Firefox Esr@* Security Vulnerabilities and Issues — Firefox Esr@* CVE List

Lucene search

MozillaFirefox Esr*

4 matches found

CVE•added 2015/04/01 10:59 a.m.•118 views

CVE-2015-0801

Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving anchor navigation, a similar issue to CVE-2015-0818.

7.5CVSS9.6AI score0.01278EPSS

CVE•added 2015/04/01 10:59 a.m.•97 views

CVE-2015-0816

Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 do not properly restrict resource: URLs, which makes it easier for remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging the ability to bypass the Same Origin Policy, as demon...

5CVSS9.5AI score0.8537EPSS

CVE•added 2015/04/01 10:59 a.m.•90 views

CVE-2015-0813

Use-after-free vulnerability in the AppendElements function in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 on Linux, when the Fluendo MP3 plugin for GStreamer is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap mem...

5.1CVSS9.4AI score0.02842EPSS

CVE•added 2015/04/01 10:59 a.m.•89 views

CVE-2015-0815

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

7.5CVSS10AI score0.01254EPSS