Mozilla Firefox — свободный браузер на движке Gecko

Релизный цикл, информация об уязвимостях

Продукт: Mozilla Firefox

Вендор: mozilla

График релизов

Недавние уязвимости Mozilla Firefox

Количество 15 220

CVE-2010-0177

больше 15 лет назад

Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3. ...

CVSS2: 9.3

EPSS: Низкий

CVE-2010-0176

больше 15 лет назад

Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 do not properly manage reference counts for option elements in a XUL tree optgroup, which might allow remote attackers to execute arbitrary code via unspecified vectors that trigger access to deleted elements, related to a "dangling pointer vulnerability."

CVSS2: 9.3

EPSS: Низкий

CVE-2010-0176

больше 15 лет назад

Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3. ...

CVSS2: 9.3

EPSS: Низкий

CVE-2010-0175

больше 15 лет назад

Use-after-free vulnerability in the nsTreeSelection implementation in Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.9, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors that trigger a call to the handler for the select event for XUL tree items.

CVSS2: 9.3

EPSS: Низкий

CVE-2010-0175

больше 15 лет назад

Use-after-free vulnerability in the nsTreeSelection implementation in ...

CVSS2: 9.3

EPSS: Низкий

CVE-2010-0174

больше 15 лет назад

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS2: 10

EPSS: Низкий

CVE-2010-0174

больше 15 лет назад

Multiple unspecified vulnerabilities in the browser engine in Mozilla ...

CVSS2: 10

EPSS: Низкий

CVE-2010-0173

больше 15 лет назад

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS2: 9.3

EPSS: Низкий

CVE-2010-0173

больше 15 лет назад

Multiple unspecified vulnerabilities in the browser engine in Mozilla ...

CVSS2: 9.3

EPSS: Низкий

CVE-2010-0182

больше 15 лет назад

The XMLDocument::load function in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 does not perform the expected nsIContentPolicy checks during loading of content by XML documents, which allows attackers to bypass intended access restrictions via crafted content.

CVSS2: 4.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2010-0177 Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3. ...	CVSS2: 9.3	7% Низкий	больше 15 лет назад
CVE-2010-0176 Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 do not properly manage reference counts for option elements in a XUL tree optgroup, which might allow remote attackers to execute arbitrary code via unspecified vectors that trigger access to deleted elements, related to a "dangling pointer vulnerability."	CVSS2: 9.3	10% Низкий	больше 15 лет назад
CVE-2010-0176 Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3. ...	CVSS2: 9.3	10% Низкий	больше 15 лет назад
CVE-2010-0175 Use-after-free vulnerability in the nsTreeSelection implementation in Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.9, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors that trigger a call to the handler for the select event for XUL tree items.	CVSS2: 9.3	7% Низкий	больше 15 лет назад
CVE-2010-0175 Use-after-free vulnerability in the nsTreeSelection implementation in ...	CVSS2: 9.3	7% Низкий	больше 15 лет назад
CVE-2010-0174 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.	CVSS2: 10	4% Низкий	больше 15 лет назад
CVE-2010-0174 Multiple unspecified vulnerabilities in the browser engine in Mozilla ...	CVSS2: 10	4% Низкий	больше 15 лет назад
CVE-2010-0173 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.	CVSS2: 9.3	8% Низкий	больше 15 лет назад
CVE-2010-0173 Multiple unspecified vulnerabilities in the browser engine in Mozilla ...	CVSS2: 9.3	8% Низкий	больше 15 лет назад
CVE-2010-0182 The XMLDocument::load function in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 does not perform the expected nsIContentPolicy checks during loading of content by XML documents, which allows attackers to bypass intended access restrictions via crafted content.	CVSS2: 4.3	1% Низкий	больше 15 лет назад

Уязвимостей на страницу