Mozilla Firefox — свободный браузер на движке Gecko
Релизный цикл, информация об уязвимостях
График релизов
Количество 14 600
CVE-2005-1532
Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly limit privileges of Javascript eval and Script objects in the calling context, which allows remote attackers to conduct unauthorized activities via "non-DOM property overrides," a variant of CVE-2005-1160.
CVE-2005-1575
The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows allows remote attackers to hide the real file types of downloaded files via the Content-Type HTTP header and a filename containing whitespace, dots, or ASCII byte 160.
CVE-2005-1575
The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows ...
CVE-2005-1576
The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows uses the Content-Type HTTP header to determine the file type, but saves the original file extension when "Save to Disk" is selected, which allows remote attackers to hide the real file types of downloaded files.
CVE-2005-1532
Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly limit privileges of Javascript eval and Script objects in the calling context, which allows remote attackers to conduct unauthorized activities via "non-DOM property overrides," a variant of CVE-2005-1160.
CVE-2005-1531
Firefox before 1.0.4 and Mozilla Suite before 1.7.8 does not properly implement certain security checks for script injection, which allows remote attackers to execute script via "Wrapped" javascript: URLs, as demonstrated using (1) a javascript: URL in a view-source: URL, (2) a javascript: URL in a jar: URL, or (3) "a nested variant."
CVE-2005-1576
The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows ...
CVE-2005-1532
Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly li ...
CVE-2005-1531
Firefox before 1.0.4 and Mozilla Suite before 1.7.8 does not properly ...
CVE-2005-1531
Firefox before 1.0.4 and Mozilla Suite before 1.7.8 does not properly implement certain security checks for script injection, which allows remote attackers to execute script via "Wrapped" javascript: URLs, as demonstrated using (1) a javascript: URL in a view-source: URL, (2) a javascript: URL in a jar: URL, or (3) "a nested variant."
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2005-1532 Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly limit privileges of Javascript eval and Script objects in the calling context, which allows remote attackers to conduct unauthorized activities via "non-DOM property overrides," a variant of CVE-2005-1160. | 17% Средний | около 20 лет назад | |
 | CVE-2005-1575 The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows allows remote attackers to hide the real file types of downloaded files via the Content-Type HTTP header and a filename containing whitespace, dots, or ASCII byte 160. | CVSS2: 5 | 0% Низкий | около 20 лет назад |
| CVE-2005-1575 The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows ... | CVSS2: 5 | 0% Низкий | около 20 лет назад |
| CVE-2005-1576 The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows uses the Content-Type HTTP header to determine the file type, but saves the original file extension when "Save to Disk" is selected, which allows remote attackers to hide the real file types of downloaded files. | CVSS2: 2.6 | 0% Низкий | около 20 лет назад |
| CVE-2005-1532 Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly limit privileges of Javascript eval and Script objects in the calling context, which allows remote attackers to conduct unauthorized activities via "non-DOM property overrides," a variant of CVE-2005-1160. | CVSS2: 7.5 | 17% Средний | около 20 лет назад |
| CVE-2005-1531 Firefox before 1.0.4 and Mozilla Suite before 1.7.8 does not properly implement certain security checks for script injection, which allows remote attackers to execute script via "Wrapped" javascript: URLs, as demonstrated using (1) a javascript: URL in a view-source: URL, (2) a javascript: URL in a jar: URL, or (3) "a nested variant." | CVSS2: 7.5 | 2% Низкий | около 20 лет назад |
| CVE-2005-1576 The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows ... | CVSS2: 2.6 | 0% Низкий | около 20 лет назад |
| CVE-2005-1532 Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly li ... | CVSS2: 7.5 | 17% Средний | около 20 лет назад |
| CVE-2005-1531 Firefox before 1.0.4 and Mozilla Suite before 1.7.8 does not properly ... | CVSS2: 7.5 | 2% Низкий | около 20 лет назад |
 | CVE-2005-1531 Firefox before 1.0.4 and Mozilla Suite before 1.7.8 does not properly implement certain security checks for script injection, which allows remote attackers to execute script via "Wrapped" javascript: URLs, as demonstrated using (1) a javascript: URL in a view-source: URL, (2) a javascript: URL in a jar: URL, or (3) "a nested variant." | CVSS2: 7.5 | 2% Низкий | около 20 лет назад |
Уязвимостей на страницу