Mozilla Firefox — свободный браузер на движке Gecko
Релизный цикл, информация об уязвимостях
График релизов
Количество 15 425
CVE-2007-5335
Mozilla Firefox 2.0 before 2.0.0.8 allows remote attackers to obtain s ...
CVE-2007-5335
Mozilla Firefox 2.0 before 2.0.0.8 allows remote attackers to obtain sensitive system information by using the addMicrosummaryGenerator sidebar method to access file: URIs.
CVE-2007-5338
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote attackers to execute arbitrary Javascript with user privileges by using the Script object to modify XPCNativeWrappers in a way that causes the script to be executed when a chrome action is performed.
CVE-2007-5334
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 can hide the window's titlebar when displaying XUL markup language documents, which makes it easier for remote attackers to conduct phishing and spoofing attacks by setting the hidechrome attribute.
CVE-2007-5337
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the target server, in which the web page contains URIs with (1) smb: or (2) sftp: schemes that access other files from the server.
CVE-2007-5338
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote ...
CVE-2007-5337
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when runnin ...
CVE-2007-5334
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 can hide the ...
CVE-2007-5337
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the target server, in which the web page contains URIs with (1) smb: or (2) sftp: schemes that access other files from the server.
CVE-2007-5338
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote attackers to execute arbitrary Javascript with user privileges by using the Script object to modify XPCNativeWrappers in a way that causes the script to be executed when a chrome action is performed.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2007-5335 Mozilla Firefox 2.0 before 2.0.0.8 allows remote attackers to obtain s ... | CVSS2: 4.3 | 1% Низкий | больше 18 лет назад |
 | CVE-2007-5335 Mozilla Firefox 2.0 before 2.0.0.8 allows remote attackers to obtain sensitive system information by using the addMicrosummaryGenerator sidebar method to access file: URIs. | CVSS2: 4.3 | 1% Низкий | больше 18 лет назад |
 | CVE-2007-5338 Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote attackers to execute arbitrary Javascript with user privileges by using the Script object to modify XPCNativeWrappers in a way that causes the script to be executed when a chrome action is performed. | CVSS2: 9.3 | 5% Низкий | больше 18 лет назад |
| CVE-2007-5334 Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 can hide the window's titlebar when displaying XUL markup language documents, which makes it easier for remote attackers to conduct phishing and spoofing attacks by setting the hidechrome attribute. | CVSS2: 4.3 | 15% Средний | больше 18 лет назад |
| CVE-2007-5337 Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the target server, in which the web page contains URIs with (1) smb: or (2) sftp: schemes that access other files from the server. | CVSS2: 4.3 | 2% Низкий | больше 18 лет назад |
| CVE-2007-5338 Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote ... | CVSS2: 9.3 | 5% Низкий | больше 18 лет назад |
| CVE-2007-5337 Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when runnin ... | CVSS2: 4.3 | 2% Низкий | больше 18 лет назад |
| CVE-2007-5334 Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 can hide the ... | CVSS2: 4.3 | 15% Средний | больше 18 лет назад |
| CVE-2007-5337 Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the target server, in which the web page contains URIs with (1) smb: or (2) sftp: schemes that access other files from the server. | CVSS2: 4.3 | 2% Низкий | больше 18 лет назад |
| CVE-2007-5338 Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote attackers to execute arbitrary Javascript with user privileges by using the Script object to modify XPCNativeWrappers in a way that causes the script to be executed when a chrome action is performed. | CVSS2: 9.3 | 5% Низкий | больше 18 лет назад |
Уязвимостей на страницу