CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Mozilla : Security Vulnerabilities (CVSS score between 5 and 5.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-11755 20 2019-09-27 2019-10-04
5.0
None Remote Low Not required None Partial None
A crafted S/MIME message consisting of an inner encryption layer and an outer SignedData layer was shown as having a valid digital signature, although the signer might have had no access to the contents of the encrypted message, and might have stripped a different signature from the encrypted message. Previous versions had only suppressed showing a digital signature for messages with an outer multipart/signed layer. This vulnerability affects Thunderbird < 68.1.1.
2 CVE-2019-11737 345 2019-09-27 2019-10-02
5.0
None Remote Low Not required None Partial None
If a wildcard ('*') is specified for the host in Content Security Policy (CSP) directives, any port or path restriction of the directive will be ignored, leading to CSP directives not being properly applied to content. This vulnerability affects Firefox < 69.
3 CVE-2019-11733 200 +Info 2019-09-27 2019-10-05
5.0
None Remote Low Not required Partial None None
When a master password is set, it is required to be entered again before stored passwords can be accessed in the 'Saved Logins' dialog. It was found that locally stored passwords can be copied to the clipboard thorough the 'copy password' context menu item without re-entering the master password if the master password had been previously entered in the same session, allowing for potential theft of stored passwords. This vulnerability affects Firefox < 68.0.2 and Firefox ESR < 68.0.2.
4 CVE-2019-11729 20 2019-07-23 2019-07-29
5.0
None Remote Low Not required None None Partial
Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into memory and used. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
5 CVE-2019-11727 295 2019-07-23 2019-07-30
5.0
None Remote Low Not required None Partial None
A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages. This vulnerability affects Firefox < 68.
6 CVE-2019-11724 264 2019-07-23 2019-08-15
5.8
None Remote Medium Not required Partial Partial None
Application permissions give additional remote troubleshooting permission to the site input.mozilla.org, which has been retired and now redirects to another site. This additional permission is unnecessary and is a potential vector for malicious attacks. This vulnerability affects Firefox < 68.
7 CVE-2019-11723 200 +Info 2019-07-23 2019-08-15
5.0
None Remote Low Not required Partial None None
A vulnerability exists during the installation of add-ons where the initial fetch ignored the origin attributes of the browsing context. This could leak cookies in private browsing mode or across different "containers" for people who use the Firefox Multi-Account Containers Web Extension. This vulnerability affects Firefox < 68.
8 CVE-2019-11719 125 2019-07-23 2019-07-29
5.0
None Remote Low Not required Partial None None
When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services (NSS) library. This could lead to information disclosure. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
9 CVE-2019-11718 200 +Info 2019-07-23 2019-08-15
5.0
None Remote Low Not required Partial None None
Activity Stream can display content from sent from the Snippet Service website. This content is written to innerHTML on the Activity Stream page without sanitization, allowing for a potential access to other information available to the Activity Stream, such as browsing history, if the Snipper Service were compromised. This vulnerability affects Firefox < 68.
10 CVE-2019-11717 20 2019-07-23 2019-07-29
5.0
None Remote Low Not required None Partial None
A vulnerability exists where the caret ("^") character is improperly escaped constructing some URIs due to it being used as a separator, allowing for possible spoofing of origin attributes. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
11 CVE-2019-11706 704 2019-07-23 2019-08-16
5.0
None Remote Low Not required None None Partial
A flaw in Thunderbird's implementation of iCal causes a type confusion in icaltimezone_get_vtimezone_properties when processing certain email messages, resulting in a crash. This vulnerability affects Thunderbird < 60.7.1.
12 CVE-2019-11698 20 2019-07-23 2019-07-28
5.0
None Remote Low Not required Partial None None
If a crafted hyperlink is dragged and dropped to the bookmark bar or sidebar and the resulting bookmark is subsequently dragged and dropped into the web content area, an arbitrary query of a user's browser history can be run and transmitted to the content page via drop event data. This allows for the theft of browser history by a malicious site. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.
13 CVE-2019-11694 200 +Info 2019-07-23 2019-07-26
5.0
None Remote Low Not required Partial None None
A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked to a renderer from a broker when making a call to access an otherwise unavailable file. This results in the potential leaking of information stored at that memory location. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.
14 CVE-2019-9817 346 2019-07-23 2019-07-26
5.0
None Remote Low Not required Partial None None
Images from a different domain can be read using a canvas object in some circumstances. This could be used to steal image data from a different site in violation of same-origin policy. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.
15 CVE-2019-9811 264 2019-07-23 2019-07-29
5.1
None Remote High Not required Partial Partial Partial
As part of a winning Pwn2Own entry, a researcher demonstrated a sandbox escape by installing a malicious language pack and then opening a browser feature that used the compromised translation. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
16 CVE-2019-9809 399 DoS 2019-04-26 2019-04-29
5.0
None Remote Low Not required None None Partial
If the source for resources on a page is through an FTP connection, it is possible to trigger a series of modal alert messages for these resources through invalid credentials or locations. These messages cannot be immediately dismissed, allowing for a denial of service (DOS) attack. This vulnerability affects Firefox < 66.
17 CVE-2019-9808 346 2019-04-26 2019-04-29
5.0
None Remote Low Not required None Partial None
If WebRTC permission is requested from documents with data: or blob: URLs, the permission notifications do not properly display the originating domain. The notification states "Unknown origin" as the requestee, leading to user confusion about which site is asking for this permission. This vulnerability affects Firefox < 66.
18 CVE-2019-9806 399 DoS 2019-04-26 2019-04-29
5.0
None Remote Low Not required None None Partial
A vulnerability exists during authorization prompting for FTP transaction where successive modal prompts are displayed and cannot be immediately dismissed. This allows for a denial of service (DOS) attack. This vulnerability affects Firefox < 66.
19 CVE-2019-9803 346 2019-04-26 2019-04-30
5.8
None Remote Medium Not required Partial Partial None
The Upgrade-Insecure-Requests (UIR) specification states that if UIR is enabled through Content Security Policy (CSP), navigation to a same-origin URL must be upgraded to HTTPS. Firefox will incorrectly navigate to an HTTP URL rather than perform the security upgrade requested by the CSP in some circumstances, allowing for potential man-in-the-middle attacks on the linked resources. This vulnerability affects Firefox < 66.
20 CVE-2019-9802 200 Bypass +Info 2019-04-26 2019-04-30
5.0
None Remote Low Not required Partial None None
If a Sandbox content process is compromised, it can initiate an FTP download which will then use a child process to render the downloaded data. The downloaded data can then be passed to the Chrome process with an arbitrary file length supplied by an attacker, bypassing sandbox protections and allow for a potential memory read of adjacent data from the privileged Chrome process, which may include sensitive data. This vulnerability affects Firefox < 66.
21 CVE-2019-9801 20 2019-04-26 2019-04-29
5.0
None Remote Low Not required None Partial None
Firefox will accept any registered Program ID as an external protocol handler and offer to launch this local application when given a matching URL on Windows operating systems. This should only happen if the program has specifically registered itself as a "URL Handler" in the Windows registry. *Note: This issue only affects Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.
22 CVE-2019-9799 119 Overflow 2019-04-26 2019-04-29
5.0
None Remote Low Not required Partial None None
Insufficient bounds checking of data during inter-process communication might allow a compromised content process to be able to read memory from the parent process under certain conditions. This vulnerability affects Firefox < 66.
23 CVE-2019-9798 254 Exec Code 2019-04-26 2019-04-29
5.8
None Remote Medium Not required Partial Partial None
On Android systems, Firefox can load a library from APITRACE_LIB, which is writable by all users and applications. This could allow malicious third party applications to execute a man-in-the-middle attack if a malicious code was written to that location and loaded. *Note: This issue only affects Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 66.
24 CVE-2019-9797 346 2019-04-26 2019-06-10
5.0
None Remote Low Not required Partial None None
Cross-origin images can be read in violation of the same-origin policy by exporting an image after using createImageBitmap to read the image and then rendering the resulting bitmap image within a canvas element. This vulnerability affects Firefox < 66.
25 CVE-2018-18513 20 2019-04-26 2019-04-29
5.0
None Remote Low Not required None None Partial
A crash can occur when processing a crafted S/MIME message or an XPI package containing a crafted signature. This can be used as a denial-of-service (DOS) attack because Thunderbird reopens the last seen message on restart, triggering the crash again. This vulnerability affects Thunderbird < 60.5.
26 CVE-2018-18509 347 2019-04-26 2019-06-03
5.0
None Remote Low Not required None Partial None
A flaw during verification of certain S/MIME signatures causes emails to be shown in Thunderbird as having a valid digital signature, even if the shown message contents aren't covered by the signature. The flaw allows an attacker to reuse a valid S/MIME signature to craft an email message with arbitrary content. This vulnerability affects Thunderbird < 60.5.1.
27 CVE-2018-12395 Bypass 2019-02-28 2019-10-02
5.0
None Remote Low Not required Partial None None
By rewriting the Host: request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting. This would allow access to domains that share a host that are otherwise restricted. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63.
28 CVE-2018-12386 704 Exec Code 2018-10-18 2018-12-06
5.8
None Remote Medium Not required Partial Partial None
A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR < 60.2.2 and Firefox < 62.0.3.
29 CVE-2018-12382 20 2018-10-18 2018-12-06
5.0
None Remote Low Not required None Partial None
The displayed addressbar URL can be spoofed on Firefox for Android using a javascript: URI in concert with JavaScript to insert text before the loaded domain name, scrolling the loaded domain out of view to the right. This can lead to user confusion. *This vulnerability only affects Firefox for Android < 62.*
30 CVE-2018-12381 610 2018-10-18 2019-10-02
5.0
None Remote Low Not required None Partial None
Manually dragging and dropping an Outlook email message into the browser will trigger a page navigation when the message's mail columns are incorrectly interpreted as a URL. *Note: this issue only affects Windows operating systems with Outlook installed. Other operating systems are not affected.*. This vulnerability affects Firefox ESR < 60.2 and Firefox < 62.
31 CVE-2018-10229 200 +Info 2018-05-04 2019-10-02
5.8
None Remote Medium Not required Partial Partial None
A hardware vulnerability in GPU memory modules allows attackers to accelerate micro-architectural attacks through the use of the JavaScript WebGL API.
32 CVE-2018-5184 326 2018-06-11 2018-11-25
5.0
None Remote Low Not required Partial None None
Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.
33 CVE-2018-5182 200 +Info 2018-06-11 2018-08-03
5.0
None Remote Low Not required Partial None None
If a text string that happens to be a filename in the operating system's native format is dragged and dropped onto the addressbar the specified local file will be opened. This is contrary to policy and is what would happen if the string were the equivalent "file:" URL. This vulnerability affects Firefox < 60.
34 CVE-2018-5181 200 +Info 2018-06-11 2018-08-03
5.0
None Remote Low Not required Partial None None
If a URL using the "file:" protocol is dragged and dropped onto an open tab that is running in a different child process the tab will open a local file corresponding to the dropped URL, contrary to policy. One way to make the target tab open more reliably in a separate process is to open it with the "noopener" keyword. This vulnerability affects Firefox < 60.
35 CVE-2018-5180 416 2018-06-11 2018-08-03
5.0
None Remote Low Not required None None Partial
A use-after-free vulnerability can occur during WebGL operations. While this results in a potentially exploitable crash, the vulnerability is limited because the memory is freed and reused in a brief window of time during the freeing of the same callstack. This vulnerability affects Firefox < 60.
36 CVE-2018-5179 772 2019-04-26 2019-10-02
5.0
None Remote Low Not required Partial None None
A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60.
37 CVE-2018-5177 119 Overflow 2018-06-11 2018-08-03
5.0
None Remote Low Not required None None Partial
A vulnerability exists in XSLT during number formatting where a negative buffer size may be allocated in some instances, leading to a buffer overflow and crash if it occurs. This vulnerability affects Firefox < 60.
38 CVE-2018-5174 2018-06-11 2019-10-02
5.0
None Remote Low Not required None Partial None
In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the "SEE_MASK_FLAG_NO_UI" flag associated with downloaded files and will not show any UI. Files that are unknown and potentially dangerous will be allowed to run because SmartScreen will not prompt the user for a decision, and if the user is offline all files will be allowed to be opened because Windows won't prompt the user to ask what to do. Firefox incorrectly sets this flag when downloading files, leading to less secure behavior from SmartScreen. Note: this issue only affects Windows 10 users running the April 2018 update or later. It does not affect other Windows users or other operating systems. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.
