Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

mozilla firefox 1.8 vulnerabilities and exploits

(subscribe to this query)

NA
CVE-2007-1116
The CheckLoadURI function in Mozilla Firefox 1.8 lists the about: URI as a ChromeProtocol and can be loaded via JavaScript, which allows remote attackers to obtain sensitive information by querying the browser's session history....
Mozilla Firefox 1.8
NA
CVE-2007-3656
Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not perform a security zone check when processing a wyciwyg URI, which allows remote attackers to obtain sensitive information, poison the browser cache, and possibly enable further attack vectors via (1) HTTP 302...
Mozilla Firefox 1.0Mozilla Firefox 1.0.1Mozilla Firefox 1.0.8Mozilla Firefox 1.5Mozilla Firefox 1.5.0.5Mozilla Firefox 1.5.0.6Mozilla Firefox 1.0.2Mozilla Firefox 1.0.3Mozilla Firefox 1.5.0.1Mozilla Firefox 1.5.0.10Mozilla Firefox 1.5.0.11Mozilla Firefox 1.0.6Mozilla Firefox 1.0.7Mozilla Firefox 1.5.0.3Mozilla Firefox 1.5.0.4Mozilla Firefox 1.5.2Mozilla Firefox 1.5.3Mozilla Firefox 1.5.0.7Mozilla Firefox 1.5.0.8Mozilla Firefox 1.5.6Mozilla Firefox 1.5.7Mozilla Firefox 1.5.4Mozilla Firefox 1.5.5Mozilla Firefox 1.0.4Mozilla Firefox 1.0.5Mozilla Firefox 1.5.0.12Mozilla Firefox 1.5.0.2Mozilla Firefox 1.5.0.9Mozilla Firefox 1.5.1Mozilla Firefox 1.5.8Mozilla Firefox 1.8
NA
CVE-2008-3836
feedWriter in Mozilla Firefox before 2.0.0.17 allows remote attackers to execute scripts with chrome privileges via vectors related to feed preview and the (1) elem.doCommand, (2) elem.dispatchEvent, (3) _setTitleText, (4) _setTitleImage, and (5) _initSubscriptionUI functions....
Mozilla Firefox 0.9 RcMozilla Firefox 0.8Mozilla Firefox 2.0.0.12Mozilla Firefox 1.5Mozilla Firefox 1.5.2Mozilla Firefox 1.5.0.6Mozilla Firefox 1.8Mozilla Firefox 1.5.0.10Mozilla Firefox 1.5.0.3Mozilla Firefox 1.5.0.11Mozilla FirefoxMozilla Firefox 1.5.4Mozilla Firefox 1.0.2Mozilla Firefox 0.9.1Mozilla Firefox 1.0.4Mozilla Firefox 1.0.7Mozilla Firefox 0.10.1Mozilla Firefox 0.9Mozilla Firefox 1.5.6Mozilla Firefox 2.0.0.15Mozilla Firefox 1.0Mozilla Firefox 1.5.0.7Mozilla Firefox 2.0Mozilla Firefox 1.0.1Mozilla Firefox 2.0.0.14Mozilla Firefox 1.5.0.8Mozilla Firefox 1.5.0.9Mozilla Firefox 1.5.0.5Mozilla Firefox 1.5.7Mozilla Firefox 1.5.0.12Mozilla Firefox 2.0.0.11Mozilla Firefox 1.5.0.2Mozilla Firefox 1.0.3Mozilla Firefox 1.5.1Mozilla Firefox 0.9.3Mozilla Firefox 2.0.0.13Mozilla Firefox 2.0.0.1Mozilla Firefox 1.5.5Mozilla Firefox 0.9.2Mozilla Firefox 1.5.8Mozilla Firefox 1.5.3Mozilla Firefox 1.5.0.4Mozilla Firefox 1.5.0.1Mozilla Firefox 0.10Mozilla Firefox 1.0.5Mozilla Firefox 2.0.0.10Mozilla Firefox 1.0.6Mozilla Firefox 1.0.8
NA
CVE-2007-5960
Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 sets the Referer header to the window or frame in which script is running, instead of the address of the content that initiated the script, which allows remote attackers to spoof HTTP Referer headers and bypass...
