Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla firefox 3.0 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2009-1232
Mozilla Firefox 3.0.8 and previous versions 3.0.x versions allows remote malicious users to cause a denial of service (memory corruption) via an XML document composed of a long series of start-tags with no corresponding end-tags. NOTE: it was later reported that 3.0.10 and previo...
Mozilla Firefox 3.0
Mozilla Firefox 3.0.1
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.4
Mozilla Firefox 3.0.8
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.2
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.6
1 EDB exploit
5.4
CVSSv2
CVE-2009-1839
Mozilla Firefox 3 prior to 3.0.11 associates an incorrect principal with a file: URL loaded through the location bar, which allows user-assisted remote malicious users to bypass intended access restrictions and read files via a crafted HTML document, aka a "file-URL-to-file-...
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.2
Mozilla Firefox
Mozilla Firefox 3.0.1
Mozilla Firefox 3.0
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.4
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.8
Mozilla Firefox 3.0.9
Mozilla Firefox 3.1
Mozilla Firefox 3.0beta5
1 EDB exploit
9.3
CVSSv2
CVE-2009-1840
Mozilla Firefox prior to 3.0.11, Thunderbird, and SeaMonkey do not check content policy before loading a script file into a XUL document, which allows remote malicious users to bypass intended access restrictions via a crafted HTML document, as demonstrated by a "web bug&quo...
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.2
Mozilla Firefox
Mozilla Firefox 3.0.1
Mozilla Firefox 3.0
Mozilla Firefox 3.0beta5
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.4
Mozilla Firefox 3.0.8
Mozilla Firefox 3.0.9
Mozilla Firefox 3.1
Mozilla Firefox 3.0.5
Mozilla Thunderbird
Mozilla Seamonkey
5.4
CVSSv2
CVE-2009-0355
components/sessionstore/src/nsSessionStore.js in Mozilla Firefox prior to 3.0.6 does not block changes of INPUT elements to type="file" during tab restoration, which allows user-assisted remote malicious users to read arbitrary files on a client machine via a crafted IN...
Mozilla Firefox 2.0
Mozilla Firefox 3.0.1
Mozilla Firefox 0.9.3
Mozilla Firefox 1.0.2
Mozilla Firefox 1.0.5
Mozilla Firefox 2.0.0.9
Mozilla Firefox 1.0.8
Mozilla Firefox 2.0 .1
Mozilla Firefox 2.0 8
Mozilla Firefox 2.0.0.10
Mozilla Firefox 0.6.1
Mozilla Firefox 0.7
Mozilla Firefox 0.2
Mozilla Firefox 1.5.0.4
Mozilla Firefox 1.5.0.1
Mozilla Firefox 1.5.0.10
Mozilla Firefox 1.5.0.9
Mozilla Firefox 1.5.0.6
Mozilla Firefox 1.5.7
Mozilla Firefox 2.0.0.18
Mozilla Firefox 0.9 Rc
Mozilla Firefox 2.0.0.3
7.5
CVSSv2
CVE-2009-3374
The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x prior to 3.0.15 and 3.5.x prior to 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects obtained from remote web sites, which allows rem...
Mozilla Firefox 3.0.1
Mozilla Firefox 3.0.10
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.2
Mozilla Firefox 3.5.3
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.4
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.2
Mozilla Firefox 3.0.13
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.9
Mozilla Firefox 3.0
Mozilla Firefox 3.0.11
Mozilla Firefox 3.0.12
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.8
4.3
CVSSv2
CVE-2009-3012
Mozilla Firefox 3.0.13 and previous versions, 3.5, 3.6 a1 pre, and 3.7 a1 pre does not properly block data: URIs in Location headers in HTTP responses, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Locatio...
Mozilla Firefox 3.0.10
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.4
Mozilla Firefox 3.0
Mozilla Firefox 3.0.1
Mozilla Firefox 3.0.11
Mozilla Firefox 3.0.9
Mozilla Firefox 3.5
Mozilla Firefox 3.7
Mozilla Firefox 3.0.12
Mozilla Firefox 3.0.2
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.8
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.5
Mozilla Firefox
Mozilla Firefox 3.6
5
CVSSv2
CVE-2009-0357
Mozilla Firefox prior to 3.0.6 and SeaMonkey prior to 1.1.15 do not properly restrict access from web pages to the (1) Set-Cookie and (2) Set-Cookie2 HTTP response headers, which allows remote malicious users to obtain sensitive information from cookies via XMLHttpRequest calls, ...
Mozilla Firefox 3.0.2
Mozilla Firefox 3.0.3
Mozilla Seamonkey 1.0.2
Mozilla Seamonkey 1.0.3
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.1
Mozilla Seamonkey 1.1.4
Mozilla Seamonkey 1.1.5
Mozilla Seamonkey
Mozilla Firefox
Mozilla Firefox 2.0.0.13
Mozilla Firefox 2.0.0.12
Mozilla Firefox 2.0.0.4
Mozilla Firefox 2.0.0.5
Mozilla Firefox 2.0
Mozilla Firefox 1.5.0.12
Mozilla Firefox 1.5.0.4
Mozilla Firefox 1.5.0.3
Mozilla Firefox 1.0.5
Mozilla Firefox 1.0.4
Mozilla Firefox 0.9.2
Mozilla Firefox 0.9.1
6.8
CVSSv2
CVE-2007-4041
Multiple argument injection vulnerabilities in Mozilla Firefox 2.0.0.5 and 3.0alpha allow remote malicious users to execute arbitrary commands via a NULL byte (%00) and shell metacharacters in a (1) mailto, (2) nntp, (3) news, (4) snews, or (5) telnet URI, a similar issue to CVE-...
Microsoft Internet Explorer 7
Mozilla Firefox 2.0.0.5
Mozilla Firefox 3.0
5
CVSSv2
CVE-2009-3370
Mozilla Firefox prior to 3.0.15, and 3.5.x prior to 3.5.4, allows remote malicious users to read form history by forging mouse and keyboard events that leverage the auto-fill feature to populate form fields, in an attacker-readable form, with history entries.
Mozilla Firefox 3.0.1
Mozilla Firefox 3.0.4
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.2
Mozilla Firefox 3.5.3
Mozilla Firefox 3.0.14
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.5
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.2
Mozilla Firefox 3.0.12
Mozilla Firefox 3.0.13
Mozilla Firefox 3.0.9
Mozilla Firefox 3.0
Mozilla Firefox 3.0.10
Mozilla Firefox 3.0.11
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.8
4.3
CVSSv2
CVE-2009-3375
content/html/document/src/nsHTMLDocument.cpp in Mozilla Firefox 3.0.x prior to 3.0.15 and 3.5.x prior to 3.5.4 allows user-assisted remote malicious users to bypass the Same Origin Policy and read an arbitrary content selection via the document.getSelection function.
Mozilla Firefox 3.0.1
Mozilla Firefox 3.0.10
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.2
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5
Mozilla Firefox 3.0.11
Mozilla Firefox 3.0.12
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.8
Mozilla Firefox 3.0
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.4
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.2
Mozilla Firefox 3.0.13
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.9
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »