Search Results (Refine Search)
- CPE Product Version: cpe:/a:mozilla:firefox:3.0.15
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2009-2664 |
The js_watch_set function in js/src/jsdbgapi.cpp in the JavaScript engine in Mozilla Firefox before 3.0.12 allows remote attackers to cause a denial of service (assertion failure and application exit) or possibly execute arbitrary code via a crafted .js file, related to a "memory safety bug." NOTE: this was originally reported as affecting versions before 3.0.13. Published: August 04, 2009; 12:30:00 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2009-2663 |
libvorbis before r16182, as used in Mozilla Firefox 3.5.x before 3.5.2 and other products, allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .ogg file. Published: August 04, 2009; 12:30:00 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2009-2470 |
Mozilla Firefox before 3.0.12, and 3.5.x before 3.5.2, allows remote SOCKS5 proxy servers to cause a denial of service (data stream corruption) via a long domain name in a reply. Published: August 04, 2009; 12:30:00 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2009-2654 |
Mozilla Firefox before 3.0.13, and 3.5.x before 3.5.2, allows remote attackers to spoof the address bar, and possibly conduct phishing attacks, via a crafted web page that calls window.open with an invalid character in the URL, makes document.write calls to the resulting object, and then calls the stop method during the loading of the error page. Published: August 03, 2009; 10:30:00 AM -0400 |
V3.x:(not available) V2.0: 5.8 MEDIUM |
CVE-2009-2479 |
Mozilla Firefox 3.0.x, 3.5, and 3.5.1 on Windows allows remote attackers to cause a denial of service (uncaught exception and application crash) via a long Unicode string argument to the write method. NOTE: this was originally reported as a stack-based buffer overflow. NOTE: on Linux and Mac OS X, a crash resulting from this long string reportedly occurs in an operating-system library, not in Firefox. Published: July 16, 2009; 11:30:00 AM -0400 |
V3.x:(not available) V2.0: 7.8 HIGH |