CVSS: 10.0EPSS: 28%CPEs: 163EXPL: 0CVE-2011-0072 – Mozilla use after free flaw (MFSA 2011-12)
https://notcve.org/view.php?id=CVE-2011-0072
07 May 2011 — Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0074, CVE-2011-0075, CVE-2011-0077, and CVE-2011-0078. Vulnerabilidad no especificada en el motor del navegador de Mozilla Firefox v3.5.x anterior a v3.5.... • http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_thunderbird • CWE-416: Use After Free •
CVSS: 10.0EPSS: 28%CPEs: 163EXPL: 0CVE-2011-0077 – Mozilla integer overflow in frameset spec (MFSA 2011-12)
https://notcve.org/view.php?id=CVE-2011-0077
07 May 2011 — Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0075, and CVE-2011-0078. Vulnerabilidad no especificada en el motor del navegador de Mozilla Firefox v3.5.x anterior a v3.5.... • http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_thunderbird • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 28%CPEs: 163EXPL: 0CVE-2011-0078 – Mozilla OOM condition arbitrary memory write (MFSA 2011-12)
https://notcve.org/view.php?id=CVE-2011-0078
07 May 2011 — Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0075, and CVE-2011-0077. Vulnerabilidad no especificada en el motor del navegador de Mozilla Firefox v3.5.x anterior a v3.5.... • http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_thunderbird •
CVSS: 7.5EPSS: 1%CPEs: 251EXPL: 1CVE-2011-0071 – Mozilla directory traversal via resource protocol (MFSA 2011-16)
https://notcve.org/view.php?id=CVE-2011-0071
07 May 2011 — Directory traversal vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 on Windows allows remote attackers to determine the existence of arbitrary files, and possibly load resources, via vectors involving a resource: URL. Vulnerabilidad de salto de directorio en Mozilla Firefox anterior a v3.5.19 y v3.6.x anterior a v3.6.17, Thunderbird anterior a v3.1.10, y SeaMonkey anterior a v2.0.14 en Windows permite a atacantes remotos determin... • http://downloads.avaya.com/css/P8/documents/100144158 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 2CVE-2011-1187
https://notcve.org/view.php?id=CVE-2011-1187
11 Mar 2011 — Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak." Google Chrome en versiones anteriores a la 10.0.648.127 permite a atacantes remotos evitar la política de mismo origen ("Same Origin Policy") a través de vectores sin especificar. Relacionado con un "error message leak". • http://code.google.com/p/chromium/issues/detail?id=69187 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 21%CPEs: 20EXPL: 0CVE-2011-0062 – Mozilla miscellaneous memory safety hazards (MFSA 2011-01)
https://notcve.org/view.php?id=CVE-2011-0062
02 Mar 2011 — Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.14 and Thunderbird 3.1.x before 3.1.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades sin especificar en el motor del navegador de Mozilla Firefox 3.6.x anteriores a la versión 3.6.14 y Thunderbird 3.1.x anteriores a 3.1.8. Permiten a atacantes remotos provocar una denegación de servicio... • http://downloads.avaya.com/css/P8/documents/100133195 •
CVSS: 10.0EPSS: 42%CPEs: 238EXPL: 0CVE-2011-0053 – Mozilla miscellaneous memory safety hazards (MFSA 2011-01)
https://notcve.org/view.php?id=CVE-2011-0053
02 Mar 2011 — Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades no especificadas en el motor del navegador de Mozilla Firefox antes de v3.5.17 y v3.6.x antes de v3.6.14, Thunderbird antes de v3.1.8 y SeaMonkey antes de v2.0.12 p... • http://downloads.avaya.com/css/P8/documents/100133195 •
CVSS: 9.3EPSS: 8%CPEs: 149EXPL: 0CVE-2011-0061 – Mozilla crash caused by corrupted JPEG image (MFSA 2011-09)
https://notcve.org/view.php?id=CVE-2011-0061
02 Mar 2011 — Buffer overflow in Mozilla Firefox 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image. Desbordamiento de buffer en Mozilla Firefox 3.6.x anteriores a la versión 3.6.14, Thunderbird en versiones anteriores a la 3.1.8 y SeaMonkey anteriores a 2.0.12. Pueden permitir a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (caída de... • http://downloads.avaya.com/css/P8/documents/100133195 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 18%CPEs: 233EXPL: 0CVE-2010-3768 – Mozilla add support for OTS font sanitizer (MFSA 2010-78)
https://notcve.org/view.php?id=CVE-2010-3768
10 Dec 2010 — Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate downloadable fonts before use within an operating system's font implementation, which allows remote attackers to execute arbitrary code via vectors related to @font-face Cascading Style Sheets (CSS) rules. Mozilla Firefox en versiones anteriores a la 3.5.16 y 3.6.x en versiones anteriores a la 3.6.13, Thunderbird en versiones anteriores a la 3.0.11 y 3... • http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 34%CPEs: 19EXPL: 0CVE-2010-3777 – Mozilla miscellaneous memory safety hazards (MFSA 2010-74)
https://notcve.org/view.php?id=CVE-2010-3777
10 Dec 2010 — Unspecified vulnerability in Mozilla Firefox 3.6.x before 3.6.13 and Thunderbird 3.1.x before 3.1.7 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Vulnerabilidad no especificada en Mozilla Firefox 3.6.x en versiones anteriores a la 3.6.13 y Thunderbird 3.1.x en versiones anteriores a la 3.1.7, permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) ... • http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •