Mozilla Firefox — свободный браузер на движке Gecko
Релизный цикл, информация об уязвимостях
График релизов
Количество 15 501
CVE-2009-0777
Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonk ...
CVE-2009-0776
nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect.
CVE-2009-0776
nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0. ...
CVE-2009-0775
Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection.
CVE-2009-0775
Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird ...
CVE-2009-0774
The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different vulnerability than CVE-2009-0773.
CVE-2009-0774
The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird ...
CVE-2009-0773
The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a splice of an array that contains "some non-set elements," which causes jsarray.cpp to pass an incorrect argument to the ResizeSlots function, which triggers memory corruption; (2) vectors related to js_DecompileValueGenerator, jsopcode.cpp, __defineSetter__, and watch, which triggers an assertion failure or a segmentation fault; and (3) vectors related to gczeal, __defineSetter__, and watch, which triggers a hang.
CVE-2009-0773
The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird bef ...
CVE-2009-0772
The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection, which triggers memory corruption.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
CVE-2009-0777 Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonk ... | CVSS2: 5.8 | 2% Низкий | почти 17 лет назад | |
CVE-2009-0776 nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect. | CVSS2: 7.1 | 1% Низкий | почти 17 лет назад | |
CVE-2009-0776 nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0. ... | CVSS2: 7.1 | 1% Низкий | почти 17 лет назад | |
CVE-2009-0775 Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection. | CVSS2: 10 | 7% Низкий | почти 17 лет назад | |
CVE-2009-0775 Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird ... | CVSS2: 10 | 7% Низкий | почти 17 лет назад | |
CVE-2009-0774 The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different vulnerability than CVE-2009-0773. | CVSS2: 9.3 | 7% Низкий | почти 17 лет назад | |
CVE-2009-0774 The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird ... | CVSS2: 9.3 | 7% Низкий | почти 17 лет назад | |
CVE-2009-0773 The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a splice of an array that contains "some non-set elements," which causes jsarray.cpp to pass an incorrect argument to the ResizeSlots function, which triggers memory corruption; (2) vectors related to js_DecompileValueGenerator, jsopcode.cpp, __defineSetter__, and watch, which triggers an assertion failure or a segmentation fault; and (3) vectors related to gczeal, __defineSetter__, and watch, which triggers a hang. | CVSS2: 10 | 9% Низкий | почти 17 лет назад | |
CVE-2009-0773 The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird bef ... | CVSS2: 10 | 9% Низкий | почти 17 лет назад | |
CVE-2009-0772 The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection, which triggers memory corruption. | CVSS2: 9.3 | 7% Низкий | почти 17 лет назад |
Уязвимостей на страницу