Search Results (Refine Search)
- CPE Product Version: cpe:/a:mozilla:firefox_esr:31.4
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2015-0833 |
Multiple untrusted search path vulnerabilities in updater.exe in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 on Windows, when the Maintenance Service is not used, allow local users to gain privileges via a Trojan horse DLL in (1) the current working directory or (2) a temporary directory, as demonstrated by bcrypt.dll. Published: February 25, 2015; 6:59:13 AM -0500 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2015-0831 |
Use-after-free vulnerability in the mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted content that is improperly handled during IndexedDB index creation. Published: February 25, 2015; 6:59:11 AM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2015-0827 |
Heap-based buffer overflow in the mozilla::gfx::CopyRect function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to obtain sensitive information from uninitialized process memory via a malformed SVG graphic. Published: February 25, 2015; 6:59:08 AM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2015-0822 |
The Form Autocompletion feature in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to read arbitrary files via crafted JavaScript code. Published: February 25, 2015; 6:59:03 AM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2011-3079 |
The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors. Published: May 01, 2012; 6:12:04 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |