Firefox Security Vulnerabilities and Issues — Firefox CVE List

Lucene search

MozillaFirefox

16 matches found

CVE•added 2009/07/22 6:30 p.m.•211 views

CVE-2009-2469

Mozilla Firefox before 3.0.12 does not properly handle an SVG element that has a property with a watch function and an defineSetter function, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted documen...

10CVSS9AI score0.05975EPSS

CVE•added 2009/07/30 7:30 p.m.•187 views

CVE-2009-2408

Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers t...

6.8CVSS6.1AI score0.01236EPSS

CVE•added 2009/07/01 1:0 p.m.•106 views

CVE-2009-0689

Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5...

6.8CVSS7.5AI score0.41051EPSS

CVE•added 2009/07/22 6:30 p.m.•94 views

CVE-2009-2463

Multiple integer overflows in the (1) PL_Base64Decode and (2) PL_Base64Encode functions in nsprpub/lib/libc/src/base64.c in Mozilla Firefox before 3.0.12, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application ...

10CVSS7.8AI score0.04167EPSS

CVE•added 2009/07/15 3:30 p.m.•77 views

CVE-2009-2477

js/src/jstracer.cpp in the Just-in-time (JIT) JavaScript compiler (aka TraceMonkey) in Mozilla Firefox 3.5 before 3.5.1 allows remote attackers to execute arbitrary code via certain use of the escape function that triggers access to uninitialized memory locations, as originally demonstrated by a do...

9.3CVSS9.5AI score0.83034EPSS

CVE•added 2009/07/22 6:30 p.m.•74 views

CVE-2009-2464

The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in Mozilla Firefox before 3.0.12, SeaMonkey 2.0a1pre, and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to loading multip...

10CVSS9AI score0.1994EPSS

CVE•added 2009/07/22 6:30 p.m.•74 views

CVE-2009-2466

The JavaScript engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) nsDOMClassInfo.cpp, (2) JS_HashTableRawLookup, and (3) MirrorWrappedNat...

10CVSS8.6AI score0.04978EPSS

CVE•added 2009/07/22 6:30 p.m.•74 views

CVE-2009-2467

Mozilla Firefox before 3.0.12 and 3.5 before 3.5.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a Flash object, a slow script dialog, and the unloading of the Flash plugin, which triggers attempted use of a deleted...

10CVSS8.9AI score0.05189EPSS

CVE•added 2009/07/22 6:30 p.m.•74 views

CVE-2009-2472

Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted document, related to a "cross origin wrapper bypass."

4.3CVSS7.5AI score0.007EPSS

CVE•added 2009/07/22 6:30 p.m.•71 views

CVE-2009-2462

The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) the frame chain and synchronous events, (2) a SetMayHaveFrame assertion an...

10CVSS8.6AI score0.05328EPSS

CVE•added 2009/07/22 6:30 p.m.•69 views

CVE-2009-2471

The setTimeout function in Mozilla Firefox before 3.0.12 does not properly preserve object wrapping, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafted call, related to XPCNativeWrapper.

10CVSS9.2AI score0.02242EPSS

CVE•added 2009/07/22 6:30 p.m.•67 views

CVE-2009-2465

Mozilla Firefox before 3.0.12 and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via vectors involving double frame construction, related to (1) nsHTMLContentSink.cpp, (2) nsXMLContentSink.cpp, and (3) nsPresShell....

10CVSS8.8AI score0.06139EPSS

CVE•added 2009/07/16 3:30 p.m.•59 views

CVE-2009-2479

Mozilla Firefox 3.0.x, 3.5, and 3.5.1 on Windows allows remote attackers to cause a denial of service (uncaught exception and application crash) via a long Unicode string argument to the write method. NOTE: this was originally reported as a stack-based buffer overflow. NOTE: on Linux and Mac OS X, ...

7.8CVSS8.9AI score0.14161EPSS

CVE•added 2009/07/20 6:30 p.m.•58 views

CVE-2009-2535

Mozilla Firefox before 2.0.0.19 and 3.x before 3.0.5, SeaMonkey, and Thunderbird allow remote attackers to cause a denial of service (memory consumption and application crash) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.

5CVSS8.9AI score0.10788EPSS

CVE•added 2009/07/22 6:30 p.m.•53 views

CVE-2009-2468

Integer overflow in Apple CoreGraphics, as used in Safari before 4.0.3, Mozilla Firefox before 3.0.12, and Mac OS X 10.4.11 and 10.5.8, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long text run that triggers a heap-based buffer o...

10CVSS8.1AI score0.23738EPSS

CVE•added 2009/07/16 3:30 p.m.•48 views

CVE-2009-2478

Mozilla Firefox 3.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors, related to a "flash bug."

5CVSS8.9AI score0.04071EPSS