Total
2868 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-6715 | 1 Mozilla | 1 Firefox | 2008-11-15 | 4.3 MEDIUM | N/A |
| Mozilla Firefox allows remote attackers to cause a denial of service (crash) via crafted image, as demonstrated by the zzuf lol-firefox.gif test case. | |||||
| CVE-2007-2176 | 1 Mozilla | 1 Firefox | 2008-11-13 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Mozilla Firefox allows remote attackers to execute arbitrary code via unspecified vectors involving Javascript errors. NOTE: this might be the same issue as CVE-2007-2175. | |||||
| CVE-2008-4723 | 1 Mozilla | 1 Firefox | 2008-10-24 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 3.0.1 through 3.0.3 allow remote attackers to inject arbitrary web script or HTML via an ftp:// URL for an HTML document within a (1) JPG, (2) PDF, or (3) TXT file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2005-4720 | 1 Mozilla | 1 Firefox | 2008-09-05 | 5.0 MEDIUM | N/A |
| Mozilla Firefox 1.0.7 and earlier on Linux allows remote attackers to cause a denial of service (client crash) via an IFRAME element with a large value of the WIDTH attribute, which triggers a problem related to representation of floating-point numbers, leading to an infinite loop of widget resizes and a corresponding large number of function calls on the stack. | |||||
| CVE-2005-2602 | 1 Mozilla | 2 Firefox, Thunderbird | 2008-09-05 | 2.6 LOW | N/A |
| Mozilla Thunderbird 1.0 and Firefox 1.0.6 allows remote attackers to obfuscate URIs via a long URI, which causes the address bar to go blank and could facilitate phishing attacks. | |||||
| CVE-2005-1576 | 1 Mozilla | 1 Firefox | 2008-09-05 | 2.6 LOW | N/A |
| The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows uses the Content-Type HTTP header to determine the file type, but saves the original file extension when "Save to Disk" is selected, which allows remote attackers to hide the real file types of downloaded files. | |||||
| CVE-2005-1575 | 1 Mozilla | 1 Firefox | 2008-09-05 | 5.0 MEDIUM | N/A |
| The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows allows remote attackers to hide the real file types of downloaded files via the Content-Type HTTP header and a filename containing whitespace, dots, or ASCII byte 160. | |||||
| CVE-2004-2225 | 1 Mozilla | 1 Firefox | 2008-09-05 | 5.0 MEDIUM | N/A |
| Mozilla Firefox before 0.10.1 allows remote attackers to delete arbitrary files in the download directory via a crafted data: URI that is not properly handled when the user clicks the Save button. | |||||