Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

mozilla firefox 43.0 vulnerabilities and exploits

(subscribe to this query)
4.7
CVSSv3
CVE-2016-1947
Mozilla Firefox 43.x mishandles attempts to connect to the Application Reputation service, which makes it easier for remote malicious users to trigger an unintended download by leveraging the absence of reputation data.
Canonical Ubuntu Linux 15.04Canonical Ubuntu Linux 15.10Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 14.04Opensuse Leap 42.1Opensuse Opensuse 13.2Opensuse Opensuse 13.1Mozilla Firefox 43.0Mozilla Firefox 43.0.4Mozilla Firefox 43.0.3Mozilla Firefox 43.0.2Mozilla Firefox 43.0.1
NA
CVE-2015-7207
Mozilla Firefox prior to 43.0 does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote malicious users to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that leverages history.back and perform...
Mozilla FirefoxOpensuse Leap 42.1Opensuse Opensuse 13.2Opensuse Opensuse 13.1Fedoraproject Fedora 22Fedoraproject Fedora 23
NA
CVE-2015-7208
Mozilla Firefox prior to 43.0 stores cookies containing vertical tab characters, which allows remote malicious users to obtain sensitive information by reading HTTP Cookie headers.
Mozilla FirefoxFedoraproject Fedora 23Fedoraproject Fedora 22Opensuse Leap 42.1Opensuse Opensuse 13.2Opensuse Opensuse 13.1
NA
CVE-2015-7202
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 43.0 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Mozilla FirefoxOpensuse Leap 42.1Opensuse Opensuse 13.2Opensuse Opensuse 13.1Fedoraproject Fedora 23Fedoraproject Fedora 22
NA
CVE-2015-7217
The gdk-pixbuf configuration in Mozilla Firefox prior to 43.0 on Linux GNOME platforms incorrectly enables the TGA decoder, which allows remote malicious users to cause a denial of service (heap-based buffer overflow) via a crafted Truevision TGA image.
Mozilla FirefoxOpensuse Opensuse 13.1Opensuse Opensuse 13.2Opensuse Leap 42.1Fedoraproject Fedora 23Fedoraproject Fedora 22
NA
CVE-2015-7218
The HTTP/2 implementation in Mozilla Firefox prior to 43.0 allows remote malicious users to cause a denial of service (integer underflow, assertion failure, and application exit) via a single-byte header frame that triggers incorrect memory allocation.
Opensuse Leap 42.1Opensuse Opensuse 13.2Opensuse Opensuse 13.1Fedoraproject Fedora 23Fedoraproject Fedora 22Mozilla Firefox
NA
CVE-2015-7219
The HTTP/2 implementation in Mozilla Firefox prior to 43.0 allows remote malicious users to cause a denial of service (integer underflow, assertion failure, and application exit) via a malformed PushPromise frame that triggers decompressed-buffer length miscalculation and incorre...
Opensuse Opensuse 13.2Opensuse Opensuse 13.1Opensuse Leap 42.1Mozilla FirefoxFedoraproject Fedora 22Fedoraproject Fedora 23
NA
CVE-2015-7221
Buffer overflow in the nsDeque::GrowCapacity function in xpcom/glue/nsDeque.cpp in Mozilla Firefox prior to 43.0 might allow remote malicious users to cause a denial of service or possibly have unspecified other impact by triggering a deque size change.
Mozilla FirefoxFedoraproject Fedora 22Fedoraproject Fedora 23Opensuse Leap 42.1Opensuse Opensuse 13.2Opensuse Opensuse 13.1
NA
CVE-2015-7223
The WebExtension APIs in Mozilla Firefox prior to 43.0 allow remote malicious users to gain privileges, and possibly obtain sensitive information or conduct cross-site scripting (XSS) attacks, via a crafted web site.
Fedoraproject Fedora 23Fedoraproject Fedora 22Mozilla FirefoxOpensuse Leap 42.1Opensuse Opensuse 13.2Opensuse Opensuse 13.1
NA
CVE-2015-7203
Buffer overflow in the DirectWriteFontInfo::LoadFontFamilyData function in gfx/thebes/gfxDWriteFontList.cpp in Mozilla Firefox prior to 43.0 might allow remote malicious users to cause a denial of service or possibly have unspecified other impact via a crafted font-family name.
Mozilla FirefoxFedoraproject Fedora 23Fedoraproject Fedora 22Opensuse Opensuse 13.2Opensuse Opensuse 13.1Opensuse Leap 42.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661open redirectCVE-2024-25512CVE-2024-33788command injectionSSTICVE-2024-0043CVE-2024-29210CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook