Mozilla Firefox — свободный браузер на движке Gecko
Релизный цикл, информация об уязвимостях
График релизов
Количество 15 501
CVE-2005-0255
String handling functions in Mozilla 1.7.3, Firefox 1.0, and Thunderbi ...
CVE-2005-0232
Firefox 1.0 allows remote attackers to modify Boolean configuration pa ...
CVE-2005-0588
Firefox before 1.0.1 and Mozilla before 1.7.6 does not restrict xsl:in ...
CVE-2005-1155
The favicon functionality in Firefox before 1.0.3 and Mozilla Suite be ...
CVE-2005-0402
Firefox before 1.0.2 allows remote attackers to execute arbitrary code ...
CVE-2005-1154
Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote atta ...
CVE-2005-0588
Firefox before 1.0.1 and Mozilla before 1.7.6 does not restrict xsl:include and xsl:import tags in XSLT stylesheets to the current domain, which allows remote attackers to determine the existence of files on the local system.
CVE-2005-0232
Firefox 1.0 allows remote attackers to modify Boolean configuration parameters for the about:config site by using a plugin such as Flash, and the -moz-opacity filter, to display the about:config site then cause the user to double-click at a certain screen position, aka "Fireflashing."
CVE-2005-0591
Firefox before 1.0.1 allows remote attackers to spoof the (1) security and (2) download modal dialog boxes, which could be used to trick users into executing script or downloading and executing a file, aka "Firespoofing."
CVE-2005-0589
The Form Fill feature in Firefox before 1.0.1 allows remote attackers to steal potentially sensitive information via an input control that monitors the values that are generated by the autocomplete capability.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2005-0255 String handling functions in Mozilla 1.7.3, Firefox 1.0, and Thunderbi ... | CVSS2: 5 | 8% Низкий | почти 21 год назад |
| CVE-2005-0232 Firefox 1.0 allows remote attackers to modify Boolean configuration pa ... | CVSS2: 2.6 | 1% Низкий | почти 21 год назад |
| CVE-2005-0588 Firefox before 1.0.1 and Mozilla before 1.7.6 does not restrict xsl:in ... | CVSS2: 5 | 1% Низкий | почти 21 год назад |
| CVE-2005-1155 The favicon functionality in Firefox before 1.0.3 and Mozilla Suite be ... | CVSS2: 7.5 | 36% Средний | почти 21 год назад |
| CVE-2005-0402 Firefox before 1.0.2 allows remote attackers to execute arbitrary code ... | CVSS2: 2.6 | 1% Низкий | почти 21 год назад |
| CVE-2005-1154 Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote atta ... | CVSS2: 7.5 | 7% Низкий | почти 21 год назад |
 | CVE-2005-0588 Firefox before 1.0.1 and Mozilla before 1.7.6 does not restrict xsl:include and xsl:import tags in XSLT stylesheets to the current domain, which allows remote attackers to determine the existence of files on the local system. | CVSS2: 5 | 1% Низкий | почти 21 год назад |
| CVE-2005-0232 Firefox 1.0 allows remote attackers to modify Boolean configuration parameters for the about:config site by using a plugin such as Flash, and the -moz-opacity filter, to display the about:config site then cause the user to double-click at a certain screen position, aka "Fireflashing." | CVSS2: 2.6 | 1% Низкий | почти 21 год назад |
| CVE-2005-0591 Firefox before 1.0.1 allows remote attackers to spoof the (1) security and (2) download modal dialog boxes, which could be used to trick users into executing script or downloading and executing a file, aka "Firespoofing." | CVSS2: 2.6 | 2% Низкий | почти 21 год назад |
| CVE-2005-0589 The Form Fill feature in Firefox before 1.0.1 allows remote attackers to steal potentially sensitive information via an input control that monitors the values that are generated by the autocomplete capability. | CVSS2: 5 | 1% Низкий | почти 21 год назад |
Уязвимостей на страницу