| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2021-29948 |
362 |
|
|
2021-06-24 |
2021-06-30 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file. This vulnerability affects Thunderbird < 78.10. |
|
2 |
CVE-2020-12402 |
203 |
|
|
2020-07-09 |
2022-01-04 |
1.2 |
None |
Local |
High |
Not required |
Partial |
None |
None |
|
During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secret primes. *Note:* An unmodified Firefox browser does not generate RSA keys in normal operation and is not affected, but products built on top of it might. This vulnerability affects Firefox < 78. |
|
3 |
CVE-2020-12401 |
203 |
|
|
2020-10-08 |
2023-02-20 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulting in variable-time execution dependent on secret data. This vulnerability affects Firefox < 80 and Firefox for Android < 80. |
|
4 |
CVE-2020-12400 |
203 |
|
|
2020-10-08 |
2023-02-20 |
1.2 |
None |
Local |
High |
Not required |
Partial |
None |
None |
|
When converting coordinates from projective to affine, the modular inversion was not performed in constant time, resulting in a possible timing-based side channel attack. This vulnerability affects Firefox < 80 and Firefox for Android < 80. |
|
5 |
CVE-2020-12399 |
203 |
|
|
2020-07-09 |
2022-01-04 |
1.2 |
None |
Local |
High |
Not required |
Partial |
None |
None |
|
NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9. |
|
6 |
CVE-2020-6824 |
384 |
|
|
2020-04-24 |
2020-05-01 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Initially, a user opens a Private Browsing Window and generates a password for a site, then closes the Private Browsing Window but leaves Firefox open. Subsequently, if the user had opened a new Private Browsing Window, revisited the same site, and generated a new password - the generated passwords would have been identical, rather than independent. This vulnerability affects Firefox < 75. |
|
7 |
CVE-2017-5427 |
362 |
|
|
2018-06-11 |
2018-08-07 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
A non-existent chrome.manifest file will attempt to be loaded during startup from the primary installation directory. If a malicious user with local access puts chrome.manifest and other referenced files in this directory, they will be loaded and activated during startup. This could result in malicious software being added without consent or modification of referenced installed files. This vulnerability affects Firefox < 52. |
|
8 |
CVE-2015-5960 |
284 |
|
Bypass |
2015-08-08 |
2015-08-21 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Mozilla Firefox OS before 2.2 allows physically proximate attackers to bypass the pass-code protection mechanism and access USB Mass Storage (UMS) media volumes by using the USB interface for a mount operation. |
|
9 |
CVE-2014-1496 |
269 |
|
+Priv |
2014-03-19 |
2020-08-05 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update. |
|
10 |
CVE-2010-2470 |
264 |
|
|
2010-06-28 |
2010-06-29 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6.1 and 3.7 through 3.7.1, when use_suexec is enabled, uses world-readable permissions within (1) .bzr/ and (2) data/webdot/, which allows local users to obtain potentially sensitive data by reading files in these directories, a different vulnerability than CVE-2010-0180. |
|
11 |
CVE-2010-0180 |
264 |
|
|
2010-06-28 |
2010-06-28 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6 and 3.7, when use_suexec is enabled, uses world-readable permissions for the localconfig files, which allows local users to read sensitive configuration fields, as demonstrated by the database password field and the site_wide_secret field. |
|
12 |
CVE-2004-2657 |
|
|
|
2004-12-31 |
2018-10-19 |
1.7 |
None |
Local |
Low |
??? |
Partial |
None |
None |
|
** DISPUTED ** Mozilla Firefox 1.5.0.1, and possibly other versions, preserves some records of user activity even after uninstalling, which allows local users who share a Windows profile to view the records after a new installation of Firefox, as reported for the list of Passwords Never Saved web sites. NOTE: The vendor has disputed this issue, stating that "The uninstaller is primarily there to uninstall the application. It is not there to uninstall user data. For the moment I will stick by my module-owner decision." |