Mozilla Firefox 0.8Mozilla Firefox 1.5.2Mozilla Firefox 1.5.0.6Mozilla Firefox 1.8Mozilla Firefox 2.0.0.2Mozilla Firefox 1.5.0.10Mozilla Firefox 1.5.0.3Mozilla Firefox 1.5.0.11Mozilla Firefox 1.5.4Mozilla Firefox 1.0.2Mozilla Firefox 1.5Mozilla Firefox 0.9.1Mozilla Firefox 1.0.4Mozilla Firefox 2.0.0.7Mozilla Firefox 1.0.7Mozilla Firefox 2.0.0.9Mozilla Firefox 0.10.1Mozilla Firefox 0.9Mozilla Firefox 1.5.6Mozilla Firefox 1.0Mozilla Firefox 1.5.0.7Mozilla Firefox 2.0Mozilla Firefox 1.0.1Mozilla Firefox 1.5.0.8Mozilla Firefox 2.0.0.3Mozilla Firefox 1.5.0.9Mozilla Firefox 1.5.0.5Mozilla Firefox 1.5.7Mozilla Firefox 1.5.0.12Mozilla Firefox 2.0.0.6Mozilla Firefox 1.5.0.2Mozilla Firefox 1.0.3Mozilla Firefox 2.0.0.4Mozilla Firefox 1.5.1Mozilla Firefox 0.9.3Mozilla Firefox 2.0.0.1Mozilla Firefox 1.5.5Mozilla Firefox 0.9.2Mozilla Firefox 2.0.0.8Mozilla Firefox 1.5.8Mozilla Firefox 1.5.3Mozilla Firefox 1.5.0.4Mozilla Firefox 1.5.0.1Mozilla Firefox 0.10Mozilla Firefox 1.0.5Mozilla Firefox 2.0.0.5Mozilla Firefox 1.0.6Mozilla Firefox 1.0.8Mozilla Seamonkey
NA
CVE-2008-4059
The XPConnect component in Mozilla Firefox before 2.0.0.17 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to a SCRIPT element....
Mozilla Firefox 2.0.0.14Mozilla Firefox 2.0.0.12Mozilla Firefox 1.0.1Mozilla Firefox 1.0Mozilla Firefox 1.0.7Mozilla Firefox 1.0.6Mozilla Firefox 2.0.0.13Mozilla FirefoxMozilla Firefox 1.5.0.12Mozilla Firefox 1.5.0.1Mozilla Firefox 1.5.0.8Mozilla Firefox 1.5.0.9Mozilla Firefox 1.5.7Mozilla Firefox 1.5.6Mozilla Firefox 2.0.0.1Mozilla Firefox 2.0Mozilla Firefox 0.10Mozilla Firefox 0.8Mozilla Firefox 1.0.3Mozilla Firefox 0.9Mozilla Firefox 1.5Mozilla Firefox 1.0.8Mozilla Firefox 1.5.0.4Mozilla Firefox 1.5.0.5Mozilla Firefox 1.5.0.2Mozilla Firefox 1.5.0.10Mozilla Firefox 1.5.0.6Mozilla Firefox 1.5.0.7Mozilla Firefox 1.5.5Mozilla Firefox 2.0.0.6Mozilla Firefox 2.0.0.5Mozilla Firefox 0.9.3Mozilla Firefox 0.9.2Mozilla Firefox 2.0.0.8Mozilla Firefox 1.0.4Mozilla Firefox 2.0.0.11Mozilla Firefox 2.0.0.15Mozilla Firefox 1.5.0.11Mozilla Firefox 2.0.0.7Mozilla Firefox 1.5.1Mozilla Firefox 1.5.2Mozilla Firefox 1.8Mozilla Firefox 1.5.8Mozilla Firefox 0.9 RcMozilla Firefox 2.0.0.2Mozilla Firefox 0.10.1Mozilla Firefox 0.9.1Mozilla Firefox 1.0.2Mozilla Firefox 1.0.5Mozilla Firefox 2.0.0.10Mozilla Firefox 2.0.0.16Mozilla Firefox 1.5.0.3Mozilla Firefox 1.5.3Mozilla Firefox 1.5.4Mozilla Firefox 2.0.0.4Mozilla Firefox 2.0.0.3Mozilla Firefox 2.0.0.9
NA
CVE-2009-3978
The nsGIFDecoder2::GifWrite function in decoders/gif/nsGIFDecoder2.cpp in libpr0n in Mozilla Firefox before 3.5.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an animated GIF file with a large image size, a different...
