Логотип exploitDog
product: "firefox"
Консоль
Логотип exploitDog

exploitDog

product: "firefox"
Mozilla Firefox

Mozilla Firefoxсвободный браузер на движке Gecko

Релизный цикл, информация об уязвимостях

Продукт: Mozilla Firefox
Вендор: mozilla

График релизов

11511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614720232024202520262027

Недавние уязвимости Mozilla Firefox

Количество 15 501

nvd логотип

CVE-2007-0801

около 19 лет назад

The nsExternalAppHandler::SetUpTempFile function in Mozilla Firefox 1.5.0.9 creates temporary files with predictable filenames based on creation time, which allows remote attackers to execute arbitrary web script or HTML via a crafted XMLHttpRequest.

CVSS2: 4.3
EPSS: Низкий
nvd логотип

CVE-2007-0800

около 19 лет назад

Cross-zone vulnerability in Mozilla Firefox 1.5.0.9 considers blocked popups to have an internal zone origin, which allows user-assisted remote attackers to cross zone restrictions and read arbitrary file:// URIs by convincing a user to show a blocked popup.

CVSS2: 4.3
EPSS: Низкий
nvd логотип

CVE-2006-6971

около 19 лет назад

Mozilla Firefox 2.0, possibly only when running on Windows, allows remote attackers to bypass the Phishing Protection mechanism by representing an IP address in (1) dotted-hex, (2) dotted-octal, (3) single decimal integer, (4) single hex integer, or (5) single octal integer format, which is not captured by the blacklist filter.

CVSS2: 5
EPSS: Низкий
debian логотип

CVE-2007-0800

около 19 лет назад

Cross-zone vulnerability in Mozilla Firefox 1.5.0.9 considers blocked ...

CVSS2: 4.3
EPSS: Низкий
debian логотип

CVE-2007-0801

около 19 лет назад

The nsExternalAppHandler::SetUpTempFile function in Mozilla Firefox 1. ...

CVSS2: 4.3
EPSS: Низкий
debian логотип

CVE-2006-6971

около 19 лет назад

Mozilla Firefox 2.0, possibly only when running on Windows, allows rem ...

CVSS2: 5
EPSS: Низкий
debian логотип

CVE-2007-0802

около 19 лет назад

Mozilla Firefox 2.0.0.1 allows remote attackers to bypass the Phishing ...

CVSS2: 6.4
EPSS: Низкий
ubuntu логотип

CVE-2007-0800

около 19 лет назад

Cross-zone vulnerability in Mozilla Firefox 1.5.0.9 considers blocked popups to have an internal zone origin, which allows user-assisted remote attackers to cross zone restrictions and read arbitrary file:// URIs by convincing a user to show a blocked popup.

CVSS2: 4.3
EPSS: Низкий
ubuntu логотип

CVE-2007-0801

около 19 лет назад

The nsExternalAppHandler::SetUpTempFile function in Mozilla Firefox 1.5.0.9 creates temporary files with predictable filenames based on creation time, which allows remote attackers to execute arbitrary web script or HTML via a crafted XMLHttpRequest.

CVSS2: 4.3
EPSS: Низкий
ubuntu логотип

CVE-2007-0802

около 19 лет назад

Mozilla Firefox 2.0.0.1 allows remote attackers to bypass the Phishing Protection mechanism by adding certain characters to the end of the domain name, as demonstrated by the "." and "/" characters, which is not caught by the Phishing List blacklist filter.

CVSS2: 6.4
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
1
nvd логотип
CVE-2007-0801

The nsExternalAppHandler::SetUpTempFile function in Mozilla Firefox 1.5.0.9 creates temporary files with predictable filenames based on creation time, which allows remote attackers to execute arbitrary web script or HTML via a crafted XMLHttpRequest.

CVSS2: 4.3
1%
Низкий
около 19 лет назад
nvd логотип
CVE-2007-0800

Cross-zone vulnerability in Mozilla Firefox 1.5.0.9 considers blocked popups to have an internal zone origin, which allows user-assisted remote attackers to cross zone restrictions and read arbitrary file:// URIs by convincing a user to show a blocked popup.

CVSS2: 4.3
4%
Низкий
около 19 лет назад
nvd логотип
CVE-2006-6971

Mozilla Firefox 2.0, possibly only when running on Windows, allows remote attackers to bypass the Phishing Protection mechanism by representing an IP address in (1) dotted-hex, (2) dotted-octal, (3) single decimal integer, (4) single hex integer, or (5) single octal integer format, which is not captured by the blacklist filter.

CVSS2: 5
0%
Низкий
около 19 лет назад
debian логотип
CVE-2007-0800

Cross-zone vulnerability in Mozilla Firefox 1.5.0.9 considers blocked ...

CVSS2: 4.3
4%
Низкий
около 19 лет назад
debian логотип
CVE-2007-0801

The nsExternalAppHandler::SetUpTempFile function in Mozilla Firefox 1. ...

CVSS2: 4.3
1%
Низкий
около 19 лет назад
debian логотип
CVE-2006-6971

Mozilla Firefox 2.0, possibly only when running on Windows, allows rem ...

CVSS2: 5
0%
Низкий
около 19 лет назад
debian логотип
CVE-2007-0802

Mozilla Firefox 2.0.0.1 allows remote attackers to bypass the Phishing ...

CVSS2: 6.4
1%
Низкий
около 19 лет назад
ubuntu логотип
CVE-2007-0800

Cross-zone vulnerability in Mozilla Firefox 1.5.0.9 considers blocked popups to have an internal zone origin, which allows user-assisted remote attackers to cross zone restrictions and read arbitrary file:// URIs by convincing a user to show a blocked popup.

CVSS2: 4.3
4%
Низкий
около 19 лет назад
ubuntu логотип
CVE-2007-0801

The nsExternalAppHandler::SetUpTempFile function in Mozilla Firefox 1.5.0.9 creates temporary files with predictable filenames based on creation time, which allows remote attackers to execute arbitrary web script or HTML via a crafted XMLHttpRequest.

CVSS2: 4.3
1%
Низкий
около 19 лет назад
ubuntu логотип
CVE-2007-0802

Mozilla Firefox 2.0.0.1 allows remote attackers to bypass the Phishing Protection mechanism by adding certain characters to the end of the domain name, as demonstrated by the "." and "/" characters, which is not caught by the Phishing List blacklist filter.

CVSS2: 6.4
1%
Низкий
около 19 лет назад

Уязвимостей на страницу


Поделиться