CVSS: 10.0EPSS: 97%CPEs: 164EXPL: 5CVE-2011-0065 – Mozilla Firefox OBJECT mChannel Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0065
07 May 2011 — Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mChannel. Vulnerabilidad de uso después de la liberación (Use-after-free) en Mozilla Firefox anterior a v3.5.19 y v3.6.x anterior a v3.6.17, y SeaMonkey anterior a v2.0.14, permite a atacantes remotos ejecutar código arbitrario mediante OBJECT's mChannel. This vulnerability allows remote attackers to execute arbi... • https://packetstorm.news/files/id/129259 • CWE-399: Resource Management Errors CWE-416: Use After Free •
CVSS: 10.0EPSS: 11%CPEs: 164EXPL: 0CVE-2011-0066 – Mozilla Firefox OBJECT mObserverList Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0066
07 May 2011 — Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mObserverList. Vulnerabilidad de uso después de la liberación (Use-after-free) en Mozilla Firefox anterior a v3.5.19 y v3.6.x anterior a v3.6.17, y SeaMonkey anterior a v2.0.14, permite a atacantes remotos ejecutar código arbitrario mediante OBJECT's mObserverList. This vulnerability allows remote attackers to ex... • http://downloads.avaya.com/css/P8/documents/100144158 • CWE-399: Resource Management Errors CWE-416: Use After Free •
CVSS: 7.5EPSS: 1%CPEs: 164EXPL: 1CVE-2011-0067 – Mozilla untrusted events can trigger autocomplete popup (MFSA 2011-14)
https://notcve.org/view.php?id=CVE-2011-0067
07 May 2011 — Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly implement autocompletion for forms, which allows remote attackers to read form history entries via a Java applet that spoofs interaction with the autocomplete controls. Mozilla Firefox v3.5.19 y v3.6.x anterior a v3.6.17, y SeaMonkey anterior a v2.0.14, no implementa adecuadamente el autocompletado de formularios, permitiendo a atacantes remotos leer las entradas del historial de formularios a través de un ... • http://downloads.avaya.com/css/P8/documents/100144158 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 20%CPEs: 176EXPL: 1CVE-2011-0069 – Mozilla javascript crash (MFSA 2011-12)
https://notcve.org/view.php?id=CVE-2011-0069
07 May 2011 — Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0070. Vulnerabilidad no especificada en el motor del navegador de Mozilla Firefox v3.5.x anterior a v3.5.19, v3.6.x anterior a v3.6.17,... • http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_thunderbird •
CVSS: 10.0EPSS: 28%CPEs: 163EXPL: 0CVE-2011-0074 – Mozilla crash from several marquee elements (MFSA 2011-12)
https://notcve.org/view.php?id=CVE-2011-0074
07 May 2011 — Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0075, CVE-2011-0077, and CVE-2011-0078. Vulnerabilidad no especificada en el motor del navegador de Mozilla Firefox v3.5.x anterior a v3.5.... • http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_thunderbird •
CVSS: 10.0EPSS: 20%CPEs: 176EXPL: 1CVE-2011-0070 – Mozilla double free flaw (MFSA 2011-12)
https://notcve.org/view.php?id=CVE-2011-0070
07 May 2011 — Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0069. Vulnerabilidad no especificada en el motor del navegador de Mozilla Firefox v3.5.x anterior a v3.5.19, v3.6.x anterior a v3.6.17,... • http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_thunderbird •
CVSS: 10.0EPSS: 28%CPEs: 163EXPL: 0CVE-2011-0072 – Mozilla use after free flaw (MFSA 2011-12)
https://notcve.org/view.php?id=CVE-2011-0072
07 May 2011 — Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0074, CVE-2011-0075, CVE-2011-0077, and CVE-2011-0078. Vulnerabilidad no especificada en el motor del navegador de Mozilla Firefox v3.5.x anterior a v3.5.... • http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_thunderbird • CWE-416: Use After Free •
CVSS: 10.0EPSS: 28%CPEs: 163EXPL: 0CVE-2011-0077 – Mozilla integer overflow in frameset spec (MFSA 2011-12)
https://notcve.org/view.php?id=CVE-2011-0077
07 May 2011 — Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0075, and CVE-2011-0078. Vulnerabilidad no especificada en el motor del navegador de Mozilla Firefox v3.5.x anterior a v3.5.... • http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_thunderbird • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 28%CPEs: 163EXPL: 0CVE-2011-0078 – Mozilla OOM condition arbitrary memory write (MFSA 2011-12)
https://notcve.org/view.php?id=CVE-2011-0078
07 May 2011 — Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0075, and CVE-2011-0077. Vulnerabilidad no especificada en el motor del navegador de Mozilla Firefox v3.5.x anterior a v3.5.... • http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_thunderbird •
CVSS: 10.0EPSS: 96%CPEs: 164EXPL: 2CVE-2011-0073 – Mozilla Firefox nsTreeRange Dangling Pointer Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0073
07 May 2011 — Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly use nsTreeRange data structures, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "dangling pointer." Mozilla Firefox anterior a v3.5.19 y v3.6.x anterior a v3.6.17, y SeaMonkey anterior a v2.0.14, no utiliza correctamente las estructuras de datos nsTreeRange, permitiendo a atacantes remotos ejecutar código arbitrario a través de vectores no especificados produc... • https://www.exploit-db.com/exploits/17419 • CWE-20: Improper Input Validation •