Mozilla Firefox — свободный браузер на движке Gecko
Релизный цикл, информация об уязвимостях
График релизов
Количество 15 501
CVE-2010-3181
Untrusted search path vulnerability in Mozilla Firefox before 3.5.14 a ...
CVE-2010-3180
Use-after-free vulnerability in the nsBarProp function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code by accessing the locationbar property of a closed window.
CVE-2010-3180
Use-after-free vulnerability in the nsBarProp function in Mozilla Fire ...
CVE-2010-3179
Stack-based buffer overflow in the text-rendering functionality in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a long argument to the document.write method.
CVE-2010-3179
Stack-based buffer overflow in the text-rendering functionality in Moz ...
CVE-2010-3178
Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 do not properly handle certain modal calls made by javascript: URLs in circumstances related to opening a new window and performing cross-domain navigation, which allows remote attackers to bypass the Same Origin Policy via a crafted HTML document.
CVE-2010-3178
Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird bef ...
CVE-2010-3177
Multiple cross-site scripting (XSS) vulnerabilities in the Gopher parser in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, and SeaMonkey before 2.0.9, allow remote attackers to inject arbitrary web script or HTML via a crafted name of a (1) file or (2) directory on a Gopher server.
CVE-2010-3177
Multiple cross-site scripting (XSS) vulnerabilities in the Gopher pars ...
CVE-2010-3176
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2010-3181 Untrusted search path vulnerability in Mozilla Firefox before 3.5.14 a ... | CVSS2: 6.9 | 0% Низкий | больше 15 лет назад |
 | CVE-2010-3180 Use-after-free vulnerability in the nsBarProp function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code by accessing the locationbar property of a closed window. | CVSS2: 9.3 | 5% Низкий | больше 15 лет назад |
| CVE-2010-3180 Use-after-free vulnerability in the nsBarProp function in Mozilla Fire ... | CVSS2: 9.3 | 5% Низкий | больше 15 лет назад |
| CVE-2010-3179 Stack-based buffer overflow in the text-rendering functionality in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a long argument to the document.write method. | CVSS2: 9.3 | 27% Средний | больше 15 лет назад |
| CVE-2010-3179 Stack-based buffer overflow in the text-rendering functionality in Moz ... | CVSS2: 9.3 | 27% Средний | больше 15 лет назад |
| CVE-2010-3178 Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 do not properly handle certain modal calls made by javascript: URLs in circumstances related to opening a new window and performing cross-domain navigation, which allows remote attackers to bypass the Same Origin Policy via a crafted HTML document. | CVSS2: 5.8 | 1% Низкий | больше 15 лет назад |
| CVE-2010-3178 Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird bef ... | CVSS2: 5.8 | 1% Низкий | больше 15 лет назад |
| CVE-2010-3177 Multiple cross-site scripting (XSS) vulnerabilities in the Gopher parser in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, and SeaMonkey before 2.0.9, allow remote attackers to inject arbitrary web script or HTML via a crafted name of a (1) file or (2) directory on a Gopher server. | CVSS2: 4.3 | 1% Низкий | больше 15 лет назад |
| CVE-2010-3177 Multiple cross-site scripting (XSS) vulnerabilities in the Gopher pars ... | CVSS2: 4.3 | 1% Низкий | больше 15 лет назад |
| CVE-2010-3176 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | CVSS2: 9.3 | 4% Низкий | больше 15 лет назад |
Уязвимостей на страницу