Mozilla Firefox 0.9Mozilla Firefox 1.0.3Mozilla Firefox 1.0.2Mozilla Firefox 1.0.5Mozilla Firefox 0.2Mozilla Firefox 1.5Mozilla Firefox 2.0.0.10Mozilla Firefox 1.4.1Mozilla Firefox 1.5.0.9Mozilla Firefox 1.5.0.6Mozilla Firefox 1.5.0.7Mozilla Firefox 2.0.0.5Mozilla Firefox 2.0.0.6Mozilla Firefox 3.0Mozilla Firefox 2.0.0.9Mozilla Firefox 0.9.2Mozilla Firefox 1.0Mozilla Firefox 1.0.4Mozilla Firefox 1.0.6Mozilla Firefox 0.4Mozilla Firefox 0.6Mozilla Firefox 1.5.0.5Mozilla Firefox 1.5.0.3Mozilla Firefox 1.5.3Mozilla Firefox 1.5.1Mozilla Firefox 1.5.0.8Mozilla Firefox 2.0Mozilla Firefox 1.5.8Mozilla Firefox 2.0.0.2Mozilla Firefox 2.0.0.4Mozilla Firefox 2.0.0.8Mozilla Firefox 3.5Mozilla Firefox 3.5.3Mozilla Firefox 0.8Mozilla Firefox 0.10.1Mozilla Firefox 0.9.1Mozilla Firefox 0.6.1Mozilla Firefox 0.7Mozilla Firefox 0.7.1Mozilla Firefox 0.3Mozilla Firefox 1.5.0.11Mozilla Firefox 1.5.0.12Mozilla Firefox 1.5.0.1Mozilla Firefox 1.5.0.10Mozilla Firefox 1.5.6Mozilla Firefox 1.5.5Mozilla Firefox 2.0.0.1Mozilla Firefox 3.5.2Mozilla FirefoxMozilla Firefox 0.10Mozilla Firefox 0.9.3Mozilla Firefox 1.0.1Mozilla Firefox 1.0.7Mozilla Firefox 1.0.8Mozilla Firefox 0.5Mozilla Firefox 0.1Mozilla Firefox 1.5.0.4Mozilla Firefox 1.5.0.2Mozilla Firefox 1.5.4Mozilla Firefox 1.5.2Mozilla Firefox 1.8Mozilla Firefox 1.5.7Mozilla Firefox 2.0.0.11Mozilla Firefox 2.0.0.3Mozilla Firefox 2.0.0.7Mozilla Firefox 3.0.5
NA
CVE-2010-0220
The nsObserverList::FillObserverArray function in xpcom/ds/nsObserverList.cpp in Mozilla Firefox before 3.5.7 allows remote attackers to cause a denial of service (application crash) via a crafted web site that triggers memory consumption and an accompanying Low Memory alert...
Mozilla Firefox 0.9Mozilla Firefox 0.9.3Mozilla Firefox 1.0.5Mozilla Firefox 1.0.4Mozilla Firefox 0.3Mozilla Firefox 0.4Mozilla Firefox 1.4.1Mozilla Firefox 1.5.0.4Mozilla Firefox 1.5.0.10Mozilla Firefox 1.5.3Mozilla Firefox 1.5Mozilla Firefox 2.0Mozilla Firefox 2.0.0.1Mozilla Firefox 2.0.0.11Mozilla Firefox 2.0.0.9Mozilla Firefox 2.0.0.8Mozilla Firefox 3.5.5Mozilla Firefox 0.10.1Mozilla Firefox 0.9.1Mozilla Firefox 1.0.3Mozilla Firefox 1.0.2Mozilla Firefox 0.7.1Mozilla Firefox 1.0Mozilla Firefox 2.0.0.10Mozilla Firefox 1.5.0.12Mozilla Firefox 1.5.0.1Mozilla Firefox 1.5.0.6Mozilla Firefox 1.5.0.7Mozilla Firefox 1.5.5Mozilla Firefox 2.0.0.6Mozilla Firefox 3.0Mozilla Firefox 0.9.2Mozilla Firefox 1.0.1Mozilla Firefox 1.0.7Mozilla Firefox 1.0.6Mozilla Firefox 0.5Mozilla Firefox 0.6Mozilla Firefox 1.5.0.5Mozilla Firefox 1.5.0.2Mozilla Firefox 1.5.4Mozilla Firefox 1.5.1Mozilla Firefox 1.5.2Mozilla Firefox 1.8Mozilla Firefox 1.5.8Mozilla Firefox 2.0.0.2Mozilla Firefox 2.0.0.3Mozilla Firefox 2.0.0.7Mozilla Firefox 3.5Mozilla Firefox 3.0.5Mozilla Firefox 3.5.4Mozilla FirefoxMozilla Firefox 0.10Mozilla Firefox 0.8Mozilla Firefox 1.0.8Mozilla Firefox 0.6.1Mozilla Firefox 0.7Mozilla Firefox 0.1Mozilla Firefox 0.2Mozilla Firefox 1.5.0.3Mozilla Firefox 1.5.0.11Mozilla Firefox 1.5.0.8Mozilla Firefox 1.5.0.9Mozilla Firefox 1.5.7Mozilla Firefox 1.5.6Mozilla Firefox 2.0.0.4Mozilla Firefox 2.0.0.5Mozilla Firefox 3.5.3Mozilla Firefox 3.5.2
NA
CVE-2008-2933
Mozilla Firefox before 2.0.0.16, and 3.x before 3.0.1, interprets '|' (pipe) characters in a command-line URI as requests to open multiple tabs, which allows remote attackers to access chrome:i URIs, or read arbitrary local files via manipulations involving a series of...
Mozilla Firefox 0.10.1Mozilla Firefox 0.8Mozilla Firefox 1.0.2Mozilla Firefox 1.0.3Mozilla Firefox 1.0.4Mozilla Firefox 1.5.0.10Mozilla Firefox 1.5.0.11Mozilla Firefox 1.5.0.7Mozilla Firefox 1.5.0.8Mozilla Firefox 1.5.6Mozilla Firefox 1.5.7Mozilla Firefox 1.5.8Mozilla Firefox 2.0.0.13Mozilla Firefox 2.0.0.14Mozilla Firefox 2.0.0.8Mozilla Firefox 2.0.0.9Mozilla Firefox 2.0 8Mozilla Firefox 3.0Mozilla Firefox 0.9.2Mozilla Firefox 0.9.3Mozilla Firefox 1.0.7Mozilla Firefox 1.0.8Mozilla Firefox 1.5.0.3Mozilla Firefox 1.5.0.4Mozilla Firefox 1.5.2Mozilla Firefox 1.5.3Mozilla Firefox 2.0.0.1Mozilla Firefox 2.0.0.10Mozilla Firefox 2.0.0.4Mozilla Firefox 2.0.0.5Mozilla Firefox 2.0 .4Mozilla Firefox 2.0 .5Mozilla Firefox 0.10Mozilla Firefox 1.0Mozilla Firefox 1.0.1Mozilla Firefox 1.5Mozilla Firefox 1.5.0.1Mozilla Firefox 1.5.0.5Mozilla Firefox 1.5.0.6Mozilla Firefox 1.5.4Mozilla Firefox 1.5.5Mozilla Firefox 2.0.0.11Mozilla Firefox 2.0.0.12Mozilla Firefox 2.0.0.6Mozilla Firefox 2.0.0.7Mozilla Firefox 2.0 .6Mozilla Firefox 2.0 .7Mozilla Firefox 2.0 .9Mozilla Firefox 0.9Mozilla Firefox 0.9.1Mozilla Firefox 1.0.5Mozilla Firefox 1.0.6Mozilla Firefox 1.5.0.12Mozilla Firefox 1.5.0.2Mozilla Firefox 1.5.0.9Mozilla Firefox 1.5.1Mozilla Firefox 1.8Mozilla Firefox 2.0Mozilla Firefox 2.0.0.2Mozilla Firefox 2.0.0.3Mozilla Firefox 2.0 .1Mozilla Firefox 2.0 .10Mozilla Firefox
NA
CVE-2008-4069
The XBM decoder in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to read uninitialized memory, and possibly obtain sensitive information in opportunistic circumstances, via a crafted XBM image file....
Mozilla Seamonkey 1.0.5Mozilla Seamonkey 1.0.4Mozilla Seamonkey 1.0Mozilla Seamonkey 1.1Mozilla SeamonkeyMozilla Seamonkey 1.0.3Mozilla Seamonkey 1.0.2Mozilla Seamonkey 1.1.1Mozilla Seamonkey 1.1.10Mozilla Seamonkey 1.0.1Mozilla Seamonkey 1.0.8Mozilla Seamonkey 1.0.7Mozilla Seamonkey 1.0.6Mozilla Seamonkey 1.0.9Mozilla Seamonkey 1.0.99Mozilla Firefox 0.9Mozilla Firefox 0.9 RcMozilla Firefox 0.10Mozilla Firefox 1.0.7Mozilla Firefox 1.0.6Mozilla Firefox 1.5.0.12Mozilla Firefox 1.5.0.1Mozilla Firefox 1.5.4Mozilla Firefox 1.5.1Mozilla Firefox 1.8Mozilla Firefox 1.5.8Mozilla Firefox 2.0.0.14Mozilla Firefox 2.0.0.15Mozilla Firefox 0.8Mozilla Firefox 0.10.1Mozilla Firefox 1.0.1Mozilla Firefox 1.0Mozilla Firefox 1.0.8Mozilla Firefox 1.5.0.4Mozilla Firefox 1.5.0.10Mozilla Firefox 1.5Mozilla Firefox 1.5.2Mozilla Firefox 1.5.0.8Mozilla Firefox 2.0.0.12Mozilla FirefoxMozilla Firefox 0.9.3Mozilla Firefox 0.9.2Mozilla Firefox 1.0.5Mozilla Firefox 1.0.4Mozilla Firefox 1.5.0.3Mozilla Firefox 1.5.0.11Mozilla Firefox 1.5.6Mozilla Firefox 1.5.5Mozilla Firefox 1.5.3Mozilla Firefox 2.0Mozilla Firefox 2.0.0.1Mozilla Firefox 2.0.0.11Mozilla Firefox 0.9.1Mozilla Firefox 1.0.3Mozilla Firefox 1.0.2Mozilla Firefox 1.5.0.5Mozilla Firefox 1.5.0.2Mozilla Firefox 1.5.0.6Mozilla Firefox 1.5.7Mozilla Firefox 1.5.0.9Mozilla Firefox 1.5.0.7Mozilla Firefox 2.0.0.10Mozilla Firefox 2.0.0.13
NA
CVE-2009-1310
Cross-site scripting (XSS) vulnerability in the MozSearch plugin implementation in Mozilla Firefox before 3.0.9 allows user-assisted remote attackers to inject arbitrary web script or HTML via a javascript: URI in the SearchForm element....
Mozilla Firefox 0.3Mozilla Firefox 0.4Mozilla Firefox 0.9.3Mozilla Firefox 0.7Mozilla Firefox 1.0Mozilla Firefox 1.0.3Mozilla Firefox 1.5.0.4Mozilla Firefox 1.5.0.5Mozilla Firefox 1.5Mozilla Firefox 1.5.0.6Mozilla Firefox 1.5.0.8Mozilla Firefox 1.5.0.9Mozilla Firefox 2.0.0.10Mozilla Firefox 2.0.0.15Mozilla Firefox 2.0.0.20Mozilla Firefox 2.0.0.17Mozilla Firefox 2.0Mozilla Firefox 2.0.0.7Mozilla Firefox 3.0.1Mozilla Firefox 2.0 8Mozilla Firefox 3.0.2Mozilla Firefox 3.0Mozilla Firefox 0.1Mozilla Firefox 0.10Mozilla Firefox 0.6.1Mozilla Firefox 0.8Mozilla Firefox 0.9Mozilla Firefox 0.9 RcMozilla Firefox 1.0.4Mozilla Firefox 1.0.7Mozilla Firefox 1.5.0.11Mozilla Firefox 1.5.0.12Mozilla Firefox 1.5.3Mozilla Firefox 1.5.4Mozilla Firefox 1.8Mozilla Firefox 2.0.0.11Mozilla Firefox 2.0.0.14Mozilla Firefox 2.0.0.2Mozilla Firefox 2.0.0.16Mozilla Firefox 2.0.0.5Mozilla Firefox 2.0.0.4Mozilla Firefox 3.0.6Mozilla Firefox 3.0.5Mozilla FirefoxMozilla Firefox 0.5Mozilla Firefox 0.6Mozilla Firefox 0.9.2Mozilla Firefox 0.7.1Mozilla Firefox 1.0.2Mozilla Firefox 1.0.5Mozilla Firefox 1.5.0.2Mozilla Firefox 1.5.0.3Mozilla Firefox 1.5.7Mozilla Firefox 1.5.6Mozilla Firefox 1.5.5Mozilla Firefox 1.5.0.7Mozilla Firefox 2.0.0.13Mozilla Firefox 2.0.0.1Mozilla Firefox 2.0.0.19Mozilla Firefox 2.0.0.3Mozilla Firefox 2.0.0.6Mozilla Firefox 3.0.7Mozilla Firefox 0.10.1Mozilla Firefox 0.2Mozilla Firefox 0.9.1Mozilla Firefox 1.0.6Mozilla Firefox 1.0.1Mozilla Firefox 1.0.8Mozilla Firefox 1.5.0.1Mozilla Firefox 1.5.0.10Mozilla Firefox 1.5.1Mozilla Firefox 1.5.2Mozilla Firefox 1.5.8Mozilla Firefox 2.0.0.12Mozilla Firefox 2.0.0.18Mozilla Firefox 2.0.0.21Mozilla Firefox 2.0.0.8Mozilla Firefox 2.0.0.9Mozilla Firefox 3.0.4Mozilla Firefox 3.0.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30758CSRFCVE-2021-44228CVE-2023-33633XPath injectionCVE-2023-33735CVE-2023-29336CVE-2023-34312cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook