Mozilla Firefox — свободный браузер на движке Gecko

Релизный цикл, информация об уязвимостях

Продукт: Mozilla Firefox

Вендор: mozilla

График релизов

Недавние уязвимости Mozilla Firefox

Количество 15 501

CVE-2010-0162

почти 16 лет назад

Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMon ...

CVSS2: 4.3

EPSS: Низкий

CVE-2010-0160

почти 16 лет назад

The Web Worker functionality in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly handle array data types for posted messages, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.

CVSS2: 10

EPSS: Низкий

CVE-2010-0160

почти 16 лет назад

The Web Worker functionality in Mozilla Firefox 3.0.x before 3.0.18 an ...

CVSS2: 10

EPSS: Низкий

CVE-2010-0159

почти 16 лет назад

The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsBlockFrame::StealFrame function in layout/generic/nsBlockFrame.cpp, and unspecified other vectors.

CVSS2: 10

EPSS: Низкий

CVE-2010-0159

почти 16 лет назад

The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x be ...

CVSS2: 10

EPSS: Низкий

CVE-2009-3988

почти 16 лет назад

Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly restrict read access to object properties in showModalDialog, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via crafted dialogArguments values.

CVSS2: 5

EPSS: Низкий

CVE-2009-3988

почти 16 лет назад

Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMon ...

CVSS2: 5

EPSS: Низкий

CVE-2009-1571

почти 16 лет назад

Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to execute arbitrary code via unspecified method calls that attempt to access freed objects in low-memory situations.

CVSS2: 10

EPSS: Низкий

CVE-2009-1571

почти 16 лет назад

Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0 ...

CVSS2: 10

EPSS: Низкий

CVE-2009-1571

почти 16 лет назад

CVSS2: 10

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2010-0162 Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMon ...	CVSS2: 4.3	1% Низкий	почти 16 лет назад
CVE-2010-0160 The Web Worker functionality in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly handle array data types for posted messages, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.	CVSS2: 10	5% Низкий	почти 16 лет назад
CVE-2010-0160 The Web Worker functionality in Mozilla Firefox 3.0.x before 3.0.18 an ...	CVSS2: 10	5% Низкий	почти 16 лет назад
CVE-2010-0159 The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsBlockFrame::StealFrame function in layout/generic/nsBlockFrame.cpp, and unspecified other vectors.	CVSS2: 10	2% Низкий	почти 16 лет назад
CVE-2010-0159 The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x be ...	CVSS2: 10	2% Низкий	почти 16 лет назад
CVE-2009-3988 Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly restrict read access to object properties in showModalDialog, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via crafted dialogArguments values.	CVSS2: 5	0% Низкий	почти 16 лет назад
CVE-2009-3988 Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMon ...	CVSS2: 5	0% Низкий	почти 16 лет назад
CVE-2009-1571 Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to execute arbitrary code via unspecified method calls that attempt to access freed objects in low-memory situations.	CVSS2: 10	5% Низкий	почти 16 лет назад
CVE-2009-1571 Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0 ...	CVSS2: 10	5% Низкий	почти 16 лет назад
CVE-2009-1571 Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to execute arbitrary code via unspecified method calls that attempt to access freed objects in low-memory situations.	CVSS2: 10	5% Низкий	почти 16 лет назад

Уязвимостей на страницу