Mozilla Firefox — свободный браузер на движке Gecko

Релизный цикл, информация об уязвимостях

Продукт: Mozilla Firefox

Вендор: mozilla

График релизов

Недавние уязвимости Mozilla Firefox

Количество 15 501

CVE-2008-5503

около 17 лет назад

The loadBindingDocument function in Mozilla Firefox 2.x before 2.0.0.1 ...

CVSS2: 2.6

EPSS: Низкий

CVE-2008-5502

около 17 лет назад

The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) via vectors that trigger memory corruption, related to the GetXMLEntity and FastAppendChar functions.

CVSS2: 5

EPSS: Низкий

CVE-2008-5502

около 17 лет назад

The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x ...

CVSS2: 5

EPSS: Низкий

CVE-2008-5501

около 17 лет назад

The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service via vectors that trigger an assertion failure.

CVSS2: 5

EPSS: Низкий

CVE-2008-5501

около 17 лет назад

The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x ...

CVSS2: 5

EPSS: Низкий

CVE-2008-5500

около 17 лет назад

The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to (1) a reachable assertion or (2) an integer overflow.

CVSS2: 10

EPSS: Низкий

CVE-2008-5500

около 17 лет назад

The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2 ...

CVSS2: 10

EPSS: Низкий

CVE-2008-5502

около 17 лет назад

CVSS2: 5

EPSS: Низкий

CVE-2008-5510

около 17 лет назад

The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 ignores the '\0' escaped null character, which might allow remote attackers to bypass protection mechanisms such as sanitization routines.

CVSS2: 5

EPSS: Низкий

CVE-2008-5506

около 17 лет назад

Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy by causing the browser to issue an XMLHttpRequest to an attacker-controlled resource that uses a 302 redirect to a resource in a different domain, then reading content from the response, aka "response disclosure."

CVSS2: 6.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2008-5503 The loadBindingDocument function in Mozilla Firefox 2.x before 2.0.0.1 ...	CVSS2: 2.6	1% Низкий	около 17 лет назад
CVE-2008-5502 The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) via vectors that trigger memory corruption, related to the GetXMLEntity and FastAppendChar functions.	CVSS2: 5	4% Низкий	около 17 лет назад
CVE-2008-5502 The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x ...	CVSS2: 5	4% Низкий	около 17 лет назад
CVE-2008-5501 The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service via vectors that trigger an assertion failure.	CVSS2: 5	5% Низкий	около 17 лет назад
CVE-2008-5501 The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x ...	CVSS2: 5	5% Низкий	около 17 лет назад
CVE-2008-5500 The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to (1) a reachable assertion or (2) an integer overflow.	CVSS2: 10	4% Низкий	около 17 лет назад
CVE-2008-5500 The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2 ...	CVSS2: 10	4% Низкий	около 17 лет назад
CVE-2008-5502 The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) via vectors that trigger memory corruption, related to the GetXMLEntity and FastAppendChar functions.	CVSS2: 5	4% Низкий	около 17 лет назад
CVE-2008-5510 The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 ignores the '\0' escaped null character, which might allow remote attackers to bypass protection mechanisms such as sanitization routines.	CVSS2: 5	1% Низкий	около 17 лет назад
CVE-2008-5506 Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy by causing the browser to issue an XMLHttpRequest to an attacker-controlled resource that uses a 302 redirect to a resource in a different domain, then reading content from the response, aka "response disclosure."	CVSS2: 6.8	1% Низкий	около 17 лет назад

Уязвимостей на страницу