Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla firefox 4.0 vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2010-3171
The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.10 up to and including 3.5.11, 3.6.4 up to and including 3.6.8, and 4.0 Beta1 uses a random number generator that is seeded only once per document object, which makes it easier for remote malicious u...
Mozilla Firefox 3.6.4
Mozilla Firefox 4.0
Mozilla Firefox 3.6.7
Mozilla Firefox 3.6.6
Mozilla Firefox 3.5.11
Mozilla Firefox 3.6.8
Mozilla Firefox 3.5.10
1 EDB exploit
5.8
CVSSv2
CVE-2010-3399
The js_InitRandom function in the JavaScript implementation in Mozilla Firefox 3.5.10 up to and including 3.5.11, 3.6.4 up to and including 3.6.8, and 4.0 Beta1 uses a context pointer in conjunction with its successor pointer for seeding of a random number generator, which makes ...
Mozilla Firefox 4.0
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.7
Mozilla Firefox 3.5.10
Mozilla Firefox 3.5.11
Mozilla Firefox 3.6.6
Mozilla Firefox 3.6.4
4.3
CVSSv2
CVE-2011-0082
The X.509 certificate validation functionality in Mozilla Firefox 4.0.x up to and including 4.0.1 does not properly implement single-session security exceptions, which might make it easier for user-assisted remote malicious users to spoof an SSL server via an untrusted certificat...
Mozilla Firefox 4.0
Mozilla Firefox 4.0.1
4.3
CVSSv2
CVE-2011-2598
The WebGL implementation in Mozilla Firefox 4.x allows remote malicious users to obtain screenshots of the windows of arbitrary desktop applications via vectors involving an SVG filter, an IFRAME element, and uninitialized data in graphics memory.
Mozilla Firefox 4.0
Mozilla Firefox 4.0.1
6.4
CVSSv2
CVE-2011-2367
The WebGL implementation in Mozilla Firefox 4.x up to and including 4.0.1 does not properly restrict read operations, which allows remote malicious users to obtain sensitive information from GPU memory associated with an arbitrary process, or cause a denial of service (applicatio...
Mozilla Firefox 4.0
Mozilla Firefox 4.0.1
10
CVSSv2
CVE-2011-2368
The WebGL implementation in Mozilla Firefox 4.x up to and including 4.0.1 does not properly restrict write operations, which allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
Mozilla Firefox 4.0
Mozilla Firefox 4.0.1
4.3
CVSSv2
CVE-2011-2369
Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x up to and including 4.0.1 allows remote malicious users to inject arbitrary web script or HTML via an SVG element containing an HTML-encoded entity.
Mozilla Firefox 4.0
Mozilla Firefox 4.0.1
9.3
CVSSv2
CVE-2011-3655
Mozilla Firefox 4.x up to and including 7.0 and Thunderbird 5.0 up to and including 7.0 perform access control without checking for use of the NoWaiverWrapper wrapper, which allows remote malicious users to gain privileges via a crafted web site.
Mozilla Firefox 4.0.1
Mozilla Firefox 4.0
Mozilla Firefox 5.0
Mozilla Firefox 5.0.1
Mozilla Firefox 6.0
Mozilla Firefox 6.0.2
Mozilla Firefox 6.0.1
Mozilla Firefox 7.0
Mozilla Thunderbird 5.0
Mozilla Thunderbird 6.0
Mozilla Thunderbird 6.0.1
Mozilla Thunderbird 6.0.2
Mozilla Thunderbird 7.0
10
CVSSv2
CVE-2010-4508
The WebSockets implementation in Mozilla Firefox 4 up to and including 4.0 Beta 7 does not properly perform proxy upgrade negotiation, which has unspecified impact and remote attack vectors, related to an "inherent problem" with the WebSocket specification.
Mozilla Firefox 4.0
10
CVSSv2
CVE-2011-0079
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x prior to 4.0.1 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to gfx/layers/d3d10/Readback...
Mozilla Firefox 4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »