Mozilla Firefox — свободный браузер на движке Gecko
Релизный цикл, информация об уязвимостях
График релизов
Количество 14 599
CVE-2004-2225
Mozilla Firefox before 0.10.1 allows remote attackers to delete arbitrary files in the download directory via a crafted data: URI that is not properly handled when the user clicks the Save button.
CVE-2004-1753
The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, and Firefox 0.9.3 on MacOS X 10.3.5, when tabbed browsing is enabled, does not properly handle SetWindow(NULL) calls, which allows Java applets from one tab to draw to other tabs and facilitates phishing attacks that spoof tabs.
CVE-2004-2227
Mozilla Firefox before 1.0 truncates long filenames in the file downlo ...
CVE-2004-2228
Mozilla Firefox before 1.0 is installed with world-writable permission ...
CVE-2004-0904
Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox befor ...
CVE-2004-1200
Firefox and Mozilla allow remote attackers to cause a denial of servic ...
CVE-2004-1156
Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote attacker ...
CVE-2004-2225
Mozilla Firefox before 0.10.1 allows remote attackers to delete arbitr ...
CVE-2004-2657
Mozilla Firefox 1.5.0.1, and possibly other versions, preserves some r ...
CVE-2004-1156
Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2004-2225 Mozilla Firefox before 0.10.1 allows remote attackers to delete arbitrary files in the download directory via a crafted data: URI that is not properly handled when the user clicks the Save button. | CVSS2: 5 | 1% Низкий | больше 20 лет назад |
| CVE-2004-1753 The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, and Firefox 0.9.3 on MacOS X 10.3.5, when tabbed browsing is enabled, does not properly handle SetWindow(NULL) calls, which allows Java applets from one tab to draw to other tabs and facilitates phishing attacks that spoof tabs. | CVSS2: 2.6 | 1% Низкий | больше 20 лет назад |
| CVE-2004-2227 Mozilla Firefox before 1.0 truncates long filenames in the file downlo ... | CVSS2: 5 | 1% Низкий | больше 20 лет назад |
| CVE-2004-2228 Mozilla Firefox before 1.0 is installed with world-writable permission ... | CVSS2: 7.2 | 0% Низкий | больше 20 лет назад |
| CVE-2004-0904 Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox befor ... | CVSS2: 10 | 21% Средний | больше 20 лет назад |
| CVE-2004-1200 Firefox and Mozilla allow remote attackers to cause a denial of servic ... | CVSS2: 5 | 1% Низкий | больше 20 лет назад |
| CVE-2004-1156 Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote attacker ... | CVSS2: 4.3 | 1% Низкий | больше 20 лет назад |
| CVE-2004-2225 Mozilla Firefox before 0.10.1 allows remote attackers to delete arbitr ... | CVSS2: 5 | 1% Низкий | больше 20 лет назад |
| CVE-2004-2657 Mozilla Firefox 1.5.0.1, and possibly other versions, preserves some r ... | CVSS2: 1.7 | 0% Низкий | больше 20 лет назад |
 | CVE-2004-1156 Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability. | CVSS2: 4.3 | 1% Низкий | больше 20 лет назад |
Уязвимостей на страницу