Логотип exploitDog
product: "firefox"
Консоль
Логотип exploitDog

exploitDog

product: "firefox"
Mozilla Firefox

Mozilla Firefoxсвободный браузер на движке Gecko

Релизный цикл, информация об уязвимостях

Продукт: Mozilla Firefox
Вендор: mozilla

График релизов

11511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614720232024202520262027

Недавние уязвимости Mozilla Firefox

Количество 15 501

debian логотип

CVE-2006-6499

около 19 лет назад

The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x befo ...

CVSS2: 4.3
EPSS: Средний
debian логотип

CVE-2006-6501

около 19 лет назад

Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x ...

CVSS2: 6.8
EPSS: Средний
debian логотип

CVE-2006-6500

около 19 лет назад

Heap-based buffer overflow in Mozilla Firefox 2.x before 2.0.0.1, 1.5. ...

CVSS2: 6.8
EPSS: Средний
ubuntu логотип

CVE-2006-6504

около 19 лет назад

Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to execute arbitrary code by appending an SVG comment DOM node to another type of document, which triggers memory corruption.

CVSS2: 9.3
EPSS: Средний
ubuntu логотип

CVE-2006-6507

около 19 лет назад

Mozilla Firefox 2.0 before 2.0.0.1 allows remote attackers to bypass Cross-Site Scripting (XSS) protection via vectors related to a Function.prototype regression error.

CVSS2: 4.3
EPSS: Низкий
ubuntu логотип

CVE-2006-6500

около 19 лет назад

Heap-based buffer overflow in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by setting the CSS cursor to certain images that cause an incorrect size calculation when converting to a Windows bitmap.

CVSS2: 6.8
EPSS: Средний
ubuntu логотип

CVE-2006-6499

около 19 лет назад

The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced, which allows remote attackers to cause a denial of service via any plugins that reduce the precision.

CVSS2: 4.3
EPSS: Средний
ubuntu логотип

CVE-2006-6502

около 19 лет назад

Use-after-free vulnerability in the LiveConnect bridge code for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial of service (crash) via unknown vectors.

CVSS2: 7.1
EPSS: Средний
ubuntu логотип

CVE-2006-6498

около 19 лет назад

Multiple unspecified vulnerabilities in the JavaScript engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, SeaMonkey before 1.0.7, and Mozilla 1.7 and probably earlier on Solaris, allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via unknown impact and attack vectors.

CVSS2: 6.8
EPSS: Средний
ubuntu логотип

CVE-2006-6501

около 19 лет назад

Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to gain privileges and install malicious code via the watch Javascript function.

CVSS2: 6.8
EPSS: Средний

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
1
debian логотип
CVE-2006-6499

The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x befo ...

CVSS2: 4.3
14%
Средний
около 19 лет назад
debian логотип
CVE-2006-6501

Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x ...

CVSS2: 6.8
26%
Средний
около 19 лет назад
debian логотип
CVE-2006-6500

Heap-based buffer overflow in Mozilla Firefox 2.x before 2.0.0.1, 1.5. ...

CVSS2: 6.8
38%
Средний
около 19 лет назад
ubuntu логотип
CVE-2006-6504

Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to execute arbitrary code by appending an SVG comment DOM node to another type of document, which triggers memory corruption.

CVSS2: 9.3
42%
Средний
около 19 лет назад
ubuntu логотип
CVE-2006-6507

Mozilla Firefox 2.0 before 2.0.0.1 allows remote attackers to bypass Cross-Site Scripting (XSS) protection via vectors related to a Function.prototype regression error.

CVSS2: 4.3
6%
Низкий
около 19 лет назад
ubuntu логотип
CVE-2006-6500

Heap-based buffer overflow in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by setting the CSS cursor to certain images that cause an incorrect size calculation when converting to a Windows bitmap.

CVSS2: 6.8
38%
Средний
около 19 лет назад
ubuntu логотип
CVE-2006-6499

The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced, which allows remote attackers to cause a denial of service via any plugins that reduce the precision.

CVSS2: 4.3
14%
Средний
около 19 лет назад
ubuntu логотип
CVE-2006-6502

Use-after-free vulnerability in the LiveConnect bridge code for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial of service (crash) via unknown vectors.

CVSS2: 7.1
21%
Средний
около 19 лет назад
ubuntu логотип
CVE-2006-6498

Multiple unspecified vulnerabilities in the JavaScript engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, SeaMonkey before 1.0.7, and Mozilla 1.7 and probably earlier on Solaris, allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via unknown impact and attack vectors.

CVSS2: 6.8
11%
Средний
около 19 лет назад
ubuntu логотип
CVE-2006-6501

Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to gain privileges and install malicious code via the watch Javascript function.

CVSS2: 6.8
26%
Средний
около 19 лет назад

Уязвимостей на страницу


Поделиться