Mozilla Firefox — свободный браузер на движке Gecko
Релизный цикл, информация об уязвимостях
График релизов
Количество 14 793
CVE-2006-3803
Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage collector to delete a temporary variable while it is still being used during the creation of a new Function object.
CVE-2006-3806
Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments."
CVE-2006-3803
Race condition in the JavaScript garbage collection in Mozilla Firefox ...
CVE-2006-3806
Multiple integer overflows in the Javascript engine in Mozilla Firefox ...
CVE-2006-3807
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMon ...
CVE-2006-3677
Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows r ...
CVE-2006-3806
Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments."
CVE-2006-3803
Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage collector to delete a temporary variable while it is still being used during the creation of a new Function object.
CVE-2006-3677
Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a crash that leads to code execution.
CVE-2006-3807
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object() constructor to return a reference to a privileged object and calling "named JavaScript functions" that use the constructor.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2006-3803 Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage collector to delete a temporary variable while it is still being used during the creation of a new Function object. | CVSS2: 5.1 | 23% Средний | около 19 лет назад |
| CVE-2006-3806 Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments." | CVSS2: 7.5 | 30% Средний | около 19 лет назад |
| CVE-2006-3803 Race condition in the JavaScript garbage collection in Mozilla Firefox ... | CVSS2: 5.1 | 23% Средний | около 19 лет назад |
| CVE-2006-3806 Multiple integer overflows in the Javascript engine in Mozilla Firefox ... | CVSS2: 7.5 | 30% Средний | около 19 лет назад |
| CVE-2006-3807 Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMon ... | CVSS2: 7.5 | 27% Средний | около 19 лет назад |
| CVE-2006-3677 Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows r ... | CVSS2: 7.5 | 81% Высокий | около 19 лет назад |
 | CVE-2006-3806 Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments." | CVSS2: 7.5 | 30% Средний | около 19 лет назад |
| CVE-2006-3803 Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage collector to delete a temporary variable while it is still being used during the creation of a new Function object. | CVSS2: 5.1 | 23% Средний | около 19 лет назад |
| CVE-2006-3677 Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a crash that leads to code execution. | CVSS2: 7.5 | 81% Высокий | около 19 лет назад |
| CVE-2006-3807 Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object() constructor to return a reference to a privileged object and calling "named JavaScript functions" that use the constructor. | CVSS2: 7.5 | 27% Средний | около 19 лет назад |
Уязвимостей на страницу