CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Mozilla » Firefox : Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
151 CVE-2016-2797 119 DoS Overflow 2016-03-13 2019-12-27
6.8
None Remote Medium Not required Partial Partial Partial
The graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2801.
152 CVE-2016-2796 119 DoS Overflow 2016-03-13 2019-12-27
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite smart font.
153 CVE-2016-2795 19 DoS 2016-03-13 2019-12-27
6.8
None Remote Medium Not required Partial Partial Partial
The graphite2::FileFace::get_table_fn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted Graphite smart font.
154 CVE-2016-2793 119 DoS Overflow 2016-03-13 2019-12-27
6.8
None Remote Medium Not required Partial Partial Partial
CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.
155 CVE-2016-2792 119 DoS Overflow 2016-03-13 2019-12-27
6.8
None Remote Medium Not required Partial Partial Partial
The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2800.
156 CVE-2016-2791 119 DoS Overflow 2016-03-13 2019-12-27
6.8
None Remote Medium Not required Partial Partial Partial
The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.
157 CVE-2016-2790 19 DoS 2016-03-13 2019-12-27
6.8
None Remote Medium Not required Partial Partial Partial
The graphite2::TtfUtil::GetTableInfo function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted Graphite smart font.
158 CVE-2016-1977 119 DoS Exec Code Overflow Mem. Corr. 2016-03-13 2019-12-27
6.8
None Remote Medium Not required Partial Partial Partial
The Machine::Code::decoder::analysis::set_ref function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a crafted Graphite smart font.
159 CVE-2016-1975 362 DoS Mem. Corr. 2016-03-13 2016-12-03
6.8
None Remote Medium Not required Partial Partial Partial
Multiple race conditions in dom/media/systemservices/CamerasChild.cpp in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
160 CVE-2016-1974 119 DoS Exec Code Overflow 2016-03-13 2019-12-27
6.8
None Remote Medium Not required Partial Partial Partial
The nsScannerString::AppendUnicodeTo function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not verify that memory allocation succeeds, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via crafted Unicode data in an HTML, XML, or SVG document.
161 CVE-2016-1973 DoS Exec Code 2016-03-13 2019-12-27
6.8
None Remote Medium Not required Partial Partial Partial
Race condition in the GetStaticInstance function in the WebRTC implementation in Mozilla Firefox before 45.0 might allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via unspecified vectors.
162 CVE-2016-1969 119 DoS Overflow 2016-03-13 2016-12-03
6.8
None Remote Medium Not required Partial Partial Partial
The setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.6.1, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted Graphite smart font.
163 CVE-2016-1968 189 DoS Exec Code Overflow 2016-03-13 2016-12-03
6.8
None Remote Medium Not required Partial Partial Partial
Integer underflow in Brotli, as used in Mozilla Firefox before 45.0, allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted data with brotli compression.
164 CVE-2016-1966 DoS Exec Code Mem. Corr. 2016-03-13 2019-12-27
6.8
None Remote Medium Not required Partial Partial Partial
The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRuntime.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference and memory corruption) via a crafted NPAPI plugin.
165 CVE-2016-1964 DoS Exec Code Mem. Corr. 2016-03-13 2019-12-27
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in the AtomicBaseIncDec function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging mishandling of XML transformations.
166 CVE-2016-1961 Exec Code 2016-03-13 2019-12-27
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in the nsHTMLDocument::SetBody function in dom/html/nsHTMLDocument.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of a root element, aka ZDI-CAN-3574.
167 CVE-2016-1960 DoS Exec Code 2016-03-13 2019-12-27
6.8
None Remote Medium Not required Partial Partial Partial
Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string parser in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) by leveraging mishandling of end tags, as demonstrated by incorrect SVG processing, aka ZDI-CAN-3545.
168 CVE-2016-1959 119 DoS Exec Code Overflow Mem. Corr. 2016-03-13 2016-12-03
6.8
None Remote Medium Not required Partial Partial Partial
The ServiceWorkerManager class in Mozilla Firefox before 45.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via unspecified use of the Clients API.
169 CVE-2016-1954 264 DoS +Priv 2016-03-13 2019-12-27
6.8
None Remote Medium Not required Partial Partial Partial
The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote attackers to cause a denial of service (data overwrite) or possibly gain privileges by specifying a URL of a local file.
