Mozilla Firefox — свободный браузер на движке Gecko

Mozilla Firefox before 1.0 truncates long filenames in the file downlo ...

Mozilla Firefox before 0.10.1 allows remote attackers to delete arbitr ...

Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox befor ...

Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote attacker ...

Mozilla Firefox 1.5.0.1, and possibly other versions, preserves some r ...

Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability.

Mozilla Firefox 0.9.2 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. NOTE: it was later reported that 2.x is also affected.

Mozilla Firefox 0.9.2 allows web sites to set cookies for country-spec ...

Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability.

Mozilla Firefox before 0.10, Mozilla 5.0, and Gecko 20040913 allows remote attackers to cause a denial of service (application crash or memory consumption) via a large binary file with a .html extension.