Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

mozilla firefox 5.0 vulnerabilities and exploits

(subscribe to this query)

NA
CVE-2011-3655
Mozilla Firefox 4.x through 7.0 and Thunderbird 5.0 through 7.0 perform access control without checking for use of the NoWaiverWrapper wrapper, which allows remote attackers to gain privileges via a crafted web site....
Mozilla Firefox 4.0.1Mozilla Firefox 4.0Mozilla Firefox 5.0Mozilla Firefox 5.0.1Mozilla Firefox 6.0Mozilla Firefox 6.0.2Mozilla Firefox 6.0.1Mozilla Firefox 7.0Mozilla Thunderbird 5.0Mozilla Thunderbird 6.0Mozilla Thunderbird 6.0.1Mozilla Thunderbird 6.0.2Mozilla Thunderbird 7.0
NA
CVE-2012-0455
Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict drag-and-drop operations on javascript: URLs, which allows...
Mozilla FirefoxMozilla Firefox 4.0Mozilla Firefox 5.0.1Mozilla Firefox 5.0Mozilla Firefox 8.0.1Mozilla Firefox 9.0.1Mozilla Firefox 4.0.1Mozilla Firefox 7.0Mozilla Firefox 8.0Mozilla Firefox 6.0.2Mozilla Firefox 6.0.1Mozilla Firefox 9.0Mozilla Firefox 6.0Mozilla Firefox 7.0.1Mozilla Firefox Esr 10.2Mozilla Firefox Esr 10.1Mozilla Firefox Esr 10.0Mozilla ThunderbirdMozilla Thunderbird 5.0Mozilla Thunderbird 6.0Mozilla Thunderbird 6.0.1Mozilla Thunderbird 6.0.2Mozilla Thunderbird 8.0Mozilla Thunderbird 9.0.1Mozilla Thunderbird 9.0Mozilla Thunderbird Esr 10.0.1Mozilla Thunderbird Esr 10.0.2Mozilla Thunderbird Esr 10.0Mozilla Seamonkey
NA
CVE-2012-1965
Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not properly establish the security context of a feed: URL, which allows remote attackers to bypass unspecified cross-site scripting (XSS) protection mechanisms via a feed:javascript: URL....
Mozilla Firefox 4.0Mozilla Firefox 6.0.1Mozilla Firefox 7.0.1Mozilla Firefox 12.0Mozilla Firefox 13.0Mozilla Firefox 5.0Mozilla Firefox 5.0.1Mozilla Firefox 8.0.1Mozilla Firefox 9.0.1Mozilla Firefox 4.0.1Mozilla Firefox 6.0Mozilla Firefox 6.0.2Mozilla Firefox 9.0Mozilla Firefox 11.0Mozilla Firefox 7.0Mozilla Firefox 8.0Mozilla Firefox Esr 10.0.5Mozilla Firefox Esr 10.0.2Mozilla Firefox Esr 10.0.3Mozilla Firefox Esr 10.0.4Mozilla Firefox Esr 10.0Mozilla Firefox Esr 10.0.1
8.8
CVSSv3
CVE-2016-5252
Stack-based buffer underflow in the mozilla::gfx::BasePoint4d function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via crafted two-dimensional graphics data that is mishandled during clipping-region...
Oracle Linux 7Oracle Linux 5.0Oracle Linux 6Mozilla Firefox Esr 45.1.1Mozilla Firefox Esr 45.1.0Mozilla FirefoxMozilla Firefox Esr 45.2.0Mozilla Firefox Esr 45.3.0
8.8
CVSSv3
CVE-2016-5263
The nsDisplayList::HitTest function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 mishandles rendering display transformation, which allows remote attackers to execute arbitrary code via a crafted web site that leverages "type confusion."...
Mozilla Firefox Esr 45.1.0Mozilla FirefoxMozilla Firefox Esr 45.2.0Mozilla Firefox Esr 45.3.0Mozilla Firefox Esr 45.1.1Oracle Linux 6Oracle Linux 5.0Oracle Linux 7
8.8
CVSSv3
CVE-2016-5258
Use-after-free vulnerability in the WebRTC socket thread in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code by leveraging incorrect free operations on DTLS objects during the shutdown of a WebRTC session....
Oracle Linux 6Oracle Linux 7Oracle Linux 5.0Mozilla Firefox Esr 45.3.0Mozilla Firefox Esr 45.1.1Mozilla Firefox Esr 45.2.0Mozilla Firefox Esr 45.1.0Mozilla Firefox
9.8
CVSSv3
CVE-2016-5254
Use-after-free vulnerability in the nsXULPopupManager::KeyDown function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by leveraging keyboard...
Mozilla Firefox Esr 45.3.0Mozilla Firefox Esr 45.1.1Mozilla Firefox Esr 45.1.0Mozilla FirefoxMozilla Firefox Esr 45.2.0Oracle Linux 7Oracle Linux 6Oracle Linux 5.0
NA
CVE-2012-1966
Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not have the same context-menu restrictions for data: URLs as for javascript: URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL....
Mozilla Firefox 4.0Mozilla Firefox 7.0Mozilla Firefox 8.0Mozilla Firefox 5.0Mozilla Firefox 5.0.1Mozilla Firefox 8.0.1Mozilla Firefox 9.0.1Mozilla Firefox 9.0Mozilla Firefox 4.0.1Mozilla Firefox 6.0Mozilla Firefox 6.0.2Mozilla Firefox 11.0Mozilla Firefox 12.0Mozilla Firefox 6.0.1Mozilla Firefox 7.0.1Mozilla Firefox 13.0Mozilla Firefox Esr 10.0.1Mozilla Firefox Esr 10.0.2Mozilla Firefox Esr 10.0.3Mozilla Firefox Esr 10.0.4Mozilla Firefox Esr 10.0Mozilla Firefox Esr 10.0.5
8.8
CVSSv3
CVE-2016-5259
Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via a script that closes its own Service Worker within a nested sync event loop....
Mozilla Firefox Esr 45.1.0Mozilla FirefoxMozilla Firefox Esr 45.2.0Mozilla Firefox Esr 45.3.0Mozilla Firefox Esr 45.1.1Oracle Linux 7Oracle Linux 5.0Oracle Linux 6
6.1
CVSSv3
CVE-2016-5262
Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 process JavaScript event-handler attributes of a MARQUEE element within a sandboxed IFRAME element that lacks the sandbox="allow-scripts" attribute value, which makes it easier for remote attackers to conduct...
Mozilla Firefox Esr 45.3.0Mozilla Firefox Esr 45.1.1Mozilla Firefox Esr 45.1.0Mozilla Firefox Esr 45.2.0Mozilla FirefoxOracle Linux 5.0Oracle Linux 6Oracle Linux 7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-26498open redirectCVE-2023-22261CVE-2023-1410path traversalCVE-2023-28759cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook