Mozilla Firefox — свободный браузер на движке Gecko
Релизный цикл, информация об уязвимостях
График релизов
Количество 14 888
CVE-2007-5338
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote ...
CVE-2007-5334
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 can hide the window's titlebar when displaying XUL markup language documents, which makes it easier for remote attackers to conduct phishing and spoofing attacks by setting the hidechrome attribute.
CVE-2007-5338
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote attackers to execute arbitrary Javascript with user privileges by using the Script object to modify XPCNativeWrappers in a way that causes the script to be executed when a chrome action is performed.
CVE-2007-5337
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the target server, in which the web page contains URIs with (1) smb: or (2) sftp: schemes that access other files from the server.
CVE-2007-5340
Multiple vulnerabilities in the Javascript engine in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption.
CVE-2007-5339
Multiple vulnerabilities in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption or assert errors.
CVE-2007-5340
Multiple vulnerabilities in the Javascript engine in Mozilla Firefox b ...
CVE-2007-5339
Multiple vulnerabilities in Mozilla Firefox before 2.0.0.8, Thunderbir ...
CVE-2007-5339
Multiple vulnerabilities in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption or assert errors.
CVE-2007-5340
Multiple vulnerabilities in the Javascript engine in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2007-5338 Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote ... | CVSS2: 9.3 | 3% Низкий | почти 18 лет назад |
 | CVE-2007-5334 Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 can hide the window's titlebar when displaying XUL markup language documents, which makes it easier for remote attackers to conduct phishing and spoofing attacks by setting the hidechrome attribute. | CVSS2: 4.3 | 12% Средний | почти 18 лет назад |
| CVE-2007-5338 Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote attackers to execute arbitrary Javascript with user privileges by using the Script object to modify XPCNativeWrappers in a way that causes the script to be executed when a chrome action is performed. | CVSS2: 9.3 | 3% Низкий | почти 18 лет назад |
| CVE-2007-5337 Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the target server, in which the web page contains URIs with (1) smb: or (2) sftp: schemes that access other files from the server. | CVSS2: 4.3 | 1% Низкий | почти 18 лет назад |
 | CVE-2007-5340 Multiple vulnerabilities in the Javascript engine in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption. | CVSS2: 4.3 | 15% Средний | почти 18 лет назад |
| CVE-2007-5339 Multiple vulnerabilities in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption or assert errors. | CVSS2: 4.3 | 20% Средний | почти 18 лет назад |
| CVE-2007-5340 Multiple vulnerabilities in the Javascript engine in Mozilla Firefox b ... | CVSS2: 4.3 | 15% Средний | почти 18 лет назад |
| CVE-2007-5339 Multiple vulnerabilities in Mozilla Firefox before 2.0.0.8, Thunderbir ... | CVSS2: 4.3 | 20% Средний | почти 18 лет назад |
| CVE-2007-5339 Multiple vulnerabilities in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption or assert errors. | CVSS2: 4.3 | 20% Средний | почти 18 лет назад |
| CVE-2007-5340 Multiple vulnerabilities in the Javascript engine in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption. | CVSS2: 4.3 | 15% Средний | почти 18 лет назад |
Уязвимостей на страницу