CVSS: 7.1EPSS: 10%CPEs: 77EXPL: 5CVE-2009-1302 – Firefox 3 Layout engine crashes
https://notcve.org/view.php?id=CVE-2009-1302
22 Apr 2009 — The browser engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to (1) nsAsyncInstantiateEvent::Run, (2) nsStyleContext::Destroy, (3) nsComputedDOMStyle::GetWidth, (4) the xslt_attributeset_ImportSameName.html test case for the XSLT stylesheet compiler, (5) nsXULDocument::SynchronizeBroadcastListener, (6) IsBindingAncestor, (7) P... • http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html • CWE-399: Resource Management Errors •
CVSS: 7.1EPSS: 19%CPEs: 77EXPL: 1CVE-2009-1305 – Firefox 2 and 3 JavaScript engine crash
https://notcve.org/view.php?id=CVE-2009-1305
22 Apr 2009 — The JavaScript engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving JSOP_DEFVAR and properties that lack the JSPROP_PERMANENT attribute. El motor JavaScript en Mozilla Firefox antes de 3.0.9, Thunderbird antes de 2.0.0.22, y SeaMonkey antes de 1.1.16 permite a atacantes remotos provocar una denegación de servicio (caída de la aplica... • http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html • CWE-399: Resource Management Errors •
CVSS: 7.1EPSS: 30%CPEs: 77EXPL: 2CVE-2009-1304 – Firefox 3 JavaScript engine crashes
https://notcve.org/view.php?id=CVE-2009-1304
22 Apr 2009 — The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving (1) js_FindPropertyHelper, related to the definitions of Math and Date; and (2) js_CheckRedeclaration. El motor JavaScript en Mozilla Firefox v3.x en anteriores a v3.0.9, Thunderbird anteriores a v2.0.0.22, y SeaMonkey anteriores a v1.1.16 permite a atacantes re... • http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 22%CPEs: 88EXPL: 0CVE-2009-0772 – Firefox 2 and 3 - Layout engine crashes
https://notcve.org/view.php?id=CVE-2009-0772
05 Mar 2009 — The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection, which triggers memory corruption. El motor en Mozilla Firefox 2 y 3 anteriores v3.0.7, Thunderbird anteriores a v2.0.0.21, y SeaMonkey v1.1.15 permite a los atacantes remotos causar una denegación de servicios (caída) y ... • http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 7.1EPSS: 0%CPEs: 88EXPL: 0CVE-2009-0776 – Firefox XML data theft via RDFXMLDataSource and cross-domain redirect
https://notcve.org/view.php?id=CVE-2009-0776
05 Mar 2009 — nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect. nsIRDFService de Mozilla Firefox anterior a v3.0.7, Thunderbird anterior a v2.0.0.21 y SeaMonkey anterior a v1.1.15; permite a atacantes remotos evitar la política de same-origin -mismo origen- y leer datos XML desde otro dominio a través de una redirección de dominio cruzado. • http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00002.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 79%CPEs: 88EXPL: 0CVE-2009-0771 – Firefox 3 Layout Engine Crashes
https://notcve.org/view.php?id=CVE-2009-0771
05 Mar 2009 — The layout engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption and assertion failures. El motor de diseño en Mozilla Firefox anterior a v3.0.7, Thunderbird anterior a v2.0.0.21, y SeaMonkey v1.1.15, permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente la ejecución de código de su elección a ... • http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 5.8EPSS: 1%CPEs: 88EXPL: 0CVE-2009-0777 – Firefox URL spoofing with invisible control characters
https://notcve.org/view.php?id=CVE-2009-0777
05 Mar 2009 — Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 decode invisible characters when they are displayed in the location bar, which causes an incorrect address to be displayed and makes it easier for remote attackers to spoof URLs and conduct phishing attacks. Mozilla Firefox en versiones anteriores a 3.0.7, Thunderbird en versiones anteriores 2.0.0.21 y SeaMonkey en versiones anteriores a 1.1.15, decodifican caracteres invisibles cuando son desplegados en la barra de ubica... • http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00002.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 6%CPEs: 88EXPL: 0CVE-2009-0774 – Firefox 2 and 3 crashes in the JavaScript engine
https://notcve.org/view.php?id=CVE-2009-0774
05 Mar 2009 — The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different vulnerability than CVE-2009-0773. El motor de diseño en Mozilla Firefox 2 y 3 anterior a v3.0.7, Thunderbird anterior a v2.0.0.21, y SeaMonkey v1.1.15, permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente la ejecución de código d... • http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 90%CPEs: 88EXPL: 2CVE-2009-0773 – Firefox 3 crashes in the JavaScript engine
https://notcve.org/view.php?id=CVE-2009-0773
05 Mar 2009 — The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a splice of an array that contains "some non-set elements," which causes jsarray.cpp to pass an incorrect argument to the ResizeSlots function, which triggers memory corruption; (2) vectors related to js_DecompileValueGenerator, jsopcode.cpp, __defineSetter__, and watch, which triggers an assertion fa... • http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 26%CPEs: 88EXPL: 0CVE-2009-0775 – Mozilla Firefox XUL Linked Clones Double Free Vulnerability
https://notcve.org/view.php?id=CVE-2009-0775
05 Mar 2009 — Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection. Vulnerabilidad de doble liberación en Mozilla Firefox anteriores a v3.0.7, Thunderbird anteriores a v2.0.0.21, y SeaMonkey anteriores a v1.1.15 permite a atacantes remotos ejecutar código a su elección a través de "el... • http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00002.html • CWE-399: Resource Management Errors •