Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

mozilla firefox 25.0 vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2013-5592
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 25.0 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Mozilla Firefox 20.0.1Mozilla Firefox 20.0Mozilla Firefox 19.0.2Mozilla Firefox 19.0.1Mozilla Firefox 19.0Mozilla FirefoxMozilla Firefox 23.0.1Mozilla Firefox 23.0Mozilla Firefox 22.0Mozilla Firefox 21.0
NA
CVE-2013-5591
Unspecified vulnerability in the browser engine in Mozilla Firefox prior to 25.0, Firefox ESR 24.x prior to 24.1, Thunderbird prior to 24.1, and SeaMonkey prior to 2.22 allows remote malicious users to cause a denial of service (memory corruption and application crash) or possibl...
Mozilla Firefox 19.0Mozilla Firefox 22.0Mozilla FirefoxMozilla Firefox 20.0Mozilla Firefox 23.0.1Mozilla Firefox 21.0Mozilla Firefox 20.0.1Mozilla Firefox 19.0.2Mozilla Firefox 19.0.1Mozilla Firefox 23.0Mozilla Thunderbird 24.0Mozilla ThunderbirdMozilla Thunderbird 17.0.7Mozilla Thunderbird 17.0.8Mozilla Thunderbird 17.0.3Mozilla Thunderbird 17.0.4Mozilla Thunderbird 17.0Mozilla Thunderbird 17.0.1Mozilla Thunderbird 17.0.2Mozilla Thunderbird Esr 17.0.9Mozilla Thunderbird 17.0.5Mozilla Thunderbird 17.0.6
NA
CVE-2013-5590
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 25.0, Firefox ESR 17.x prior to 17.0.10 and 24.x prior to 24.1, Thunderbird prior to 24.1, Thunderbird ESR 17.x prior to 17.0.10, and SeaMonkey prior to 2.22 allow remote malicious users to cau...
Mozilla Seamonkey 2.14Mozilla Seamonkey 2.13Mozilla Seamonkey 2.12Mozilla Seamonkey 2.11Mozilla Seamonkey 2.1Mozilla Seamonkey 2.0.9Mozilla Seamonkey 2.0.8Mozilla Seamonkey 2.0.14Mozilla Seamonkey 2.0.13Mozilla Seamonkey 2.0Mozilla Seamonkey 2.20Mozilla Seamonkey 2.19Mozilla Seamonkey 2.17.1Mozilla Seamonkey 2.17Mozilla Seamonkey 2.16Mozilla Seamonkey 2.15Mozilla Seamonkey 2.21Mozilla Seamonkey 2.10.1Mozilla Seamonkey 2.0.7Mozilla Seamonkey 2.0.6Mozilla Seamonkey 2.0.12Mozilla Seamonkey 2.0.11
NA
CVE-2013-5598
PDF.js in Mozilla Firefox prior to 25.0 and Firefox ESR 24.x prior to 24.1 does not properly handle the appending of an IFRAME element, which allows remote malicious users to read arbitrary files or execute arbitrary JavaScript code with chrome privileges by using this element wi...
Mozilla Firefox Esr 24.0.1Mozilla Firefox Esr 24.0.2Mozilla Firefox Esr 24.0Mozilla Firefox 21.0Mozilla Firefox 20.0.1Mozilla Firefox 19.0.2Mozilla Firefox 19.0.1Mozilla Firefox 23.0Mozilla Firefox 19.0Mozilla Firefox 22.0Mozilla FirefoxMozilla Firefox 20.0Mozilla Firefox 23.0.1
NA
CVE-2015-0819
The UITour::onPageEvent function in Mozilla Firefox prior to 36.0 does not ensure that an API call originates from a foreground tab, which allows remote malicious users to conduct spoofing and clickjacking attacks by leveraging access to a UI Tour web site.
Mozilla Firefox 30.0Mozilla Firefox 3.6.9Mozilla Firefox 3.6.8Mozilla Firefox 3.6.26Mozilla Firefox 3.6.25Mozilla Firefox 3.6.19Mozilla Firefox 3.6.18Mozilla Firefox 3.6.10Mozilla Firefox 3.6Mozilla Firefox 3.5.3Mozilla Firefox 3.5.2Mozilla Firefox 3.5.13Mozilla Firefox 3.5.12Mozilla Firefox 3.0.6Mozilla Firefox 3.0.5Mozilla Firefox 3.0.16Mozilla Firefox 3.0.15Mozilla Firefox 3.0Mozilla Firefox 29.0.1Mozilla Firefox 24.1.1Mozilla Firefox 24.1Mozilla Firefox 20.0
NA
CVE-2015-0820
Mozilla Firefox prior to 36.0 does not properly restrict transitions of JavaScript objects from a non-extensible state to an extensible state, which allows remote malicious users to bypass a Caja Compiler sandbox protection mechanism or a Secure EcmaScript sandbox protection mech...
Opensuse Opensuse 13.2Opensuse Opensuse 13.1Mozilla Firefox 30.0Mozilla Firefox 3.6.9Mozilla Firefox 3.6.27Mozilla Firefox 3.6.26Mozilla Firefox 3.6.19Mozilla Firefox 3.6.18Mozilla Firefox 3.6.11Mozilla Firefox 3.6.10Mozilla Firefox 3.5.4Mozilla Firefox 3.5.3Mozilla Firefox 3.5.13Mozilla Firefox 3.5.12Mozilla Firefox 3.0.7Mozilla Firefox 3.0.6Mozilla Firefox 3.0.17Mozilla Firefox 3.0.16Mozilla Firefox 3.0Mozilla Firefox 29.0.1Mozilla Firefox 25.0Mozilla Firefox 24.1.1
NA
CVE-2015-0821
Mozilla Firefox prior to 36.0 allows user-assisted remote malicious users to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions.
Mozilla Firefox 32.0Mozilla Firefox 31.1.0Mozilla Firefox 3.6.4Mozilla Firefox 3.6.3Mozilla Firefox 3.6.21Mozilla Firefox 3.6.20Mozilla Firefox 3.6.14Mozilla Firefox 3.6.13Mozilla Firefox 3.5.7Mozilla Firefox 3.5.6Mozilla Firefox 3.5.16Mozilla Firefox 3.5.15Mozilla Firefox 3.5Mozilla Firefox 3.0.9Mozilla Firefox 3.0.2Mozilla Firefox 3.0.19Mozilla Firefox 3.0.11Mozilla Firefox 3.0.10Mozilla Firefox 27.0Mozilla Firefox 26.0Mozilla Firefox 23.0Mozilla Firefox 22.0
NA
CVE-2015-0824
The mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox prior to 36.0 allows remote malicious users to cause a denial of service (out-of-bounds write of zero values, and application crash) via vectors that trigger use of DrawTarget and the Cairo l...
Opensuse Opensuse 13.2Opensuse Opensuse 13.1Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 14.10Mozilla Firefox 32.0Mozilla Firefox 31.1.0Mozilla Firefox 3.6.4Mozilla Firefox 3.6.3Mozilla Firefox 3.6.22Mozilla Firefox 3.6.21Mozilla Firefox 3.6.14Mozilla Firefox 3.6.13Mozilla Firefox 3.5.7Mozilla Firefox 3.5.6Mozilla Firefox 3.5.17Mozilla Firefox 3.5.16Mozilla Firefox 3.5.15Mozilla Firefox 3.5Mozilla Firefox 3.0.9Mozilla Firefox 3.0.2Mozilla Firefox 3.0.19
NA
CVE-2015-0825
Stack-based buffer underflow in the mozilla::MP3FrameParser::ParseBuffer function in Mozilla Firefox prior to 36.0 allows remote malicious users to obtain sensitive information from process memory via a malformed MP3 file that improperly interacts with memory allocation during pl...
Canonical Ubuntu Linux 14.10Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 12.04Opensuse Opensuse 13.1Opensuse Opensuse 13.2Mozilla FirefoxMozilla Firefox 34.0.5Mozilla Firefox 3.6.8Mozilla Firefox 3.6.7Mozilla Firefox 3.6.24Mozilla Firefox 3.6.23Mozilla Firefox 3.6.17Mozilla Firefox 3.6.16Mozilla Firefox 3.6Mozilla Firefox 3.5.9Mozilla Firefox 3.5.19Mozilla Firefox 3.5.18Mozilla Firefox 3.5.11Mozilla Firefox 3.5.10Mozilla Firefox 3.0.5Mozilla Firefox 3.0.4Mozilla Firefox 3.0.14
NA
CVE-2015-0826
The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox prior to 36.0 allows remote malicious users to execute arbitrary code or cause a denial of service (out-of-bounds read of heap memory) via a crafted Cascading Style Sheets (CSS) token sequence that triggers a...
Mozilla Firefox 34.0.5Mozilla Firefox 33.0Mozilla Firefox 3.6.7Mozilla Firefox 3.6.6Mozilla Firefox 3.6.23Mozilla Firefox 3.6.22Mozilla Firefox 3.6.16Mozilla Firefox 3.6.15Mozilla Firefox 3.5.9Mozilla Firefox 3.5.8Mozilla Firefox 3.5.18Mozilla Firefox 3.5.17Mozilla Firefox 3.5.10Mozilla Firefox 3.5.1Mozilla FirefoxMozilla Firefox 3.6.9Mozilla Firefox 3.6.8Mozilla Firefox 3.6.26Mozilla Firefox 3.6.25Mozilla Firefox 3.6.24Mozilla Firefox 3.6.18Mozilla Firefox 3.6.17
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook