffer overflow in the nsHTMLReflowState::CalculateHypotheticalBox function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 al...
CVE-2012-1944
- EPSS 1.85%
- Veröffentlicht 05.06.2012 23:55:01
- Zuletzt bearbeitet 16.06.2026 23:40:37
The Content Security Policy (CSP) implementation in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 does not block inline event handlers, wh...
CVE-2012-1945
- EPSS 0.46%
- Veröffentlicht 05.06.2012 23:55:01
- Zuletzt bearbeitet 16.06.2026 23:40:37
Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow local users to obtain sensitive information via an HTML document that loads a shortcut...
CVE-2012-1946
- EPSS 4.45%
- Veröffentlicht 05.06.2012 23:55:01
- Zuletzt bearbeitet 16.06.2026 23:40:37
Use-after-free vulnerability in the nsINode::ReplaceOrInsertBefore function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 might allow r...
CVE-2012-1947
- EPSS 4.67%
- Veröffentlicht 05.06.2012 23:55:01
- Zuletzt bearbeitet 16.06.2026 23:40:37
Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to ...