| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2009-2472 | 4.3 |
Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted document, re
|
29-07-2021 - 13:46 | 22-07-2009 - 18:30 | |
| CVE-2009-2462 | 10.0 |
The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) the frame chain and synch
|
30-10-2018 - 16:25 | 22-07-2009 - 18:30 | |
| CVE-2009-1835 | 4.3 |
Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 associate local documents with external domain names located after the file:// substring in a URL, which allows user-assisted remote attackers to read arbitrary cookies via a crafted HTML docu
|
30-10-2018 - 16:25 | 12-06-2009 - 21:30 | |
| CVE-2009-1832 | 9.3 |
Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors involving "double fra
|
30-10-2018 - 16:25 | 12-06-2009 - 21:30 | |
| CVE-2009-2465 | 10.0 |
Mozilla Firefox before 3.0.12 and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via vectors involving double frame construction, related to (1) nsHTMLContentSink.cp
|
30-10-2018 - 16:25 | 22-07-2009 - 18:30 | |
| CVE-2009-2464 | 10.0 |
The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in Mozilla Firefox before 3.0.12, SeaMonkey 2.0a1pre, and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arb
|
30-10-2018 - 16:25 | 22-07-2009 - 18:30 | |
| CVE-2009-2463 | 10.0 |
Multiple integer overflows in the (1) PL_Base64Decode and (2) PL_Base64Encode functions in nsprpub/lib/libc/src/base64.c in Mozilla Firefox before 3.0.12, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a deni
|
30-10-2018 - 16:25 | 22-07-2009 - 18:30 | |
| CVE-2009-2466 | 10.0 |
The JavaScript engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) nsDOMClassInfo.cpp, (2
|
30-10-2018 - 16:25 | 22-07-2009 - 18:30 | |
| CVE-2009-1833 | 9.3 |
The JavaScript engine in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vec
|
30-10-2018 - 16:25 | 12-06-2009 - 21:30 | |
| CVE-2009-1392 | 9.3 |
The browser engine in Mozilla Firefox 3 before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vect
|
30-10-2018 - 16:25 | 12-06-2009 - 21:30 | |
| CVE-2009-2469 | 10.0 |
Mozilla Firefox before 3.0.12 does not properly handle an SVG element that has a property with a watch function and an __defineSetter__ function, which allows remote attackers to cause a denial of service (memory corruption and application crash) or
|
19-09-2017 - 01:29 | 22-07-2009 - 18:30 |