Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

mozilla firefox esr 31.1.0 vulnerabilities and exploits

(subscribe to this query)

7.5
CVSSv2
CVE-2014-1576
Heap-based buffer overflow in the nsTransformedTextRun function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via Cascading Style Sheets (CSS) token sequences that trigger changes...
Mozilla Thunderbird 31.0Mozilla Thunderbird 31.1.0Mozilla Firefox Esr 31.0Mozilla Firefox Esr 31.1.0Mozilla Firefox 30.0Mozilla Firefox 31.0Mozilla Firefox 31.1.0Mozilla Firefox
7.5
CVSSv2
CVE-2014-1578
The get_tile function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly execute arbitrary code via WebM frames with invalid...
Mozilla Firefox Esr 31.0Mozilla Firefox Esr 31.1.0Mozilla Firefox 30.0Mozilla Firefox 31.0Mozilla Firefox 31.1.0Mozilla FirefoxMozilla Thunderbird 31.0Mozilla Thunderbird 31.1.0
7.5
CVSSv2
CVE-2014-1581
Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between...
Mozilla Thunderbird 31.0Mozilla Thunderbird 31.1.0Mozilla Firefox Esr 31.0Mozilla Firefox Esr 31.1.0Mozilla Firefox 30.0Mozilla Firefox 31.0Mozilla Firefox 31.1.0Mozilla Firefox
7.5
CVSSv2
CVE-2014-1574
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary...
Mozilla Firefox 30.0Mozilla Firefox 31.0Mozilla Firefox 31.1.0Mozilla FirefoxMozilla Firefox Esr 31.0Mozilla Firefox Esr 31.1.0Mozilla Thunderbird 31.0Mozilla Thunderbird 31.1.0
5
CVSSv2
CVE-2014-1586
content/base/src/nsDocument.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 does not consider whether WebRTC video sharing is occurring, which allows remote attackers to obtain sensitive information from the local camera in...
Mozilla Firefox 30.0Mozilla Firefox 31.0Mozilla Firefox 31.1.0Mozilla FirefoxMozilla Thunderbird 31.0Mozilla Thunderbird 31.1.0Mozilla Firefox Esr 31.0Mozilla Firefox Esr 31.1.0
5
CVSSv2
CVE-2014-1585
The WebRTC video-sharing feature in dom/media/MediaManager.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 does not properly recognize Stop Sharing actions for videos in IFRAME elements, which allows remote attackers to obtain...
Mozilla Thunderbird 31.0Mozilla Thunderbird 31.1.0Mozilla Firefox Esr 31.0Mozilla Firefox Esr 31.1.0Mozilla Firefox 30.0Mozilla Firefox 31.0Mozilla Firefox 31.1.0Mozilla Firefox
6.4
CVSSv2
CVE-2014-1577
The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to obtain sensitive information from process memory or cause a denial...
Mozilla Firefox Esr 31.0Mozilla Firefox Esr 31.1.0Mozilla Thunderbird 31.0Mozilla Thunderbird 31.1.0Mozilla Firefox 30.0Mozilla Firefox 31.0Mozilla Firefox 31.1.0Mozilla Firefox
5
CVSSv2
CVE-2014-1583
The Alarm API in Mozilla Firefox before 33.0 and Firefox ESR 31.x before 31.2 does not properly restrict toJSON calls, which allows remote attackers to bypass the Same Origin Policy via crafted API calls that access sensitive information within the JSON data of an alarm....
Mozilla Firefox 30.0Mozilla Firefox 31.0Mozilla Firefox 31.1.0Mozilla FirefoxMozilla Firefox Esr 31.0Mozilla Firefox Esr 31.1.0
7.5
CVSSv2
CVE-2014-8641
Use-after-free vulnerability in the WebRTC implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, and SeaMonkey before 2.32 allows remote attackers to execute arbitrary code via crafted track data....
Mozilla SeamonkeyMozilla Firefox Esr 31.0Mozilla Firefox Esr 31.1.0Mozilla Firefox Esr 31.1.1Mozilla Firefox Esr 31.2Mozilla Firefox Esr 31.3.0Mozilla Firefox
6.8
CVSSv2
CVE-2014-8638
The navigator.sendBeacon implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 omits the CORS Origin header, which allows remote attackers to bypass intended CORS access-control checks and conduct...
Mozilla Firefox Esr 31.0Mozilla Firefox Esr 31.1.0Mozilla Firefox Esr 31.1.1Mozilla Firefox Esr 31.2Mozilla Firefox Esr 31.3.0Mozilla ThunderbirdMozilla FirefoxMozilla Seamonkey
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
wirelesstoodeequinn projecttype confusionCVE-2021-26857scratchpadCVE-2020-29020man-in-the-middleibmCVE-2021-26971CVE-2021-28032CVE-2021-21725CVE-2021-26855