Mozilla Firefox — свободный браузер на движке Gecko
Релизный цикл, информация об уязвимостях
График релизов
Количество 14 857
CVE-2007-0008
Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via a crafted SSLv2 server message containing a public key that is too short to encrypt the "Master Secret", which results in a heap-based overflow.
CVE-2007-0009
Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via invalid "Client Master Key" length values.
CVE-2007-0009
Stack-based buffer overflow in the SSLv2 support in Mozilla Network Se ...
CVE-2007-0008
Integer underflow in the SSLv2 support in Mozilla Network Security Ser ...
CVE-2007-0780
browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0 ...
CVE-2007-0779
GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and ...
CVE-2007-0778
The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x befo ...
CVE-2007-0009
Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via invalid "Client Master Key" length values.
CVE-2007-0008
Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via a crafted SSLv2 server message containing a public key that is too short to encrypt the "Master Secret", which results in a heap-based overflow.
CVE-2007-0779
GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom cursor.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2007-0008 Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via a crafted SSLv2 server message containing a public key that is too short to encrypt the "Master Secret", which results in a heap-based overflow. | CVSS2: 6.8 | 17% Средний | больше 18 лет назад |
| CVE-2007-0009 Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via invalid "Client Master Key" length values. | CVSS2: 6.8 | 49% Средний | больше 18 лет назад |
| CVE-2007-0009 Stack-based buffer overflow in the SSLv2 support in Mozilla Network Se ... | CVSS2: 6.8 | 49% Средний | больше 18 лет назад |
| CVE-2007-0008 Integer underflow in the SSLv2 support in Mozilla Network Security Ser ... | CVSS2: 6.8 | 17% Средний | больше 18 лет назад |
| CVE-2007-0780 browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0 ... | CVSS2: 6.8 | 2% Низкий | больше 18 лет назад |
| CVE-2007-0779 GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and ... | CVSS2: 6.4 | 3% Низкий | больше 18 лет назад |
| CVE-2007-0778 The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x befo ... | CVSS2: 5.4 | 1% Низкий | больше 18 лет назад |
 | CVE-2007-0009 Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via invalid "Client Master Key" length values. | CVSS2: 6.8 | 49% Средний | больше 18 лет назад |
| CVE-2007-0008 Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via a crafted SSLv2 server message containing a public key that is too short to encrypt the "Master Secret", which results in a heap-based overflow. | CVSS2: 6.8 | 17% Средний | больше 18 лет назад |
| CVE-2007-0779 GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom cursor. | CVSS2: 6.4 | 3% Низкий | больше 18 лет назад |
Уязвимостей на страницу