Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

mozilla firefox 1.8 vulnerabilities and exploits

(subscribe to this query)
5
CVSSv2
CVE-2007-1116
The CheckLoadURI function in Mozilla Firefox 1.8 lists the about: URI as a ChromeProtocol and can be loaded via JavaScript, which allows remote malicious users to obtain sensitive information by querying the browser's session history.
Mozilla Firefox 1.8
6.8
CVSSv2
CVE-2007-3656
Mozilla Firefox prior to 1.8.0.13 and 1.8.1.x prior to 1.8.1.5 does not perform a security zone check when processing a wyciwyg URI, which allows remote malicious users to obtain sensitive information, poison the browser cache, and possibly enable further attack vectors via (1) H...
Mozilla Firefox 1.0Mozilla Firefox 1.0.1Mozilla Firefox 1.0.8Mozilla Firefox 1.5Mozilla Firefox 1.5.0.5Mozilla Firefox 1.5.0.6Mozilla Firefox 1.0.2Mozilla Firefox 1.0.3Mozilla Firefox 1.5.0.1Mozilla Firefox 1.5.0.10Mozilla Firefox 1.5.0.11Mozilla Firefox 1.0.6Mozilla Firefox 1.0.7Mozilla Firefox 1.5.0.3Mozilla Firefox 1.5.0.4Mozilla Firefox 1.5.2Mozilla Firefox 1.5.3Mozilla Firefox 1.5.0.7Mozilla Firefox 1.5.0.8Mozilla Firefox 1.5.6Mozilla Firefox 1.5.7Mozilla Firefox 1.5.4
7.5
CVSSv2
CVE-2008-3836
feedWriter in Mozilla Firefox prior to 2.0.0.17 allows remote malicious users to execute scripts with chrome privileges via vectors related to feed preview and the (1) elem.doCommand, (2) elem.dispatchEvent, (3) _setTitleText, (4) _setTitleImage, and (5) _initSubscriptionUI funct...
Mozilla Firefox 0.9 RcMozilla Firefox 0.8Mozilla Firefox 2.0.0.12Mozilla Firefox 1.5Mozilla Firefox 1.5.2Mozilla Firefox 1.5.0.6Mozilla Firefox 1.8Mozilla Firefox 1.5.0.10Mozilla Firefox 1.5.0.3Mozilla Firefox 1.5.0.11Mozilla FirefoxMozilla Firefox 1.5.4Mozilla Firefox 1.0.2Mozilla Firefox 0.9.1Mozilla Firefox 1.0.4Mozilla Firefox 1.0.7Mozilla Firefox 0.10.1Mozilla Firefox 0.9Mozilla Firefox 1.5.6Mozilla Firefox 2.0.0.15Mozilla Firefox 1.0Mozilla Firefox 1.5.0.7
4.3
CVSSv2
CVE-2007-5960
Mozilla Firefox prior to 2.0.0.10 and SeaMonkey prior to 1.1.7 sets the Referer header to the window or frame in which script is running, instead of the address of the content that initiated the script, which allows remote malicious users to spoof HTTP Referer headers and bypass ...
Mozilla Firefox 0.8Mozilla Firefox 1.5.2Mozilla Firefox 1.5.0.6Mozilla Firefox 1.8Mozilla Firefox 2.0.0.2Mozilla Firefox 1.5.0.10Mozilla Firefox 1.5.0.3Mozilla Firefox 1.5.0.11Mozilla Firefox 1.5.4Mozilla Firefox 1.0.2Mozilla Firefox 1.5Mozilla Firefox 0.9.1Mozilla Firefox 1.0.4Mozilla Firefox 2.0.0.7Mozilla Firefox 1.0.7Mozilla Firefox 2.0.0.9Mozilla Firefox 0.10.1Mozilla Firefox 0.9Mozilla Firefox 1.5.6Mozilla Firefox 1.0Mozilla Firefox 1.5.0.7Mozilla Firefox 2.0
9.3
CVSSv2
CVE-2006-1737
Integer overflow in Mozilla Firefox and Thunderbird 1.x prior to 1.5 and 1.0.x prior to 1.0.8, Mozilla Suite prior to 1.7.13, and SeaMonkey prior to 1.0 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary bytecode via JavaScript with ...
Mozilla Firefox 1.0Mozilla Firefox 1.0.1Mozilla Firefox 1.5Mozilla Mozilla Suite 1.7.8Mozilla Seamonkey 1.0Mozilla Thunderbird 1.0.5Mozilla Thunderbird 1.0.6Mozilla Firefox 1.0.2Mozilla Firefox 1.0.3Mozilla Mozilla Suite 1.7.10Mozilla Thunderbird 1.0Mozilla Thunderbird 1.0.1Mozilla Thunderbird 1.0.7Mozilla Thunderbird 1.5Mozilla Firefox 1.0.4Mozilla Firefox 1.0.5Mozilla Mozilla Suite 1.7.11Mozilla Mozilla Suite 1.7.12Mozilla Thunderbird 1.0.2Mozilla Thunderbird 1.0.3Mozilla Firefox 1.0.6Mozilla Firefox 1.0.7
5
CVSSv2
CVE-2006-1738
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x prior to 1.5 and 1.0.x prior to 1.0.8, Mozilla Suite prior to 1.7.13, and SeaMonkey prior to 1.0 allows remote malicious users to cause a denial of service (crash) by changing the (1) -moz-grid and (2) -moz-grid-gro...
