Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2009-0689 | 6.8 |
Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD
|
02-11-2018 - 10:29 | 01-07-2009 - 13:00 | |
CVE-2009-3376 | 9.3 |
Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, does not properly handle a right-to-left override (aka RLO or U+202E) Unicode character in a download filename, which allows remote attackers to spoof file extensions via
|
30-10-2018 - 16:25 | 29-10-2009 - 14:30 | |
CVE-2009-3274 | 4.4 |
Mozilla Firefox 3.6a1, 3.5.3, 3.5.2, and earlier 3.5.x versions, and 3.0.14 and earlier 2.x and 3.x versions, on Linux uses a predictable /tmp pathname for files selected from the Downloads window, which allows local users to replace an arbitrary dow
|
13-08-2018 - 21:47 | 21-09-2009 - 19:30 | |
CVE-2009-3375 | 4.3 |
content/html/document/src/nsHTMLDocument.cpp in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allows user-assisted remote attackers to bypass the Same Origin Policy and read an arbitrary content selection via the document.getSelection fu
|
19-09-2017 - 01:29 | 29-10-2009 - 14:30 | |
CVE-2009-3385 | 7.1 |
The mail component in Mozilla SeaMonkey before 1.1.19 does not properly restrict execution of scriptable plugin content, which allows user-assisted remote attackers to obtain sensitive information via crafted content in an IFRAME element in an HTML e
|
19-09-2017 - 01:29 | 23-03-2010 - 00:53 | |
CVE-2009-3380 | 10.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code
|
19-09-2017 - 01:29 | 29-10-2009 - 14:30 | |
CVE-2009-3384 | 9.3 |
Multiple unspecified vulnerabilities in WebKit in Apple Safari before 4.0.4 on Windows allow remote FTP servers to execute arbitrary code, cause a denial of service (application crash), or obtain sensitive information via a crafted directory listing
|
19-09-2017 - 01:29 | 13-11-2009 - 15:30 | |
CVE-2009-1563 | 5.0 |
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-0689. Reason: This candidate is a duplicate of CVE-2009-0689. Certain codebase relationships were not originally clear. Notes: All CVE users should reference CVE-2009-0689 inste
|
19-12-2009 - 06:54 | 29-10-2009 - 14:30 |