| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2009-2472 | 4.3 |
Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted document, re
|
29-07-2021 - 13:46 | 22-07-2009 - 18:30 | |
| CVE-2009-2462 | 10.0 |
The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) the frame chain and synch
|
30-10-2018 - 16:25 | 22-07-2009 - 18:30 | |
| CVE-2009-2465 | 10.0 |
Mozilla Firefox before 3.0.12 and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via vectors involving double frame construction, related to (1) nsHTMLContentSink.cp
|
30-10-2018 - 16:25 | 22-07-2009 - 18:30 | |
| CVE-2009-2464 | 10.0 |
The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in Mozilla Firefox before 3.0.12, SeaMonkey 2.0a1pre, and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arb
|
30-10-2018 - 16:25 | 22-07-2009 - 18:30 | |
| CVE-2009-2463 | 10.0 |
Multiple integer overflows in the (1) PL_Base64Decode and (2) PL_Base64Encode functions in nsprpub/lib/libc/src/base64.c in Mozilla Firefox before 3.0.12, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a deni
|
30-10-2018 - 16:25 | 22-07-2009 - 18:30 | |
| CVE-2009-2466 | 10.0 |
The JavaScript engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) nsDOMClassInfo.cpp, (2
|
30-10-2018 - 16:25 | 22-07-2009 - 18:30 | |
| CVE-2009-2471 | 10.0 |
The setTimeout function in Mozilla Firefox before 3.0.12 does not properly preserve object wrapping, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafted call, related to XPCNativeWrapper.
|
19-09-2017 - 01:29 | 22-07-2009 - 18:30 | |
| CVE-2009-2664 | 5.0 |
The js_watch_set function in js/src/jsdbgapi.cpp in the JavaScript engine in Mozilla Firefox before 3.0.12 allows remote attackers to cause a denial of service (assertion failure and application exit) or possibly execute arbitrary code via a crafted
|
19-09-2017 - 01:29 | 04-08-2009 - 16:30 | |
| CVE-2009-2469 | 10.0 |
Mozilla Firefox before 3.0.12 does not properly handle an SVG element that has a property with a watch function and an __defineSetter__ function, which allows remote attackers to cause a denial of service (memory corruption and application crash) or
|
19-09-2017 - 01:29 | 22-07-2009 - 18:30 | |
| CVE-2009-2467 | 10.0 |
Mozilla Firefox before 3.0.12 and 3.5 before 3.5.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a Flash object, a slow script dialog, and the unloading of the Flash
|
19-09-2017 - 01:29 | 22-07-2009 - 18:30 |