Mozilla Firefox — свободный браузер на движке Gecko
Релизный цикл, информация об уязвимостях
График релизов
Количество 15 501
CVE-2006-3805
The Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird b ...
CVE-2006-3802
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMon ...
CVE-2006-3809
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMon ...
CVE-2006-3811
Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbir ...
CVE-2006-3810
Cross-site scripting (XSS) vulnerability in Mozilla Firefox 1.5 before ...
CVE-2006-3801
Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 does not ...
CVE-2006-3808
Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows remot ...
CVE-2006-3113
Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and Se ...
CVE-2006-3811
Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Javascript that leads to memory corruption, including (1) nsListControlFrame::FireMenuItemActiveEvent, (2) buffer overflows in the string class in out-of-memory conditions, (3) table row and column groups, (4) "anonymous box selectors outside of UA stylesheets," (5) stale references to "removed nodes," and (6) running the crypto.generateCRMFRequest callback on deleted context.
CVE-2006-3802
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to hijack native DOM methods from objects in another domain and conduct cross-site scripting (XSS) attacks using DOM methods of the top-level object.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2006-3805 The Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird b ... | CVSS2: 7.5 | 23% Средний | больше 19 лет назад |
| CVE-2006-3802 Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMon ... | CVSS2: 5.8 | 4% Низкий | больше 19 лет назад |
| CVE-2006-3809 Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMon ... | CVSS2: 7.5 | 3% Низкий | больше 19 лет назад |
| CVE-2006-3811 Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbir ... | CVSS2: 7.5 | 19% Средний | больше 19 лет назад |
| CVE-2006-3810 Cross-site scripting (XSS) vulnerability in Mozilla Firefox 1.5 before ... | CVSS2: 6.8 | 14% Средний | больше 19 лет назад |
| CVE-2006-3801 Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 does not ... | CVSS2: 7.5 | 28% Средний | больше 19 лет назад |
| CVE-2006-3808 Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows remot ... | CVSS2: 7.5 | 2% Низкий | больше 19 лет назад |
| CVE-2006-3113 Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and Se ... | CVSS2: 7.5 | 27% Средний | больше 19 лет назад |
 | CVE-2006-3811 Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Javascript that leads to memory corruption, including (1) nsListControlFrame::FireMenuItemActiveEvent, (2) buffer overflows in the string class in out-of-memory conditions, (3) table row and column groups, (4) "anonymous box selectors outside of UA stylesheets," (5) stale references to "removed nodes," and (6) running the crypto.generateCRMFRequest callback on deleted context. | CVSS2: 7.5 | 19% Средний | больше 19 лет назад |
| CVE-2006-3802 Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to hijack native DOM methods from objects in another domain and conduct cross-site scripting (XSS) attacks using DOM methods of the top-level object. | CVSS2: 5.8 | 4% Низкий | больше 19 лет назад |
Уязвимостей на страницу