After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored. This vulnerability affects Firefox < 72.
Max CVSS
6.5
EPSS Score
0.31%
Published
2020-01-08
Updated
2023-01-27
When a master password is set, it is required to be entered again before stored passwords can be accessed in the 'Saved Logins' dialog. It was found that locally stored passwords can be copied to the clipboard thorough the 'copy password' context menu item without re-entering the master password if the master password had been previously entered in the same session, allowing for potential theft of stored passwords. This vulnerability affects Firefox < 68.0.2 and Firefox ESR < 68.0.2.
Max CVSS
9.8
EPSS Score
0.28%
Published
2019-09-27
Updated
2020-08-24
An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. This authentication is insufficient for channels created after the IPC process is started, leading to the authentication not being correctly applied to later channels. This could allow for a sandbox escape through IPC channels due to lack of message validation in the listener process. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65.
Max CVSS
10.0
EPSS Score
1.02%
Published
2019-02-05
Updated
2019-10-03
A potentially exploitable crash in "EnumerateSubDocuments" while adding or removing sub-documents. This vulnerability affects Firefox ESR < 45.6 and Thunderbird < 45.6.
Max CVSS
8.8
EPSS Score
1.63%
Published
2018-06-11
Updated
2018-08-09
Mozilla Firefox before 49.0 allows remote attackers to bypass the Same Origin Policy via a crafted fragment identifier in the SRC attribute of an IFRAME element, leading to insufficient restrictions on link-color information after a document is resized.
Max CVSS
8.8
EPSS Score
0.89%
Published
2016-09-22
Updated
2017-07-30
The mozilla::a11y::HyperTextAccessible::GetChildOffset function in the accessibility implementation in Mozilla Firefox before 49.0 allows remote attackers to execute arbitrary code via a crafted web site.
Max CVSS
8.8
EPSS Score
0.98%
Published
2016-09-22
Updated
2017-07-30
Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not ensure that the user approves the fullscreen and pointerlock settings, which allows remote attackers to cause a denial of service (UI outage), or conduct clickjacking or spoofing attacks, via a crafted web site.
Max CVSS
8.8
EPSS Score
1.44%
Published
2016-06-13
Updated
2018-10-30
Mozilla Firefox before 47.0 allows remote attackers to spoof permission notifications via a crafted web site that rapidly triggers permission requests, as demonstrated by the microphone permission or the geolocation permission.
Max CVSS
6.5
EPSS Score
0.36%
Published
2016-06-13
Updated
2018-10-30
Mozilla Firefox before 47.0 allows remote attackers to bypass the Same Origin Policy and modify the location.host property via an invalid data: URL.
Max CVSS
6.5
EPSS Score
0.48%
Published
2016-06-13
Updated
2018-10-30
Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to spoof the address bar via a SELECT element with a persistent menu.
Max CVSS
6.5
EPSS Score
0.94%
Published
2016-06-13
Updated
2018-10-30
Mozilla Firefox before 46.0 allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via the multipart/x-mixed-replace content type.
Max CVSS
6.5
EPSS Score
0.62%
Published
2016-04-30
Updated
2017-07-01
The fetch API implementation in Mozilla Firefox before 41.0.2 does not restrict access to the HTTP response body in certain situations where user credentials are supplied but the CORS cross-origin request algorithm is improperly followed, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
Max CVSS
6.8
EPSS Score
1.09%
Published
2015-10-18
Updated
2016-12-24
Mozilla Firefox before 34.0 and SeaMonkey before 2.31 provide stylesheets with an incorrect primary namespace, which allows remote attackers to bypass intended access restrictions via an XBL binding.
Max CVSS
6.8
EPSS Score
0.64%
Published
2014-12-11
Updated
2016-12-22
Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to spoof the address bar via vectors involving authentication information in the userinfo field of a URL, in conjunction with a 204 (aka No Content) HTTP status code.
Max CVSS
5.0
EPSS Score
0.32%
Published
2013-01-13
Updated
2020-08-04
The User.offer_account_by_email WebService method in Bugzilla 2.x and 3.x before 3.4.13, 3.5.x and 3.6.x before 3.6.7, 3.7.x and 4.0.x before 4.0.3, and 4.1.x through 4.1.3, when createemailregexp is not empty, does not properly handle user_can_create_account settings, which allows remote attackers to create user accounts by leveraging a token contained in an e-mail message.
Max CVSS
6.8
EPSS Score
0.64%
Published
2012-01-02
Updated
2017-08-29
Mozilla Firefox 3.0.10, and possibly other versions, detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script file on an http site, related to "HTTP-Intended-but-HTTPS-Loadable (HPIHSL) pages."
Max CVSS
6.8
EPSS Score
0.17%
Published
2009-06-15
Updated
2017-08-17
Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 use the HTTP Host header to determine the context of a document provided in a non-200 CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an "SSL tampering" attack.
Max CVSS
6.8
EPSS Score
1.12%
Published
2009-06-12
Updated
2018-10-30
The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the same-origin policy and execute arbitrary script via multiple listeners, which bypass the inner window check.
Max CVSS
7.5
EPSS Score
0.66%
Published
2008-11-13
Updated
2018-11-02
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly implement JAR signing, which allows remote attackers to execute arbitrary code via (1) injection of JavaScript into documents within a JAR archive or (2) a JAR archive that uses relative URLs to JavaScript files.
Max CVSS
7.5
EPSS Score
20.23%
Published
2008-07-07
Updated
2018-10-11
Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when generating the HTTP Referer header, does not list the entire URL when it contains Basic Authentication credentials without a username, which makes it easier for remote attackers to bypass application protection mechanisms that rely on Referer headers, such as with some Cross-Site Request Forgery (CSRF) mechanisms.
Max CVSS
5.0
EPSS Score
0.92%
Published
2008-03-27
Updated
2023-02-13
20 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!