CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Mozilla » Firefox : Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2015-7222 189 DoS Exec Code Overflow 2015-12-16 2016-01-11
6.8
None Remote Medium Not required Partial Partial Partial
Integer underflow in the Metadata::setData function in MetaData.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect memory allocation and application crash) via an MP4 video file with crafted covr metadata that triggers a buffer overflow.
2 CVE-2015-7216 20 DoS 2015-12-16 2016-01-11
6.8
None Remote Medium Not required Partial Partial Partial
The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the JasPer decoder, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JPEG 2000 image.
3 CVE-2015-7213 189 Exec Code Overflow 2015-12-16 2016-01-11
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote attackers to execute arbitrary code via a crafted MP4 video file that triggers a buffer overflow.
4 CVE-2015-7204 17 Exec Code 2015-12-16 2016-01-11
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla Firefox before 43.0 does not properly store the properties of unboxed objects, which allows remote attackers to execute arbitrary code via crafted JavaScript variable assignments.
5 CVE-2015-7196 17 DoS Exec Code 2015-11-05 2015-11-05
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, when a Java plugin is enabled, allow remote attackers to cause a denial of service (incorrect garbage collection and application crash) or possibly execute arbitrary code via a crafted Java applet that deallocates an in-use JavaScript wrapper.
6 CVE-2015-7189 119 DoS Exec Code Overflow 2015-11-05 2015-11-05
6.8
None Remote Medium Not required Partial Partial Partial
Race condition in the JPEGEncoder function in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via vectors involving a CANVAS element and crafted JavaScript code.
7 CVE-2015-4520 254 Bypass 2015-09-24 2015-09-24
6.4
None Remote Low Not required Partial Partial None
Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to bypass CORS preflight protection mechanisms by leveraging (1) duplicate cache-key generation or (2) retrieval of a value from an incorrect HTTP Access-Control-* response header.
8 CVE-2015-4512 119 DoS Overflow +Info 2015-09-24 2015-09-24
6.4
None Remote Low Not required Partial None Partial
gfx/2d/DataSurfaceHelpers.cpp in Mozilla Firefox before 41.0 on Linux improperly attempts to use the Cairo library with 32-bit color-depth surface creation followed by 16-bit color-depth surface display, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) by using a CANVAS element to trigger 2D rendering.
9 CVE-2015-4511 119 Exec Code Overflow 2015-09-24 2015-09-24
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the nestegg_track_codec_data function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allows remote attackers to execute arbitrary code via a crafted header in a WebM video.
10 CVE-2015-4510 362 DoS Exec Code 2015-09-24 2015-09-24
6.8
None Remote Medium Not required Partial Partial Partial
Race condition in the WorkerPrivate::NotifyFeatures function in Mozilla Firefox before 41.0 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) by leveraging improper interaction between shared workers and the IndexedDB implementation.
11 CVE-2015-4506 119 Exec Code Overflow 2015-09-24 2015-09-24
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in the vp9_init_context_buffers function in libvpx, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3, allows remote attackers to execute arbitrary code via a crafted VP9 file.
12 CVE-2015-4505 264 2015-09-24 2015-09-24
6.6
None Local Low Not required None Complete Complete
updater.exe in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows allows local users to write to arbitrary files by conducting a junction attack and waiting for an update operation by the Mozilla Maintenance Service.
13 CVE-2015-4504 119 DoS Overflow +Info 2015-09-24 2015-09-24
6.4
None Remote Low Not required Partial None Partial
The lut_inverse_interp16 function in the QCMS library in Mozilla Firefox before 41.0 allows remote attackers to obtain sensitive information or cause a denial of service (buffer over-read and application crash) via crafted attributes in the ICC 4 profile of an image.
14 CVE-2015-2727 20 Exec Code 2015-07-05 2015-07-08
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla Firefox 38.0 and Firefox ESR 38.0 allow user-assisted remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions. NOTE: this vulnerability exists because of a CVE-2015-0821 regression.
15 CVE-2015-2717 189 DoS Exec Code Overflow 2015-05-14 2015-06-30
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in libstagefright in Mozilla Firefox before 38.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and out-of-bounds read) via an MP4 video file containing invalid metadata.
16 CVE-2015-2715 362 DoS Exec Code Mem. Corr. 2015-05-14 2015-07-27
6.8
None Remote Medium Not required Partial Partial Partial
Race condition in the nsThreadManager::RegisterCurrentThread function in Mozilla Firefox before 38.0 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) by leveraging improper Media Decoder Thread creation at the time of a shutdown.
