CVE-2008-7244 – Multiple Browsers - 'window.print()' Denial of Service
https://notcve.org/view.php?id=CVE-2008-7244
Mozilla Firefox 3.0.1 and earlier allows remote attackers to cause a denial of service (browser hang) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821. Mozilla Firefox v3.0.1 y anteriores permite a atacantes remotos producir una denegación de servicio (navegador colgado) mediante una llamada en bucle a la función window.print, también conocido como "ataque DoS de impresión", posiblemente relacionado con CVE-2009-0821. • https://www.exploit-db.com/exploits/12509 http://websecurity.com.ua/2456 http://www.securityfocus.com/archive/1/506328/100/100/threaded • CWE-399: Resource Management Errors •
CVE-2009-3072 – Firefox 3.5.3 3.0.14 browser engine crashes
https://notcve.org/view.php?id=CVE-2009-3072
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the BinHex decoder in netwerk/streamconv/converters/nsBinHexDecoder.cpp, and unknown vectors. Múltiples vulnerabilidades no especificadas en el motor de navegación de Mozilla Firefox anterior a v3.0.14 y v3.5.x anterior a v3.5.3; permiten a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) o puede que ejecutar código de su elección a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html http://secunia.com/advisories/36669 http://secunia.com/advisories/36670 http://secunia.com/advisories/36671 http://secunia.com/advisories/36692 http://secunia.com/advisories/37098 http://secunia.com/advisories/38977 http://secunia.com/advisories/39001 http://www.debian.org/security/2009/dsa-1885 http://www.mozilla.org/security/announce/2009/mfsa2009-47.html http://www.mozilla.org/security/announce/2010 •
CVE-2009-3078 – Firefox 3.5.3 3.0.14 Location bar spoofing via tall line-height Unicode characters
https://notcve.org/view.php?id=CVE-2009-3078
Visual truncation vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to trigger a vertical scroll and spoof URLs via unspecified Unicode characters with a tall line-height property. Vulnerabilidad de truncado visual en Mozilla Firefox anteriores a v3.0.14, y v3.5.x anteriores a v3.5.3, permite a atacantes remotos iniciar un scroll vertical y falsificar URLs a traves de caracteres Unicode con una propiedad "line-height" alta. • http://secunia.com/advisories/36670 http://secunia.com/advisories/36671 http://secunia.com/advisories/36692 http://secunia.com/advisories/37098 http://www.debian.org/security/2009/dsa-1885 http://www.mozilla.org/security/announce/2009/mfsa2009-50.html http://www.novell.com/linux/security/advisories/2009_48_firefox.html http://www.redhat.com/support/errata/RHSA-2009-1430.html http://www.securityfocus.com/bid/36343 http://www.securitytracker.com/id?1022875 https://bugzilla • CWE-20: Improper Input Validation •
CVE-2009-3079 – Firefox 3.5.3 3.0.14 Chrome privilege escalation with FeedWriter
https://notcve.org/view.php?id=CVE-2009-3079
Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter. Vulnerabilidad inespecífica en Mozilla Firefox anteriores a la v3.0.14, y v3.5.x anterior a la v3.5.3, permite a atacantes remotos ejecutar Javascript arbitrario con privilegios de chrome a través de vectores que incluyen un objeto, el FeedWriter, y el BrowserFeedWriter. • http://secunia.com/advisories/36670 http://secunia.com/advisories/36671 http://secunia.com/advisories/36757 http://secunia.com/advisories/37098 http://www.debian.org/security/2009/dsa-1886 http://www.mozilla.org/security/announce/2009/mfsa2009-51.html http://www.novell.com/linux/security/advisories/2009_48_firefox.html http://www.redhat.com/support/errata/RHSA-2009-1430.html http://www.securityfocus.com/bid/36343 http://www.securitytracker.com/id?1022873 https://bugzilla • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2009-3074 – Firefox 3.5 3.0.14 JavaScript engine crashes
https://notcve.org/view.php?id=CVE-2009-3074
Unspecified vulnerability in the JavaScript engine in Mozilla Firefox before 3.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Vulnerabilidad no especificada en el motor JavaScript de Mozilla Firefox en versiones anteriores a la v3.0.14 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) o posiblemente ejecutar código de su elección a través de vectores de ataque desconocidos. • http://secunia.com/advisories/36670 http://secunia.com/advisories/36671 http://secunia.com/advisories/36692 http://secunia.com/advisories/37098 http://www.debian.org/security/2009/dsa-1885 http://www.mozilla.org/security/announce/2009/mfsa2009-47.html http://www.novell.com/linux/security/advisories/2009_48_firefox.html http://www.redhat.com/support/errata/RHSA-2009-1430.html http://www.securityfocus.com/bid/36343 https://bugzilla.mozilla.org/show_bug.cgi?id=467493 https: •