Mozilla Firefox — свободный браузер на движке Gecko
Релизный цикл, информация об уязвимостях
График релизов
Количество 15 501
CVE-2005-1531
Firefox before 1.0.4 and Mozilla Suite before 1.7.8 does not properly implement certain security checks for script injection, which allows remote attackers to execute script via "Wrapped" javascript: URLs, as demonstrated using (1) a javascript: URL in a view-source: URL, (2) a javascript: URL in a jar: URL, or (3) "a nested variant."
CVE-2005-1532
Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly limit privileges of Javascript eval and Script objects in the calling context, which allows remote attackers to conduct unauthorized activities via "non-DOM property overrides," a variant of CVE-2005-1160.
CVE-2005-1575
The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows allows remote attackers to hide the real file types of downloaded files via the Content-Type HTTP header and a filename containing whitespace, dots, or ASCII byte 160.
CVE-2005-1575
The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows ...
CVE-2005-1576
The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows uses the Content-Type HTTP header to determine the file type, but saves the original file extension when "Save to Disk" is selected, which allows remote attackers to hide the real file types of downloaded files.
CVE-2005-1531
Firefox before 1.0.4 and Mozilla Suite before 1.7.8 does not properly implement certain security checks for script injection, which allows remote attackers to execute script via "Wrapped" javascript: URLs, as demonstrated using (1) a javascript: URL in a view-source: URL, (2) a javascript: URL in a jar: URL, or (3) "a nested variant."
CVE-2005-1532
Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly limit privileges of Javascript eval and Script objects in the calling context, which allows remote attackers to conduct unauthorized activities via "non-DOM property overrides," a variant of CVE-2005-1160.
CVE-2005-1532
Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly li ...
CVE-2005-1576
The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows ...
CVE-2005-1531
Firefox before 1.0.4 and Mozilla Suite before 1.7.8 does not properly ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2005-1531 Firefox before 1.0.4 and Mozilla Suite before 1.7.8 does not properly implement certain security checks for script injection, which allows remote attackers to execute script via "Wrapped" javascript: URLs, as demonstrated using (1) a javascript: URL in a view-source: URL, (2) a javascript: URL in a jar: URL, or (3) "a nested variant." | 2% Низкий | больше 20 лет назад | |
| CVE-2005-1532 Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly limit privileges of Javascript eval and Script objects in the calling context, which allows remote attackers to conduct unauthorized activities via "non-DOM property overrides," a variant of CVE-2005-1160. | 17% Средний | больше 20 лет назад | |
 | CVE-2005-1575 The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows allows remote attackers to hide the real file types of downloaded files via the Content-Type HTTP header and a filename containing whitespace, dots, or ASCII byte 160. | CVSS2: 5 | 0% Низкий | больше 20 лет назад |
| CVE-2005-1575 The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows ... | CVSS2: 5 | 0% Низкий | больше 20 лет назад |
| CVE-2005-1576 The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows uses the Content-Type HTTP header to determine the file type, but saves the original file extension when "Save to Disk" is selected, which allows remote attackers to hide the real file types of downloaded files. | CVSS2: 2.6 | 0% Низкий | больше 20 лет назад |
| CVE-2005-1531 Firefox before 1.0.4 and Mozilla Suite before 1.7.8 does not properly implement certain security checks for script injection, which allows remote attackers to execute script via "Wrapped" javascript: URLs, as demonstrated using (1) a javascript: URL in a view-source: URL, (2) a javascript: URL in a jar: URL, or (3) "a nested variant." | CVSS2: 7.5 | 2% Низкий | больше 20 лет назад |
| CVE-2005-1532 Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly limit privileges of Javascript eval and Script objects in the calling context, which allows remote attackers to conduct unauthorized activities via "non-DOM property overrides," a variant of CVE-2005-1160. | CVSS2: 7.5 | 17% Средний | больше 20 лет назад |
| CVE-2005-1532 Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly li ... | CVSS2: 7.5 | 17% Средний | больше 20 лет назад |
| CVE-2005-1576 The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows ... | CVSS2: 2.6 | 0% Низкий | больше 20 лет назад |
| CVE-2005-1531 Firefox before 1.0.4 and Mozilla Suite before 1.7.8 does not properly ... | CVSS2: 7.5 | 2% Низкий | больше 20 лет назад |
Уязвимостей на страницу