17 CVE-2015-2713 DoS Exec Code Mem. Corr. 2015-05-14 2015-07-28
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in the SetBreaks function in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a document containing crafted text in conjunction with a Cascading Style Sheets (CSS) token sequence containing properties related to vertical text.
18 CVE-2015-2710 119 Exec Code Overflow 2015-05-14 2015-07-28
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the SVGTextFrame class in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code via crafted SVG graphics data in conjunction with a crafted Cascading Style Sheets (CSS) token sequence.
19 CVE-2015-2706 362 DoS Exec Code 2015-04-27 2015-05-11
6.8
None Remote Medium Not required Partial Partial Partial
Race condition in the AsyncPaintWaitEvent::AsyncPaintWaitEvent function in Mozilla Firefox before 37.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted plugin that does not properly complete initialization.
20 CVE-2015-0833 +Priv 2015-02-25 2015-03-26
6.9
None Local Medium Not required Complete Complete Complete
Multiple untrusted search path vulnerabilities in updater.exe in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 on Windows, when the Maintenance Service is not used, allow local users to gain privileges via a Trojan horse DLL in (1) the current working directory or (2) a temporary directory, as demonstrated by bcrypt.dll.
21 CVE-2015-0831 DoS Exec Code Mem. Corr. 2015-02-25 2015-03-26
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in the mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted content that is improperly handled during IndexedDB index creation.
22 CVE-2015-0829 119 Exec Code Overflow 2015-02-25 2015-03-26
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in libstagefright in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code via a crafted MP4 video that is improperly handled during playback.
23 CVE-2015-0828 DoS Exec Code Mem. Corr. 2015-02-25 2015-03-26
6.8
None Remote Medium Not required Partial Partial Partial
Double free vulnerability in the nsXMLHttpRequest::GetResponse function in Mozilla Firefox before 36.0, when a nonstandard memory allocator is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted JavaScript code that makes an XMLHttpRequest call with zero bytes of data.
24 CVE-2015-0826 119 DoS Exec Code Overflow 2015-02-25 2015-03-26
6.8
None Remote Medium Not required Partial Partial Partial
The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read of heap memory) via a crafted Cascading Style Sheets (CSS) token sequence that triggers a restyle or reflow operation.
25 CVE-2015-0821 264 Exec Code 2015-02-25 2015-03-26
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla Firefox before 36.0 allows user-assisted remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions.
26 CVE-2015-0817 17 Exec Code 2015-03-23 2015-04-02
6.8
None Remote Medium Not required Partial Partial Partial
The asm.js implementation in Mozilla Firefox before 36.0.3, Firefox ESR 31.x before 31.5.2, and SeaMonkey before 2.33.1 does not properly determine the cases in which bounds checking may be safely skipped during JIT compilation and heap access, which allows remote attackers to read or write to unintended memory locations, and consequently execute arbitrary code, via crafted JavaScript.
27 CVE-2015-0811 119 DoS Overflow +Info 2015-04-01 2015-06-03
6.4
None Remote Low Not required Partial None Partial
The QCMS implementation in Mozilla Firefox before 37.0 allows remote attackers to obtain sensitive information from process heap memory or cause a denial of service (out-of-bounds read) via an image that is improperly handled during transformation.
28 CVE-2015-0807 352 Bypass CSRF 2015-04-01 2015-06-03
6.8
None Remote Medium Not required Partial Partial Partial
The navigator.sendBeacon implementation in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 processes HTTP 30x status codes for redirects after a preflight request has occurred, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site, a similar issue to CVE-2014-8638.
29 CVE-2015-0797 119 DoS Exec Code Overflow 2015-05-14 2015-06-03
6.8
None Remote Medium Not required Partial Partial Partial
GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or possibly execute arbitrary code via crafted H.264 video data in an m4v file.
30 CVE-2014-8639 2015-01-14 2015-03-17
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 do not properly interpret Set-Cookie headers within responses that have a 407 (aka Proxy Authentication Required) status code, which allows remote HTTP proxy servers to conduct session fixation attacks by providing a cookie name that corresponds to the session cookie of the origin server.
31 CVE-2014-8638 352 Bypass CSRF 2015-01-14 2015-03-17
6.8
None Remote Medium Not required Partial Partial Partial
The navigator.sendBeacon implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 omits the CORS Origin header, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site.
32 CVE-2014-1594 20 Exec Code 2014-12-11 2015-03-17
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 might allow remote attackers to execute arbitrary code by leveraging an incorrect cast from the BasicThebesLayer data type to the BasicContainerLayer data type.
