National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:mozilla:firefox:2.0.0.12
There are 1,300 matching records.
Displaying matches 401 through 420.
Vuln ID Summary CVSS Severity
CVE-2016-5277

Use-after-free vulnerability in the nsRefreshDriver::Tick function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging improper interaction between timeline destruction and the Web Animations model implementation.

Published: September 22, 2016; 06:59:11 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2016-5276

Use-after-free vulnerability in the mozilla::a11y::DocAccessible::ProcessInvalidationList function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an aria-owns attribute.

Published: September 22, 2016; 06:59:10 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2016-5275

Buffer overflow in the mozilla::gfx::FilterSupport::ComputeSourceNeededRegions function in Mozilla Firefox before 49.0 allows remote attackers to execute arbitrary code by leveraging improper interaction between empty filters and CANVAS element rendering.

Published: September 22, 2016; 06:59:08 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2016-5274

Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between restyling and the Web Animations model implementation.

Published: September 22, 2016; 06:59:07 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2016-5273

The mozilla::a11y::HyperTextAccessible::GetChildOffset function in the accessibility implementation in Mozilla Firefox before 49.0 allows remote attackers to execute arbitrary code via a crafted web site.

Published: September 22, 2016; 06:59:06 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2016-5272

The nsImageGeometryMixin class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 does not properly perform a cast of an unspecified variable during handling of INPUT elements, which allows remote attackers to execute arbitrary code via a crafted web site.

Published: September 22, 2016; 06:59:05 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2016-5271

The PropertyProvider::GetSpacingInternal function in Mozilla Firefox before 49.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via text runs in conjunction with a "display: contents" Cascading Style Sheets (CSS) property.

Published: September 22, 2016; 06:59:04 PM -04:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-5270

Heap-based buffer overflow in the nsCaseTransformTextRunFactory::TransformString function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to cause a denial of service (boolean out-of-bounds write) or possibly have unspecified other impact via Unicode characters that are mishandled during text conversion.

Published: September 22, 2016; 06:59:03 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2016-5257

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4 and Thunderbird < 45.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Published: September 22, 2016; 06:59:02 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2016-5256

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Published: September 22, 2016; 06:59:01 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2016-2827

The mozilla::net::IsValidReferrerPolicy function in Mozilla Firefox before 49.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a Content Security Policy (CSP) referrer directive with zero values.

Published: September 22, 2016; 06:59:00 PM -04:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-5268

Mozilla Firefox before 48.0 does not properly set the LINKABLE and URI_SAFE_FOR_UNTRUSTED_CONTENT flags of about: URLs that are used for error pages, which makes it easier for remote attackers to conduct spoofing attacks via a crafted URL, as demonstrated by misleading text after an about:neterror?d= substring.

Published: August 04, 2016; 09:59:24 PM -04:00
V3: 4.3 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-5267

Mozilla Firefox before 48.0 on Android allows remote attackers to spoof the address bar via left-to-right characters in conjunction with a right-to-left character set.

Published: August 04, 2016; 09:59:23 PM -04:00
V3: 5.3 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-5266

Mozilla Firefox before 48.0 does not properly restrict drag-and-drop (aka dataTransfer) actions for file: URIs, which allows user-assisted remote attackers to access local files via a crafted web site.

Published: August 04, 2016; 09:59:22 PM -04:00
V3: 8.1 HIGH
V2: 5.8 MEDIUM
CVE-2016-5265

Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow user-assisted remote attackers to bypass the Same Origin Policy, and conduct Universal XSS (UXSS) attacks or read arbitrary files, by arranging for the presence of a crafted HTML document and a crafted shortcut file in the same local directory.

Published: August 04, 2016; 09:59:21 PM -04:00
V3: 5.5 MEDIUM
V2: 4.0 MEDIUM
CVE-2016-5264

Use-after-free vulnerability in the nsNodeUtils::NativeAnonymousChildListChange function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG element that is mishandled during effect application.

Published: August 04, 2016; 09:59:20 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2016-5263

The nsDisplayList::HitTest function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 mishandles rendering display transformation, which allows remote attackers to execute arbitrary code via a crafted web site that leverages "type confusion."

Published: August 04, 2016; 09:59:19 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2016-5262

Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 process JavaScript event-handler attributes of a MARQUEE element within a sandboxed IFRAME element that lacks the sandbox="allow-scripts" attribute value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site.

Published: August 04, 2016; 09:59:18 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-5261

Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mozilla Firefox before 48.0 and Firefox ESR < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted packets that trigger incorrect buffer-resize operations during buffering.

Published: August 04, 2016; 09:59:17 PM -04:00
V3: 8.8 HIGH
V2: 7.5 HIGH
CVE-2016-5260

Mozilla Firefox before 48.0 mishandles changes from 'INPUT type="password"' to 'INPUT type="text"' within a single Session Manager session, which might allow attackers to discover cleartext passwords by reading a session restoration file.

Published: August 04, 2016; 09:59:16 PM -04:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM