Mozilla Firefox — свободный браузер на движке Gecko
Релизный цикл, информация об уязвимостях
График релизов
Количество 15 151
CVE-2007-5337
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the target server, in which the web page contains URIs with (1) smb: or (2) sftp: schemes that access other files from the server.
CVE-2007-5334
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 can hide the ...
CVE-2007-5337
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when runnin ...
CVE-2007-5338
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote ...
CVE-2007-5338
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote attackers to execute arbitrary Javascript with user privileges by using the Script object to modify XPCNativeWrappers in a way that causes the script to be executed when a chrome action is performed.
CVE-2007-5334
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 can hide the window's titlebar when displaying XUL markup language documents, which makes it easier for remote attackers to conduct phishing and spoofing attacks by setting the hidechrome attribute.
CVE-2007-5337
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the target server, in which the web page contains URIs with (1) smb: or (2) sftp: schemes that access other files from the server.
CVE-2007-5340
Multiple vulnerabilities in the Javascript engine in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption.
CVE-2007-5339
Multiple vulnerabilities in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption or assert errors.
CVE-2007-5339
Multiple vulnerabilities in Mozilla Firefox before 2.0.0.8, Thunderbir ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2007-5337 Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the target server, in which the web page contains URIs with (1) smb: or (2) sftp: schemes that access other files from the server. | CVSS2: 4.3 | 1% Низкий | около 18 лет назад |
| CVE-2007-5334 Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 can hide the ... | CVSS2: 4.3 | 12% Средний | около 18 лет назад |
| CVE-2007-5337 Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when runnin ... | CVSS2: 4.3 | 1% Низкий | около 18 лет назад |
| CVE-2007-5338 Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote ... | CVSS2: 9.3 | 3% Низкий | около 18 лет назад |
 | CVE-2007-5338 Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote attackers to execute arbitrary Javascript with user privileges by using the Script object to modify XPCNativeWrappers in a way that causes the script to be executed when a chrome action is performed. | CVSS2: 9.3 | 3% Низкий | около 18 лет назад |
| CVE-2007-5334 Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 can hide the window's titlebar when displaying XUL markup language documents, which makes it easier for remote attackers to conduct phishing and spoofing attacks by setting the hidechrome attribute. | CVSS2: 4.3 | 12% Средний | около 18 лет назад |
| CVE-2007-5337 Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the target server, in which the web page contains URIs with (1) smb: or (2) sftp: schemes that access other files from the server. | CVSS2: 4.3 | 1% Низкий | около 18 лет назад |
| CVE-2007-5340 Multiple vulnerabilities in the Javascript engine in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption. | CVSS2: 4.3 | 15% Средний | около 18 лет назад |
| CVE-2007-5339 Multiple vulnerabilities in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption or assert errors. | CVSS2: 4.3 | 20% Средний | около 18 лет назад |
| CVE-2007-5339 Multiple vulnerabilities in Mozilla Firefox before 2.0.0.8, Thunderbir ... | CVSS2: 4.3 | 20% Средний | около 18 лет назад |
Уязвимостей на страницу