Mozilla Firefox 1.0.2Mozilla Firefox 1.0.3Mozilla Mozilla Suite 1.7.10Mozilla Mozilla Suite 1.7.11Mozilla Mozilla Suite 1.7.12Mozilla Thunderbird 1.0.1Mozilla Thunderbird 1.0.2Mozilla Thunderbird 1.5Mozilla Firefox 1.0.4Mozilla Firefox 1.0.5Mozilla Mozilla Suite 1.7.6Mozilla Mozilla Suite 1.7.7Mozilla Thunderbird 1.0.3Mozilla Thunderbird 1.0.4Mozilla Firefox 1.0.6Mozilla Firefox 1.0.7Mozilla Mozilla Suite 1.7.8Mozilla Seamonkey 1.0Mozilla Thunderbird 1.0.5Mozilla Firefox 1.0Mozilla Firefox 1.0.1Mozilla Firefox 1.5
7.5
CVSSv2
CVE-2008-4059
The XPConnect component in Mozilla Firefox prior to 2.0.0.17 allows remote malicious users to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to a SCRIPT element.
Mozilla Firefox 2.0.0.14Mozilla Firefox 2.0.0.12Mozilla Firefox 1.0.1Mozilla Firefox 1.0Mozilla Firefox 1.0.7Mozilla Firefox 1.0.6Mozilla Firefox 2.0.0.13Mozilla FirefoxMozilla Firefox 1.5.0.12Mozilla Firefox 1.5.0.1Mozilla Firefox 1.5.0.8Mozilla Firefox 1.5.0.9Mozilla Firefox 1.5.7Mozilla Firefox 1.5.6Mozilla Firefox 2.0.0.1Mozilla Firefox 2.0Mozilla Firefox 0.10Mozilla Firefox 0.8Mozilla Firefox 1.0.3Mozilla Firefox 0.9Mozilla Firefox 1.5Mozilla Firefox 1.0.8
4.3
CVSSv2
CVE-2009-3978
The nsGIFDecoder2::GifWrite function in decoders/gif/nsGIFDecoder2.cpp in libpr0n in Mozilla Firefox prior to 3.5.5 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via an animated GIF file with a large image size, a diff...
Mozilla Firefox 0.9Mozilla Firefox 1.0.3Mozilla Firefox 1.0.2Mozilla Firefox 1.0.5Mozilla Firefox 0.2Mozilla Firefox 1.5Mozilla Firefox 2.0.0.10Mozilla Firefox 1.4.1Mozilla Firefox 1.5.0.9Mozilla Firefox 1.5.0.6Mozilla Firefox 1.5.0.7Mozilla Firefox 2.0.0.5Mozilla Firefox 2.0.0.6Mozilla Firefox 3.0Mozilla Firefox 2.0.0.9Mozilla Firefox 0.9.2Mozilla Firefox 1.0Mozilla Firefox 1.0.4Mozilla Firefox 1.0.6Mozilla Firefox 0.4Mozilla Firefox 0.6Mozilla Firefox 1.5.0.5
2.6
CVSSv2
CVE-2008-2933
Mozilla Firefox prior to 2.0.0.16, and 3.x prior to 3.0.1, interprets '|' (pipe) characters in a command-line URI as requests to open multiple tabs, which allows remote malicious users to access chrome:i URIs, or read arbitrary local files via manipulations involving a ...
Mozilla Firefox 0.10.1Mozilla Firefox 0.8Mozilla Firefox 1.0.2Mozilla Firefox 1.0.3Mozilla Firefox 1.0.4Mozilla Firefox 1.5.0.10Mozilla Firefox 1.5.0.11Mozilla Firefox 1.5.0.7Mozilla Firefox 1.5.0.8Mozilla Firefox 1.5.6Mozilla Firefox 1.5.7Mozilla Firefox 1.5.8Mozilla Firefox 2.0.0.13Mozilla Firefox 2.0.0.14Mozilla Firefox 2.0.0.8Mozilla Firefox 2.0.0.9Mozilla Firefox 2.0 8Mozilla Firefox 3.0Mozilla Firefox 0.9.2Mozilla Firefox 0.9.3Mozilla Firefox 1.0.7Mozilla Firefox 1.0.8
5
CVSSv2
CVE-2010-0220
The nsObserverList::FillObserverArray function in xpcom/ds/nsObserverList.cpp in Mozilla Firefox prior to 3.5.7 allows remote malicious users to cause a denial of service (application crash) via a crafted web site that triggers memory consumption and an accompanying Low Memory al...
Mozilla Firefox 0.9Mozilla Firefox 0.9.3Mozilla Firefox 1.0.5Mozilla Firefox 1.0.4Mozilla Firefox 0.3Mozilla Firefox 0.4Mozilla Firefox 1.4.1Mozilla Firefox 1.5.0.4Mozilla Firefox 1.5.0.10Mozilla Firefox 1.5.3Mozilla Firefox 1.5Mozilla Firefox 2.0Mozilla Firefox 2.0.0.1Mozilla Firefox 2.0.0.11Mozilla Firefox 2.0.0.9Mozilla Firefox 2.0.0.8Mozilla Firefox 3.5.5Mozilla Firefox 0.10.1Mozilla Firefox 0.9.1Mozilla Firefox 1.0.3Mozilla Firefox 1.0.2Mozilla Firefox 0.7.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111CVE-2024-32884IDORCVE-2023-1000CVE-2024-33260CVE-2024-3682reflected XSSrace conditionCVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook