Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

mozilla firefox 3.5.5 vulnerabilities and exploits

(subscribe to this query)
890
VMScore
CVE-2010-1122
Unspecified vulnerability in Mozilla Firefox 3.5.x up to and including 3.5.8 allows remote malicious users to cause a denial of service (memory corruption and application crash) and possibly have unknown other impact via vectors that might involve compressed data, a different vul...
Mozilla Firefox 3.5.5Mozilla Firefox 3.5.3Mozilla Firefox 3.5.4Mozilla Firefox 3.5.1Mozilla Firefox 3.5.2Mozilla Firefox 3.5
383
VMScore
CVE-2010-2117
Mozilla Firefox 3.0.19, 3.5.x, and 3.6.x allows remote malicious users to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid (1) news:// or (2) nntp:// URIs.
Mozilla Firefox 3.5.1Mozilla Firefox 3.5.2Mozilla Firefox 3.6Mozilla Firefox 3.5.5Mozilla Firefox 3.5.6Mozilla Firefox 3.5.3Mozilla Firefox 3.5.4Mozilla Firefox 3.0.19Mozilla Firefox 3.5Mozilla Firefox 3.5.7Mozilla Firefox 3.5.9
445
VMScore
CVE-2009-3988
Mozilla Firefox 3.0.x prior to 3.0.18 and 3.5.x prior to 3.5.8, and SeaMonkey prior to 2.0.3, does not properly restrict read access to object properties in showModalDialog, which allows remote malicious users to bypass the Same Origin Policy and conduct cross-site scripting (XSS...
Mozilla Firefox 3.0.14Mozilla Firefox 3.0.2Mozilla Firefox 3.0.15Mozilla FirefoxMozilla Firefox 3.5.6Mozilla Firefox 3.5.7Mozilla Seamonkey 2.0Mozilla Firefox 3.0Mozilla Firefox 3.0.1Mozilla Firefox 3.0.3Mozilla Firefox 3.0.4Mozilla Firefox 3.0.5Mozilla Firefox 3.5Mozilla Firefox 3.5.1Mozilla Firefox 3.0.12Mozilla Firefox 3.0.13Mozilla Firefox 3.0.8Mozilla Firefox 3.0.9Mozilla Firefox 3.5.4Mozilla Firefox 3.5.5Mozilla Firefox 3.0.10Mozilla Firefox 3.0.11
445
VMScore
CVE-2010-1990
Mozilla Firefox 3.6.x, 3.5.x, 3.0.19, and previous versions, and SeaMonkey, executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote malicious users to cause a denial of service (excessive application launches) ...
Mozilla Firefox 3.6.2Mozilla Firefox 3.6.3Mozilla Firefox 3.6.1Mozilla Firefox 3.5.1Mozilla Firefox 3.5.6Mozilla Firefox 3.5.7Mozilla Firefox 3.5.2Mozilla Firefox 3.5.3Mozilla Firefox 3.5.4Mozilla Firefox 3.5.5Mozilla FirefoxMozilla Firefox 3.0.10Mozilla Firefox 3.0.9Mozilla Firefox 3.0.2Mozilla Firefox 3.0.1Mozilla Firefox 3.0.13Mozilla Firefox 3.0.12Mozilla Firefox 3.0.11Mozilla Firefox 3.0.4Mozilla Firefox 3.0.3Mozilla Firefox 3.0.17Mozilla Firefox 3.0.16
383
VMScore
CVE-2009-3978
The nsGIFDecoder2::GifWrite function in decoders/gif/nsGIFDecoder2.cpp in libpr0n in Mozilla Firefox prior to 3.5.5 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via an animated GIF file with a large image size, a diff...
Mozilla Firefox 0.9Mozilla Firefox 1.0.3Mozilla Firefox 1.0.2Mozilla Firefox 1.0.5Mozilla Firefox 0.2Mozilla Firefox 1.5Mozilla Firefox 2.0.0.10Mozilla Firefox 1.4.1Mozilla Firefox 1.5.0.9Mozilla Firefox 1.5.0.6Mozilla Firefox 1.5.0.7Mozilla Firefox 2.0.0.5Mozilla Firefox 2.0.0.6Mozilla Firefox 3.0Mozilla Firefox 2.0.0.9Mozilla Firefox 0.9.2Mozilla Firefox 1.0Mozilla Firefox 1.0.4Mozilla Firefox 1.0.6Mozilla Firefox 0.4Mozilla Firefox 0.6Mozilla Firefox 1.5.0.5
445
VMScore
CVE-2010-0220
The nsObserverList::FillObserverArray function in xpcom/ds/nsObserverList.cpp in Mozilla Firefox prior to 3.5.7 allows remote malicious users to cause a denial of service (application crash) via a crafted web site that triggers memory consumption and an accompanying Low Memory al...
Mozilla Firefox 0.9Mozilla Firefox 0.9.3Mozilla Firefox 1.0.5Mozilla Firefox 1.0.4Mozilla Firefox 0.3Mozilla Firefox 0.4Mozilla Firefox 1.4.1Mozilla Firefox 1.5.0.4Mozilla Firefox 1.5.0.10Mozilla Firefox 1.5.3Mozilla Firefox 1.5Mozilla Firefox 2.0Mozilla Firefox 2.0.0.1Mozilla Firefox 2.0.0.11Mozilla Firefox 2.0.0.9Mozilla Firefox 2.0.0.8Mozilla Firefox 3.5.5Mozilla Firefox 0.10.1Mozilla Firefox 0.9.1Mozilla Firefox 1.0.3Mozilla Firefox 1.0.2Mozilla Firefox 0.7.1
383
VMScore
CVE-2010-0648
Mozilla Firefox, possibly prior to 3.6, allows remote malicious users to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.style...
Mozilla FirefoxMozilla Firefox 3.5.6Mozilla Firefox 3.5.5Mozilla Firefox 3.0.8Mozilla Firefox 3.0.7Mozilla Firefox 3.0.14Mozilla Firefox 3.0.13Mozilla Firefox 2.0.0.18Mozilla Firefox 2.0.0.17Mozilla Firefox 2.0.0.10Mozilla Firefox 2.0.0.9Mozilla Firefox 3.5.4Mozilla Firefox 3.5.3Mozilla Firefox 3.0.6Mozilla Firefox 3.0.5Mozilla Firefox 3.0.12Mozilla Firefox 3.0.11Mozilla Firefox 2.0.0.16Mozilla Firefox 2.0.0.15Mozilla Firefox 2.0.0.8Mozilla Firefox 2.0.0.7Mozilla Firefox 2.0
950
VMScore
CVE-2010-3765
Mozilla Firefox 3.5.x up to and including 3.5.14 and 3.6.x up to and including 3.6.11, Thunderbird 3.1.6 prior to 3.1.6 and 3.0.x prior to 3.0.10, and SeaMonkey 2.x prior to 2.0.10, when JavaScript is enabled, allows remote malicious users to execute arbitrary code via vectors re...
Mozilla Firefox 3.5.5Mozilla Firefox 3.5.4Mozilla Firefox 3.5.1Mozilla Firefox 3.5Mozilla Firefox 3.5.7Mozilla Firefox 3.5.6Mozilla Firefox 3.5.12Mozilla Firefox 3.5.11Mozilla Firefox 3.5.10Mozilla Firefox 3.5.9Mozilla Firefox 3.5.8Mozilla Firefox 3.5.14Mozilla Firefox 3.5.13Mozilla Firefox 3.5.3Mozilla Firefox 3.5.2Mozilla Firefox 3.6.4Mozilla Firefox 3.6.6Mozilla Firefox 3.6.2Mozilla Firefox 3.6.3Mozilla Firefox 3.6.10Mozilla Firefox 3.6.11Mozilla Firefox 3.6.9
516
VMScore
CVE-2008-7293
Mozilla Firefox prior to 4 cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle malicious users to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Tran...
Mozilla Firefox 3.5.6Mozilla Firefox 3.5.10Mozilla Firefox 3.0.16Mozilla Firefox 3.0.14Mozilla Firefox 3.0.7Mozilla Firefox 3.0.5Mozilla Firefox 2.0.0.12Mozilla Firefox 2.0.0.20Mozilla Firefox 2.0.0.16Mozilla Firefox 2.0.0.15Mozilla Firefox 2.0.0.7Mozilla Firefox 2.0.0.4Mozilla Firefox 2.0.0.2Mozilla Firefox 1.5.0.11Mozilla Firefox 1.5.0.1Mozilla Firefox 1.5.1Mozilla Firefox 1.5.0.8Mozilla Firefox 1.5.0.6Mozilla Firefox 1.5.6Mozilla Firefox 1.0.1Mozilla Firefox 1.0.6Mozilla Firefox 1.0
445
VMScore
CVE-2011-2370
Mozilla Firefox prior to 5.0 does not properly enforce the whitelist for the xpinstall functionality, which allows remote malicious users to trigger an installation dialog for a (1) add-on or (2) theme via unspecified vectors.
Mozilla Firefox 3.5.1Mozilla Firefox 3.5.10Mozilla Firefox 3.5.9Mozilla Firefox 3.5.2Mozilla Firefox 3.5.3Mozilla Firefox 3.5.8Mozilla Firefox 3.5Mozilla Firefox 3.0.10Mozilla Firefox 3.0.9Mozilla Firefox 3.0.2Mozilla Firefox 3.0.1Mozilla Firefox 2.0.0.9Mozilla Firefox 2.0.0.17Mozilla Firefox 2.0.0.18Mozilla Firefox 2.0.0.6Mozilla Firefox 1.5.0.4Mozilla Firefox 1.5.0.5Mozilla Firefox 1.5.0.10Mozilla Firefox 1.5.3Mozilla Firefox 1.5Mozilla Firefox 1.5.8Mozilla Firefox 1.0.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook