Max CVSS | 10.0 | Min CVSS | 2.6 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2009-0354 | 2.6 |
Cross-domain vulnerability in js/src/jsobj.cpp in Mozilla Firefox 3.x before 3.0.6 allows remote attackers to bypass the Same Origin Policy, and access the properties of an arbitrary window and conduct cross-site scripting (XSS) attacks, via vectors
|
13-02-2023 - 01:17 | 04-02-2009 - 19:30 | |
CVE-2009-0352 | 10.0 |
Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbit
|
03-10-2018 - 21:58 | 04-02-2009 - 19:30 | |
CVE-2009-0353 | 10.0 |
Unspecified vulnerability in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code
|
29-09-2017 - 01:33 | 04-02-2009 - 19:30 | |
CVE-2009-0358 | 3.3 |
Mozilla Firefox 3.x before 3.0.6 does not properly implement the (1) no-store and (2) no-cache Cache-Control directives, which allows local users to obtain sensitive information by using the (a) back button or (b) history list of the victim's browser
|
29-09-2017 - 01:33 | 04-02-2009 - 19:30 | |
CVE-2009-0355 | 5.4 |
components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type="file" during tab restoration, which allows user-assisted remote attackers to read arbitrary files on a client machine via
|
29-09-2017 - 01:33 | 04-02-2009 - 19:30 | |
CVE-2009-0357 | 5.0 |
Mozilla Firefox before 3.0.6 and SeaMonkey before 1.1.15 do not properly restrict access from web pages to the (1) Set-Cookie and (2) Set-Cookie2 HTTP response headers, which allows remote attackers to obtain sensitive information from cookies via XM
|
29-09-2017 - 01:33 | 04-02-2009 - 19:30 |