Mozilla Firefox — свободный браузер на движке Gecko

Релизный цикл, информация об уязвимостях

Продукт: Mozilla Firefox

Вендор: mozilla

График релизов

Недавние уязвимости Mozilla Firefox

Количество 15 151

CVE-2006-3807

больше 19 лет назад

Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMon ...

CVSS2: 7.5

EPSS: Средний

CVE-2006-3806

больше 19 лет назад

Multiple integer overflows in the Javascript engine in Mozilla Firefox ...

CVSS2: 7.5

EPSS: Средний

CVE-2006-3803

больше 19 лет назад

Race condition in the JavaScript garbage collection in Mozilla Firefox ...

CVSS2: 5.1

EPSS: Средний

CVE-2006-3677

больше 19 лет назад

Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows r ...

CVSS2: 7.5

EPSS: Высокий

CVE-2006-3807

больше 19 лет назад

Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object() constructor to return a reference to a privileged object and calling "named JavaScript functions" that use the constructor.

CVSS2: 7.5

EPSS: Средний

CVE-2006-3803

больше 19 лет назад

Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage collector to delete a temporary variable while it is still being used during the creation of a new Function object.

CVSS2: 5.1

EPSS: Средний

CVE-2006-3677

больше 19 лет назад

Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a crash that leads to code execution.

CVSS2: 7.5

EPSS: Высокий

CVE-2006-3806

больше 19 лет назад

Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments."

CVSS2: 7.5

EPSS: Средний

CVE-2006-3805

больше 19 лет назад

The Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving garbage collection that causes deletion of a temporary object that is still being used.

EPSS: Средний

CVE-2006-3803

больше 19 лет назад

EPSS: Средний

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2006-3807 Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMon ...	CVSS2: 7.5	27% Средний	больше 19 лет назад
CVE-2006-3806 Multiple integer overflows in the Javascript engine in Mozilla Firefox ...	CVSS2: 7.5	30% Средний	больше 19 лет назад
CVE-2006-3803 Race condition in the JavaScript garbage collection in Mozilla Firefox ...	CVSS2: 5.1	23% Средний	больше 19 лет назад
CVE-2006-3677 Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows r ...	CVSS2: 7.5	81% Высокий	больше 19 лет назад
CVE-2006-3807 Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object() constructor to return a reference to a privileged object and calling "named JavaScript functions" that use the constructor.	CVSS2: 7.5	27% Средний	больше 19 лет назад
CVE-2006-3803 Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage collector to delete a temporary variable while it is still being used during the creation of a new Function object.	CVSS2: 5.1	23% Средний	больше 19 лет назад
CVE-2006-3677 Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a crash that leads to code execution.	CVSS2: 7.5	81% Высокий	больше 19 лет назад
CVE-2006-3806 Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments."	CVSS2: 7.5	30% Средний	больше 19 лет назад
CVE-2006-3805 The Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving garbage collection that causes deletion of a temporary object that is still being used.		23% Средний	больше 19 лет назад
CVE-2006-3803 Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage collector to delete a temporary variable while it is still being used during the creation of a new Function object.		23% Средний	больше 19 лет назад

Уязвимостей на страницу