Mozilla Firefox — свободный браузер на движке Gecko
Релизный цикл, информация об уязвимостях
График релизов
Количество 15 425
CVE-2006-3806
Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments."
CVE-2006-3807
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object() constructor to return a reference to a privileged object and calling "named JavaScript functions" that use the constructor.
CVE-2006-3803
Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage collector to delete a temporary variable while it is still being used during the creation of a new Function object.
CVE-2006-3677
Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a crash that leads to code execution.
CVE-2006-3807
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMon ...
CVE-2006-3803
Race condition in the JavaScript garbage collection in Mozilla Firefox ...
CVE-2006-3677
Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows r ...
CVE-2006-3806
Multiple integer overflows in the Javascript engine in Mozilla Firefox ...
CVE-2006-3677
Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a crash that leads to code execution.
CVE-2006-3806
Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments."
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2006-3806 Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments." | CVSS2: 7.5 | 30% Средний | больше 19 лет назад |
| CVE-2006-3807 Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object() constructor to return a reference to a privileged object and calling "named JavaScript functions" that use the constructor. | CVSS2: 7.5 | 27% Средний | больше 19 лет назад |
| CVE-2006-3803 Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage collector to delete a temporary variable while it is still being used during the creation of a new Function object. | CVSS2: 5.1 | 23% Средний | больше 19 лет назад |
| CVE-2006-3677 Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a crash that leads to code execution. | CVSS2: 7.5 | 81% Высокий | больше 19 лет назад |
| CVE-2006-3807 Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMon ... | CVSS2: 7.5 | 27% Средний | больше 19 лет назад |
| CVE-2006-3803 Race condition in the JavaScript garbage collection in Mozilla Firefox ... | CVSS2: 5.1 | 23% Средний | больше 19 лет назад |
| CVE-2006-3677 Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows r ... | CVSS2: 7.5 | 81% Высокий | больше 19 лет назад |
| CVE-2006-3806 Multiple integer overflows in the Javascript engine in Mozilla Firefox ... | CVSS2: 7.5 | 30% Средний | больше 19 лет назад |
 | CVE-2006-3677 Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a crash that leads to code execution. | CVSS2: 7.5 | 81% Высокий | больше 19 лет назад |
| CVE-2006-3806 Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments." | CVSS2: 7.5 | 30% Средний | больше 19 лет назад |
Уязвимостей на страницу