Mozilla : Security Vulnerabilities, CVEs, Published In December 2011 (Denial of service)
Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an Ogg VIDEO element that is not properly handled after scaling.
Max CVSS
7.5
EPSS Score
5.07%
Published
2011-12-21
Updated
2017-09-19
Mozilla Firefox before 9.0, Thunderbird before 9.0, and SeaMonkey before 2.6 on Mac OS X do not properly handle certain DOM frame deletions by plugins, which allows remote attackers to cause a denial of service (incorrect pointer dereference and application crash) or possibly have unspecified other impact via a crafted web site.
Max CVSS
6.8
EPSS Score
1.81%
Published
2011-12-21
Updated
2017-09-19
YARR, as used in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted JavaScript.
Max CVSS
7.5
EPSS Score
17.43%
Published
2011-12-21
Updated
2017-09-19
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger a compartment mismatch associated with the nsDOMMessageEvent::GetData function, and unknown other vectors.
Max CVSS
10.0
EPSS Score
21.24%
Published
2011-12-21
Updated
2017-09-19
CVE-2011-3658
Public exploit
The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and SeaMonkey 2.5 does not properly interact with DOMAttrModified event handlers, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via vectors involving removal of SVG elements.
Max CVSS
7.5
EPSS Score
95.52%
Published
2011-12-21
Updated
2017-12-29
5 vulnerabilities found