39 CVE-2018-5173 20 2018-06-11 2018-08-03
5.0
None Remote Low Not required None Partial None
The filename appearing in the "Downloads" panel improperly renders some Unicode characters, allowing for the file name to be spoofed. This can be used to obscure the file extension of potentially executable files from user view in the panel. Note: the dialog to open the file will show the full, correct filename and whether it is executable or not. This vulnerability affects Firefox < 60.
40 CVE-2018-5168 275 Bypass 2018-06-11 2018-11-25
5.0
None Remote Low Not required None Partial None
Sites can bypass security checks on permissions to install lightweight themes by manipulating the "baseURI" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.
41 CVE-2018-5166 269 Bypass 2018-06-11 2019-10-02
5.0
None Remote Low Not required Partial None None
WebExtensions can use request redirection and a "filterReponseData" filter to bypass host permission settings to redirect network traffic and access content from a host for which they do not have explicit user permission. This vulnerability affects Firefox < 60.
42 CVE-2018-5163 281 Exec Code +Priv 2018-06-11 2019-10-02
5.1
None Remote High Not required Partial Partial Partial
If a malicious attacker has used another vulnerability to gain full control over a content process, they may be able to replace the alternate data resources stored in the JavaScript Start-up Bytecode Cache (JSBC) for other JavaScript code. If the parent process then runs this replaced code, the executed script would be run with the parent process' privileges, escaping the sandbox on content processes. This vulnerability affects Firefox < 60.
43 CVE-2018-5162 311 2018-06-11 2019-10-02
5.0
None Remote Low Not required Partial None None
Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.
44 CVE-2018-5160 119 Overflow 2018-06-11 2018-08-03
5.0
None Remote Low Not required None None Partial
WebRTC can use a "WrappedI420Buffer" pixel buffer but the owning image object can be freed while it is still in use. This can result in the WebRTC encoder using uninitialized memory, leading to a potentially exploitable crash. This vulnerability affects Firefox < 60.
45 CVE-2018-5157 346 Bypass 2018-06-11 2018-10-20
5.0
None Remote Low Not required Partial None None
Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR < 52.8 and Firefox < 60.
46 CVE-2018-5153 125 2018-06-11 2018-08-14
5.0
None Remote Low Not required Partial None None
If websocket data is sent with mixed text and binary in a single message, the binary data can be corrupted. This can result in an out-of-bounds read with the read memory sent to the originating server in response. This vulnerability affects Firefox < 60.
47 CVE-2018-5142 2018-06-11 2019-10-02
5.0
None Remote Low Not required None Partial None
If Media Capture and Streams API permission is requested from documents with "data:" or "blob:" URLs, the permission notifications do not properly display the originating domain. The notification states "Unknown protocol" as the requestee, leading to user confusion about which site is asking for this permission. This vulnerability affects Firefox < 59.
48 CVE-2018-5140 200 +Info 2018-06-11 2018-08-02
5.0
None Remote Low Not required Partial None None
Image for moz-icons can be accessed through the "moz-icon:" protocol through script in web content even when otherwise prohibited. This could allow for information leakage of which applications are associated with specific MIME types by a malicious page. This vulnerability affects Firefox < 59.
49 CVE-2018-5138 20 2018-06-11 2018-08-08
5.0
None Remote Low Not required None Partial None
A spoofing vulnerability can occur when a malicious site with an extremely long domain name is opened in an Android Custom Tab (a browser panel inside another app) and the default browser is Firefox for Android. This could allow an attacker to spoof which page is actually loaded and in use. Note: this issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox < 59.
50 CVE-2018-5137 200 +Info 2018-06-11 2018-08-10
5.0
None Remote Low Not required Partial None None
A legacy extension's non-contentaccessible, defined resources can be loaded by an arbitrary web page through script. This script does this by using a maliciously crafted path string to reference the resources. Note: this vulnerability does not affect WebExtensions. This vulnerability affects Firefox < 59.
Total number of vulnerabilities : 452   Page : 1 (This Page)2 3 4 5 6 7 8 9 10
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.