CVE-2009-2472
- EPSS 0.7%
- Veröffentlicht 22.07.2009 18:30:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted document, re...
CVE-2009-1186
- EPSS 0.09%
- Veröffentlicht 17.04.2009 14:30:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments.
CVE-2009-1185
- EPSS 89.27%
- Veröffentlicht 17.04.2009 14:30:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.
CVE-2008-5021
- EPSS 25.26%
- Veröffentlicht 13.11.2008 11:30:01
- Zuletzt bearbeitet 09.04.2025 00:30:58
nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying pr...