170 CVE-2016-1953 119 DoS Exec Code Overflow Mem. Corr. 2016-03-13 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to js/src/jit/arm/Assembler-arm.cpp, and unknown other vectors.
171 CVE-2016-1952 119 DoS Exec Code Overflow Mem. Corr. 2016-03-13 2019-12-27
6.8
None Remote Medium Not required Partial Partial Partial
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
172 CVE-2016-1949 264 Bypass 2016-02-13 2016-12-06
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla Firefox before 44.0.2 does not properly restrict the interaction between Service Workers and plugins, which allows remote attackers to bypass the Same Origin Policy via a crafted web site that triggers spoofed responses to requests that use NPAPI, as demonstrated by a request for a crossdomain.xml file.
173 CVE-2016-1521 119 DoS Exec Code Overflow +Info 2016-02-13 2017-07-01
6.8
None Remote Medium Not required Partial Partial Partial
The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font.
174 CVE-2015-8960 310 2016-09-21 2018-06-28
6.8
None Remote Medium Not required Partial Partial Partial
The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for ClientCertificateType but does not directly document the ability to compute the master secret in certain situations with a client secret key and server public key but not a server secret key, which makes it easier for man-in-the-middle attackers to spoof TLS servers by leveraging knowledge of the secret key for an arbitrary installed client X.509 certificate, aka the "Key Compromise Impersonation (KCI)" issue.
175 CVE-2015-7222 189 DoS Exec Code Overflow 2015-12-16 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Integer underflow in the Metadata::setData function in MetaData.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect memory allocation and application crash) via an MP4 video file with crafted covr metadata that triggers a buffer overflow.
176 CVE-2015-7213 189 Exec Code Overflow 2015-12-16 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote attackers to execute arbitrary code via a crafted MP4 video file that triggers a buffer overflow.
177 CVE-2015-7204 17 Exec Code 2015-12-16 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla Firefox before 43.0 does not properly store the properties of unboxed objects, which allows remote attackers to execute arbitrary code via crafted JavaScript variable assignments.
178 CVE-2015-7196 17 DoS Exec Code 2015-11-05 2016-12-07
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, when a Java plugin is enabled, allow remote attackers to cause a denial of service (incorrect garbage collection and application crash) or possibly execute arbitrary code via a crafted Java applet that deallocates an in-use JavaScript wrapper.
179 CVE-2015-7189 119 DoS Exec Code Overflow 2015-11-05 2016-12-07
6.8
None Remote Medium Not required Partial Partial Partial
Race condition in the JPEGEncoder function in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via vectors involving a CANVAS element and crafted JavaScript code.
180 CVE-2015-7184 284 Bypass 2015-10-18 2016-12-24
6.8
None Remote Medium Not required Partial Partial Partial
The fetch API implementation in Mozilla Firefox before 41.0.2 does not restrict access to the HTTP response body in certain situations where user credentials are supplied but the CORS cross-origin request algorithm is improperly followed, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
181 CVE-2015-4520 254 Bypass 2015-09-24 2016-12-22
6.4
None Remote Low Not required Partial Partial None
Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to bypass CORS preflight protection mechanisms by leveraging (1) duplicate cache-key generation or (2) retrieval of a value from an incorrect HTTP Access-Control-* response header.
182 CVE-2015-4511 119 Exec Code Overflow 2015-09-24 2016-12-22
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the nestegg_track_codec_data function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allows remote attackers to execute arbitrary code via a crafted header in a WebM video.
183 CVE-2015-4510 362 DoS Exec Code 2015-09-24 2016-12-22
6.8
None Remote Medium Not required Partial Partial Partial
Race condition in the WorkerPrivate::NotifyFeatures function in Mozilla Firefox before 41.0 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) by leveraging improper interaction between shared workers and the IndexedDB implementation.
184 CVE-2015-4506 119 Exec Code Overflow 2015-09-24 2016-12-22
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in the vp9_init_context_buffers function in libvpx, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3, allows remote attackers to execute arbitrary code via a crafted VP9 file.
185 CVE-2015-4504 119 DoS Overflow +Info 2015-09-24 2016-12-22
6.4
None Remote Low Not required Partial None Partial
The lut_inverse_interp16 function in the QCMS library in Mozilla Firefox before 41.0 allows remote attackers to obtain sensitive information or cause a denial of service (buffer over-read and application crash) via crafted attributes in the ICC 4 profile of an image.