33 CVE-2014-1593 119 Exec Code Overflow 2014-12-11 2015-03-17
6.8
None Remote Medium Not required Partial Partial Partial
Stack-based buffer overflow in the mozilla::FileBlockCache::Read function in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code via crafted media content.
34 CVE-2014-1592 Exec Code 2014-12-11 2015-03-17
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in the nsHtml5TreeOperation function in xul.dll in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code by adding a second root element to an HTML5 document during parsing.
35 CVE-2014-1589 284 Bypass 2014-12-11 2014-12-11
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla Firefox before 34.0 and SeaMonkey before 2.31 provide stylesheets with an incorrect primary namespace, which allows remote attackers to bypass intended access restrictions via an XBL binding.
36 CVE-2014-1588 DoS Exec Code Mem. Corr. 2014-12-11 2014-12-11
6.8
None Remote Medium Not required Partial Partial Partial
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
37 CVE-2014-1587 20 DoS Exec Code Mem. Corr. 2014-12-11 2015-03-17
6.8
None Remote Medium Not required Partial Partial Partial
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
38 CVE-2014-1577 DoS Mem. Corr. +Info 2014-10-15 2015-03-17
6.4
None Remote Low Not required Partial None Partial
The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read, memory corruption, and application crash) via an invalid custom waveform that triggers a calculation of a negative frequency value.
39 CVE-2014-1542 119 Exec Code Overflow 2014-06-11 2014-07-24
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in the Speex resampler in the Web Audio subsystem in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code via vectors related to a crafted AudioBuffer channel count and sample rate.
40 CVE-2014-1520 264 +Priv 2014-04-30 2015-08-07
6.9
None Local Medium Not required Complete Complete Complete
maintenservice_installer.exe in the Maintenance Service Installer in Mozilla Firefox before 29.0 and Firefox ESR 24.x before 24.5 on Windows allows local users to gain privileges by placing a Trojan horse DLL file into a temporary directory at an unspecified point in the update process.
41 CVE-2014-1508 119 DoS Overflow Bypass +Info 2014-03-19 2014-07-18
6.8
None Remote Medium Not required Partial Partial Partial
The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering.
42 CVE-2014-1506 22 DoS Dir. Trav. 2014-03-19 2015-11-02
6.4
None Remote Low Not required Partial None Partial
Directory traversal vulnerability in Android Crash Reporter in Mozilla Firefox before 28.0 on Android allows attackers to trigger the transmission of local files to arbitrary servers, or cause a denial of service (application crash), via a crafted application that specifies Android Crash Reporter arguments.
43 CVE-2014-1505 264 Bypass +Info 2014-03-19 2014-07-18
6.8
None Remote Medium Not required Partial Partial Partial
The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a different domain, via a timing attack involving feDisplacementMap elements, a related issue to CVE-2013-1693.
44 CVE-2014-1502 264 Bypass 2014-03-19 2014-05-23
6.8
None Remote Medium Not required Partial Partial Partial
The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors.
45 CVE-2014-1497 119 DoS Overflow +Info 2014-03-19 2014-07-18
6.8
None Remote Medium Not required Partial Partial Partial
The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and application crash), or possibly have unspecified other impact via a crafted WAV file.
46 CVE-2014-1496 264 +Priv 2014-03-19 2014-04-01
6.9
None Local Medium Not required Complete Complete Complete
Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update.
47 CVE-2013-6167 352 CSRF 2014-02-15 2014-02-18
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla Firefox through 27 sends HTTP Cookie headers without first validating that they have the required character-set restrictions, which allows remote attackers to conduct the equivalent of a persistent Logout CSRF attack via a crafted parameter that forces a web application to set a malformed cookie within an HTTP response.
48 CVE-2013-5619 189 DoS Overflow 2013-12-11 2015-08-26
6.8
None Remote Medium Not required Partial Partial Partial
Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code.
49 CVE-2013-5596 119 DoS Exec Code Overflow 2013-10-30 2014-01-27
6.8
None Remote Medium Not required Partial Partial Partial
The cycle collection (CC) implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly determine the thread for release of an image object, which allows remote attackers to execute arbitrary code or cause a denial of service (race condition and application crash) via a large HTML document containing IMG elements, as demonstrated by the Never-Ending Reddit on reddit.com.
50 CVE-2013-1731 20 Exec Code 2013-09-18 2013-10-02
6.8
None Remote Medium Not required Partial Partial Partial
Untrusted search path vulnerability in the GL tracing functionality in Mozilla Firefox before 24.0 on Android allows attackers to execute arbitrary code via a Trojan horse .so file in a world-writable directory.
Total number of vulnerabilities : 135   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.