CVE search results

121 – 130 of 226 results

Detailed view

Sort by:

CVE-2009-3375

Low priority

Fixed

content/html/document/src/nsHTMLDocument.cpp in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allows user-assisted remote attackers to bypass the Same Origin Policy and read an arbitrary content selection via the...

4 affected packages

firefox-3.0, firefox-3.5, xulrunner-1.9, xulrunner-1.9.1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox-3.0	—	—	—	—	—
firefox-3.5	—	—	—	—	—
xulrunner-1.9	—	—	—	—	—
xulrunner-1.9.1	—	—	—	—	—

CVE-2009-3374

Medium priority

Fixed

The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects...

4 affected packages

firefox-3.0, firefox-3.5, xulrunner-1.9, xulrunner-1.9.1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox-3.0	—	—	—	—	—
firefox-3.5	—	—	—	—	—
xulrunner-1.9	—	—	—	—	—
xulrunner-1.9.1	—	—	—	—	—

CVE-2009-3376

Low priority

Fixed

Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, does not properly handle a right-to-left override (aka RLO or U+202E) Unicode character in a download filename, which allows remote attackers to spoof...

5 affected packages

firefox-3.0, firefox-3.5, thunderbird, xulrunner-1.9, xulrunner-1.9.1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox-3.0	—	—	—	—	—
firefox-3.5	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner-1.9	—	—	—	—	—
xulrunner-1.9.1	—	—	—	—	—

CVE-2008-7244

Low priority

Ignored

Mozilla Firefox 3.0.1 and earlier allows remote attackers to cause a denial of service (browser hang) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821.

9 affected packages

firefox, firefox-3.0, firefox-3.5, mozilla-thunderbird, seamonkey...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox	—	—	—	—	—
firefox-3.0	—	—	—	—	—
firefox-3.5	—	—	—	—	—
mozilla-thunderbird	—	—	—	—	—
seamonkey	—	—	—	—	—
thunderbird	—	—	—	—	—
xulrunner	—	—	—	—	—
xulrunner-1.9	—	—	—	—	—
xulrunner-1.9.1	—	—	—	—	—

CVE-2009-3079

Medium priority

Fixed

Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter.

4 affected packages

firefox-3.0, firefox-3.5, xulrunner-1.9, xulrunner-1.9.1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox-3.0	—	—	—	—	—
firefox-3.5	—	—	—	—	—
xulrunner-1.9	—	—	—	—	—
xulrunner-1.9.1	—	—	—	—	—

CVE-2009-3078

Low priority

Fixed

Visual truncation vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to trigger a vertical scroll and spoof URLs via unspecified Unicode characters with a tall line-height property.

4 affected packages

firefox-3.0, firefox-3.5, xulrunner-1.9, xulrunner-1.9.1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox-3.0	—	—	—	—	—
firefox-3.5	—	—	—	—	—
xulrunner-1.9	—	—	—	—	—
xulrunner-1.9.1	—	—	—	—	—

CVE-2009-3076

Medium priority

Fixed

Mozilla Firefox before 3.0.14 does not properly implement certain dialogs associated with the (1) pkcs11.addmodule and (2) pkcs11.deletemodule operations, which makes it easier for remote attackers to trick a user into installing...

2 affected packages

firefox-3.0, xulrunner-1.9

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox-3.0	—	—	—	—	—
xulrunner-1.9	—	—	—	—	—

CVE-2009-3074

Medium priority

Fixed

Unspecified vulnerability in the JavaScript engine in Mozilla Firefox before 3.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

4 affected packages

firefox-3.0, firefox-3.5, xulrunner-1.9, xulrunner-1.9.1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox-3.0	—	—	—	—	—
firefox-3.5	—	—	—	—	—
xulrunner-1.9	—	—	—	—	—
xulrunner-1.9.1	—	—	—	—	—

CVE-2009-3071

Medium priority

Fixed

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute...

4 affected packages

firefox-3.0, firefox-3.5, xulrunner-1.9, xulrunner-1.9.1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox-3.0	—	—	—	—	—
firefox-3.5	—	—	—	—	—
xulrunner-1.9	—	—	—	—	—
xulrunner-1.9.1	—	—	—	—	—

CVE-2009-3070

Medium priority

Fixed

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via...

4 affected packages

firefox-3.0, firefox-3.5, xulrunner-1.9, xulrunner-1.9.1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
firefox-3.0	—	—	—	—	—
firefox-3.5	—	—	—	—	—
xulrunner-1.9	—	—	—	—	—
xulrunner-1.9.1	—	—	—	—	—

Export to JSON

Results by page:

Search CVE reports