186 CVE-2015-2727 20 Exec Code 2015-07-06 2016-12-28
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla Firefox 38.0 and Firefox ESR 38.0 allow user-assisted remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions. NOTE: this vulnerability exists because of a CVE-2015-0821 regression.
187 CVE-2015-2717 189 DoS Exec Code Overflow 2015-05-14 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in libstagefright in Mozilla Firefox before 38.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and out-of-bounds read) via an MP4 video file containing invalid metadata.
188 CVE-2015-2715 362 DoS Exec Code Mem. Corr. 2015-05-14 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Race condition in the nsThreadManager::RegisterCurrentThread function in Mozilla Firefox before 38.0 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) by leveraging improper Media Decoder Thread creation at the time of a shutdown.
189 CVE-2015-2713 DoS Exec Code Mem. Corr. 2015-05-14 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in the SetBreaks function in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a document containing crafted text in conjunction with a Cascading Style Sheets (CSS) token sequence containing properties related to vertical text.
190 CVE-2015-2710 119 Exec Code Overflow 2015-05-14 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the SVGTextFrame class in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code via crafted SVG graphics data in conjunction with a crafted Cascading Style Sheets (CSS) token sequence.
191 CVE-2015-2706 362 DoS Exec Code 2015-04-27 2016-12-07
6.8
None Remote Medium Not required Partial Partial Partial
Race condition in the AsyncPaintWaitEvent::AsyncPaintWaitEvent function in Mozilla Firefox before 37.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted plugin that does not properly complete initialization.
192 CVE-2015-0831 DoS Exec Code Mem. Corr. 2015-02-25 2019-04-22
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in the mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted content that is improperly handled during IndexedDB index creation.
193 CVE-2015-0829 119 Exec Code Overflow 2015-02-25 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in libstagefright in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code via a crafted MP4 video that is improperly handled during playback.
194 CVE-2015-0828 DoS Exec Code Mem. Corr. 2015-02-25 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Double free vulnerability in the nsXMLHttpRequest::GetResponse function in Mozilla Firefox before 36.0, when a nonstandard memory allocator is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted JavaScript code that makes an XMLHttpRequest call with zero bytes of data.
195 CVE-2015-0826 119 DoS Exec Code Overflow 2015-02-25 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read of heap memory) via a crafted Cascading Style Sheets (CSS) token sequence that triggers a restyle or reflow operation.
196 CVE-2015-0821 264 Exec Code 2015-02-25 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla Firefox before 36.0 allows user-assisted remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions.
197 CVE-2015-0817 17 Exec Code 2015-03-24 2017-01-03
6.8
None Remote Medium Not required Partial Partial Partial
The asm.js implementation in Mozilla Firefox before 36.0.3, Firefox ESR 31.x before 31.5.2, and SeaMonkey before 2.33.1 does not properly determine the cases in which bounds checking may be safely skipped during JIT compilation and heap access, which allows remote attackers to read or write to unintended memory locations, and consequently execute arbitrary code, via crafted JavaScript.
198 CVE-2015-0811 119 DoS Overflow +Info 2015-04-01 2018-10-30
6.4
None Remote Low Not required Partial None Partial
The QCMS implementation in Mozilla Firefox before 37.0 allows remote attackers to obtain sensitive information from process heap memory or cause a denial of service (out-of-bounds read) via an image that is improperly handled during transformation.
199 CVE-2015-0807 352 Bypass CSRF 2015-04-01 2017-01-03
6.8
None Remote Medium Not required Partial Partial Partial
The navigator.sendBeacon implementation in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 processes HTTP 30x status codes for redirects after a preflight request has occurred, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site, a similar issue to CVE-2014-8638.
200 CVE-2014-8639 2015-01-14 2017-09-08
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 do not properly interpret Set-Cookie headers within responses that have a 407 (aka Proxy Authentication Required) status code, which allows remote HTTP proxy servers to conduct session fixation attacks by providing a cookie name that corresponds to the session cookie of the origin server.
Total number of vulnerabilities : 285   Page : 1 2 3 4 (This Page)5 6
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.