Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
MozillaFirefox1.5.0.3

260 matches found

CVE
CVEadded 2011/11/09 11:55 a.m.48 views

CVE-2011-3652

The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly allocate memory, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.

10CVSS9.8AI score0.05919EPSS
CVE
CVEadded 2012/11/21 12:55 p.m.47 views

CVE-2012-4203

The New Tab page in Mozilla Firefox before 17.0 uses a privileged context for execution of JavaScript code by bookmarklets, which allows user-assisted remote attackers to run arbitrary programs by leveraging a javascript: URL in a bookmark.

6.8CVSS8.4AI score0.02473EPSS
CVE
CVEadded 2006/07/21 2:3 p.m.45 views

CVE-2006-3731

Mozilla Firefox 1.5.0.4 and earlier allows remote user-assisted attackers to cause a denial of service (crash) via a form with a multipart/form-data encoding and a user-uploaded file. NOTE: a third party has claimed that this issue might be related to the LiveHTTPHeaders extension.

2.6CVSS6.5AI score0.0063EPSS
CVE
CVEadded 2011/12/21 4:2 a.m.45 views

CVE-2011-3664

Mozilla Firefox before 9.0, Thunderbird before 9.0, and SeaMonkey before 2.6 on Mac OS X do not properly handle certain DOM frame deletions by plugins, which allows remote attackers to cause a denial of service (incorrect pointer dereference and application crash) or possibly have unspecified other...

6.8CVSS7.2AI score0.01153EPSS
CVE
CVEadded 2006/07/06 1:5 a.m.43 views

CVE-2006-3352

Cross-domain vulnerability in Mozilla Firefox allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which th...

6.4CVSS6AI score0.00706EPSS
CVE
CVEadded 2009/09/18 10:30 p.m.42 views

CVE-2008-7244

Mozilla Firefox 3.0.1 and earlier allows remote attackers to cause a denial of service (browser hang) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821.

5CVSS6.5AI score0.02598EPSS
CVE
CVEadded 2006/05/22 11:10 p.m.41 views

CVE-2006-2538

IE Tab 1.0.9 plugin for Mozilla Firefox 1.5.0.3 allows remote user-assisted attackers to cause a denial of service (application crash), possibly due to a null dereference, via certain Javascript, as demonstrated using a url parameter to the content/reloaded.html page in a chrome:// URI. Some third-...

2.6CVSS6.8AI score0.00739EPSS
CVE
CVEadded 2012/10/12 10:44 a.m.41 views

CVE-2012-4190

The FT2FontEntry::CreateFontEntry function in FreeType, as used in the Android build of Mozilla Firefox before 16.0.1 on CyanogenMod 10, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.

10CVSS9.6AI score0.08531EPSS
CVE
CVEadded 2012/10/10 5:55 p.m.40 views

CVE-2012-3987

Mozilla Firefox before 16.0 on Android assigns chrome privileges to Reader Mode pages, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site.

4CVSS6.3AI score0.0023EPSS
CVE
CVEadded 2012/11/21 12:55 p.m.40 views

CVE-2012-5837

The Web Developer Toolbar in Mozilla Firefox before 17.0 executes script with chrome privileges, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted string.

6.8CVSS7.5AI score0.01642EPSS
Total number of security vulnerabilities260