Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla firefox 3.6.7 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2010-2753
Integer overflow in Mozilla Firefox 3.5.x prior to 3.5.11 and 3.6.x prior to 3.6.7, Thunderbird 3.0.x prior to 3.0.6 and 3.1.x prior to 3.1.1, and SeaMonkey prior to 2.0.6 allows remote malicious users to execute arbitrary code via a large selection attribute in a XUL tree elemen...
Mozilla Firefox
Mozilla Seamonkey
Mozilla Thunderbird 3.1
Mozilla Thunderbird
Suse Linux Enterprise Desktop 11
Opensuse Opensuse 11.1
Suse Linux Enterprise Server 11
Opensuse Opensuse 11.2
Opensuse Opensuse 11.3
Suse Linux Enterprise Software Development Kit 11
8.8
CVSSv3
CVE-2010-1208
Use-after-free vulnerability in the attribute-cloning functionality in the DOM implementation in Mozilla Firefox 3.5.x prior to 3.5.11 and 3.6.x prior to 3.6.7, and SeaMonkey prior to 2.0.6, allows remote malicious users to execute arbitrary code via vectors related to deletion o...
Mozilla Firefox
Mozilla Seamonkey
NA
CVE-2015-0819
The UITour::onPageEvent function in Mozilla Firefox prior to 36.0 does not ensure that an API call originates from a foreground tab, which allows remote malicious users to conduct spoofing and clickjacking attacks by leveraging access to a UI Tour web site.
Mozilla Firefox 30.0
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.26
Mozilla Firefox 3.6.25
Mozilla Firefox 3.6.19
Mozilla Firefox 3.6.18
Mozilla Firefox 3.6.10
Mozilla Firefox 3.6
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.13
Mozilla Firefox 3.5.12
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.16
Mozilla Firefox 3.0.15
Mozilla Firefox 3.0
Mozilla Firefox 29.0.1
Mozilla Firefox 24.1.1
Mozilla Firefox 24.1
Mozilla Firefox 20.0
NA
CVE-2015-0820
Mozilla Firefox prior to 36.0 does not properly restrict transitions of JavaScript objects from a non-extensible state to an extensible state, which allows remote malicious users to bypass a Caja Compiler sandbox protection mechanism or a Secure EcmaScript sandbox protection mech...
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Mozilla Firefox 30.0
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.27
Mozilla Firefox 3.6.26
Mozilla Firefox 3.6.19
Mozilla Firefox 3.6.18
Mozilla Firefox 3.6.11
Mozilla Firefox 3.6.10
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.13
Mozilla Firefox 3.5.12
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.17
Mozilla Firefox 3.0.16
Mozilla Firefox 3.0
Mozilla Firefox 29.0.1
Mozilla Firefox 25.0
Mozilla Firefox 24.1.1
NA
CVE-2015-0821
Mozilla Firefox prior to 36.0 allows user-assisted remote malicious users to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions.
Mozilla Firefox 32.0
Mozilla Firefox 31.1.0
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.21
Mozilla Firefox 3.6.20
Mozilla Firefox 3.6.14
Mozilla Firefox 3.6.13
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.6
Mozilla Firefox 3.5.16
Mozilla Firefox 3.5.15
Mozilla Firefox 3.5
Mozilla Firefox 3.0.9
Mozilla Firefox 3.0.2
Mozilla Firefox 3.0.19
Mozilla Firefox 3.0.11
Mozilla Firefox 3.0.10
Mozilla Firefox 27.0
Mozilla Firefox 26.0
Mozilla Firefox 23.0
Mozilla Firefox 22.0
NA
CVE-2015-0822
The Form Autocompletion feature in Mozilla Firefox prior to 36.0, Firefox ESR 31.x prior to 31.5, and Thunderbird prior to 31.5 allows remote malicious users to read arbitrary files via crafted JavaScript code.
Mozilla Firefox 32.0
Mozilla Firefox 31.1.0
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.22
Mozilla Firefox 3.6.21
Mozilla Firefox 3.6.14
Mozilla Firefox 3.6.13
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.6
Mozilla Firefox 3.5.17
Mozilla Firefox 3.5.16
Mozilla Firefox 3.5
Mozilla Firefox 3.0.9
Mozilla Firefox 3.0.2
Mozilla Firefox
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.26
Mozilla Firefox 3.6.25
Mozilla Firefox 3.6.18
Mozilla Firefox 3.6.17
NA
CVE-2015-0823
Multiple use-after-free vulnerabilities in OpenType Sanitiser, as used in Mozilla Firefox prior to 36.0, might allow remote malicious users to trigger problematic Developer Console information or possibly have unspecified other impact by leveraging incorrect macro expansion, rela...
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Opentype Sanitiser Project Opentype Sanitiser
Mozilla Firefox
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.7
Mozilla Firefox 3.6.25
Mozilla Firefox 3.6.24
Mozilla Firefox 3.6.18
Mozilla Firefox 3.6.17
Mozilla Firefox 3.6
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.19
Mozilla Firefox 3.5.12
Mozilla Firefox 3.5.11
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.4
Mozilla Firefox 3.0.15
Mozilla Firefox 3.0.14
NA
CVE-2015-0824
The mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox prior to 36.0 allows remote malicious users to cause a denial of service (out-of-bounds write of zero values, and application crash) via vectors that trigger use of DrawTarget and the Cairo l...
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Mozilla Firefox 32.0
Mozilla Firefox 31.1.0
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.22
Mozilla Firefox 3.6.21
Mozilla Firefox 3.6.14
Mozilla Firefox 3.6.13
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.6
Mozilla Firefox 3.5.17
Mozilla Firefox 3.5.16
Mozilla Firefox 3.5.15
Mozilla Firefox 3.5
Mozilla Firefox 3.0.9
Mozilla Firefox 3.0.2
Mozilla Firefox 3.0.19
NA
CVE-2015-0825
Stack-based buffer underflow in the mozilla::MP3FrameParser::ParseBuffer function in Mozilla Firefox prior to 36.0 allows remote malicious users to obtain sensitive information from process memory via a malformed MP3 file that improperly interacts with memory allocation during pl...
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Mozilla Firefox
Mozilla Firefox 34.0.5
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.7
Mozilla Firefox 3.6.24
Mozilla Firefox 3.6.23
Mozilla Firefox 3.6.17
Mozilla Firefox 3.6.16
Mozilla Firefox 3.6
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5.19
Mozilla Firefox 3.5.18
Mozilla Firefox 3.5.11
Mozilla Firefox 3.5.10
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.4
Mozilla Firefox 3.0.14
NA
CVE-2015-0826
The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox prior to 36.0 allows remote malicious users to execute arbitrary code or cause a denial of service (out-of-bounds read of heap memory) via a crafted Cascading Style Sheets (CSS) token sequence that triggers a...
Mozilla Firefox 34.0.5
Mozilla Firefox 33.0
Mozilla Firefox 3.6.7
Mozilla Firefox 3.6.6
Mozilla Firefox 3.6.23
Mozilla Firefox 3.6.22
Mozilla Firefox 3.6.16
Mozilla Firefox 3.6.15
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5.8
Mozilla Firefox 3.5.18
Mozilla Firefox 3.5.17
Mozilla Firefox 3.5.10
Mozilla Firefox 3.5.1
Mozilla Firefox
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.26
Mozilla Firefox 3.6.25
Mozilla Firefox 3.6.24
Mozilla Firefox 3.6.18
Mozilla Firefox 3.6.17
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »