National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product: cpe:/a:mozilla:firefox
There are 2,012 matching records.
Displaying matches 1941 through 1960.
Vuln ID Summary CVSS Severity
CVE-2005-2269

Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not properly verify the associated types of DOM node names within the context of their namespaces, which allows remote attackers to modify certain tag properties, possibly leading to execution of arbitrary script or code, as demonstrated using an XHTML document with IMG tags with custom properties ("XHTML node spoofing").

Published: July 13, 2005; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2005-2270

Firefox before 1.0.5 and Mozilla before 1.7.9 does not properly clone base objects, which allows remote attackers to execute arbitrary code by navigating the prototype chain to reach a privileged object.

Published: July 13, 2005; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2005-2114

Mozilla 1.7.8, Firefox 1.0.4, Camino 0.8.4, Netscape 8.0.2, and K-Meleon 0.9, and possibly other products that use the Gecko engine, allow remote attackers to cause a denial of service (application crash) via JavaScript that repeatedly calls an empty function.

Published: July 05, 2005; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2005-1937

A regression error in Firefox 1.0.3 and Mozilla 1.7.7 allows remote attackers to inject arbitrary Javascript from one page into the frameset of another site, aka the frame injection spoofing vulnerability, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2004-0718.

Published: June 14, 2005; 12:00:00 AM -04:00
    V2: 2.6 LOW
CVE-2005-0150

Firefox before 1.0 allows the user to store a (1) javascript: or (2) data: URLs as a Livefeed bookmark, then executes it in the security context of the currently loaded page when the user later accesses the bookmark, which could allow remote attackers to execute arbitrary code.

Published: May 26, 2005; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2005-1575

The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows allows remote attackers to hide the real file types of downloaded files via the Content-Type HTTP header and a filename containing whitespace, dots, or ASCII byte 160.

Published: May 14, 2005; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2005-1531

Firefox before 1.0.4 and Mozilla Suite before 1.7.8 does not properly implement certain security checks for script injection, which allows remote attackers to execute script via "Wrapped" javascript: URLs, as demonstrated using (1) a javascript: URL in a view-source: URL, (2) a javascript: URL in a jar: URL, or (3) "a nested variant."

Published: May 12, 2005; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2005-1532

Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly limit privileges of Javascript eval and Script objects in the calling context, which allows remote attackers to conduct unauthorized activities via "non-DOM property overrides," a variant of CVE-2005-1160.

Published: May 12, 2005; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2005-1576

The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows uses the Content-Type HTTP header to determine the file type, but saves the original file extension when "Save to Disk" is selected, which allows remote attackers to hide the real file types of downloaded files.

Published: May 12, 2005; 12:00:00 AM -04:00
    V2: 2.6 LOW
CVE-2005-1476

Firefox 1.0.3 allows remote attackers to execute arbitrary Javascript in other domains by using an IFRAME and causing the browser to navigate to a previous javascript: URL, which can lead to arbitrary code execution when combined with CVE-2005-1477.

Published: May 09, 2005; 12:00:00 AM -04:00
    V2: 5.1 MEDIUM
CVE-2005-1477

The install function in Firefox 1.0.3 allows remote web sites on the browser's whitelist, such as update.mozilla.org or addon.mozilla.org, to execute arbitrary Javascript with chrome privileges, leading to arbitrary code execution on the system when combined with vulnerabilities such as CVE-2005-1476, as demonstrated using a javascript: URL as the package icon and a cross-site scripting (XSS) attack on a vulnerable whitelist site.

Published: May 09, 2005; 12:00:00 AM -04:00
    V2: 5.1 MEDIUM
CVE-2005-0141

Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to load local files via links "with a custom getter and toString method" that are middle-clicked by the user to be opened in a new tab.

Published: May 02, 2005; 12:00:00 AM -04:00
    V2: 2.6 LOW
CVE-2005-0142

Firefox 0.9, Thunderbird 0.6 and other versions before 0.9, and Mozilla 1.7 before 1.7.5 save temporary files with world-readable permissions, which allows local users to read certain web content or attachments that belong to other users, e.g. content that is managed by helper applications such as PDF.

Published: May 02, 2005; 12:00:00 AM -04:00
    V2: 2.1 LOW
CVE-2005-0144

Firefox before 1.0 and Mozilla before 1.7.5 display the secure site lock icon when a view-source: URL references a secure SSL site while an insecure page is being loaded, which could facilitate phishing attacks.

Published: May 02, 2005; 12:00:00 AM -04:00
    V2: 2.6 LOW
CVE-2005-0146

Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to obtain sensitive data from the clipboard via Javascript that generates a middle-click event on systems for which a middle-click performs a paste operation.

Published: May 02, 2005; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2005-0147

Firefox before 1.0 and Mozilla before 1.7.5, when configured to use a proxy, respond to 407 proxy auth requests from arbitrary servers, which allows remote attackers to steal NTLM or SPNEGO credentials.

Published: May 02, 2005; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2005-0230

Firefox 1.0 does not prevent the user from dragging an executable file to the desktop when it has an image/gif content type but has a dangerous extension such as .bat or .exe, which allows remote attackers to bypass the intended restriction and execute arbitrary commands via malformed GIF files that can still be parsed by the Windows batch file parser, aka "firedragging."

Published: May 02, 2005; 12:00:00 AM -04:00
    V2: 5.1 MEDIUM
CVE-2005-0232

Firefox 1.0 allows remote attackers to modify Boolean configuration parameters for the about:config site by using a plugin such as Flash, and the -moz-opacity filter, to display the about:config site then cause the user to double-click at a certain screen position, aka "Fireflashing."

Published: May 02, 2005; 12:00:00 AM -04:00
    V2: 2.6 LOW
CVE-2005-0238

The International Domain Name (IDN) support in Epiphany allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.

Published: May 02, 2005; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2005-0255

String handling functions in Mozilla 1.7.3, Firefox 1.0, and Thunderbird before 1.0.2, such as the nsTSubstring_CharT::Replace function, do not properly check the return values of other functions that resize the string, which allows remote attackers to cause a denial of service and possibly execute arbitrary code by forcing an out-of-memory state that causes a reallocation to fail and return a pointer to a fixed address, which leads to heap corruption.

Published: May 02, 2005; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM