Vulnerabilities > Mozilla > Firefox > 16.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-07-23 | CVE-2019-11708 | Improper Input Validation vulnerability in Mozilla Firefox ESR Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. | 10.0 |
2019-07-23 | CVE-2019-11707 | Type Confusion vulnerability in Mozilla Thunderbird A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. | 8.8 |
2019-07-23 | CVE-2019-11702 | Missing Authorization vulnerability in Mozilla Firefox A hyperlink using protocols associated with Internet Explorer, such as IE.HTTP:, can be used to open local files at a known location with Internet Explorer if a user approves execution when prompted. | 4.3 |
2019-07-23 | CVE-2019-11700 | Missing Authorization vulnerability in Mozilla Firefox A hyperlink using the res: protocol can be used to open local files at a known location in Internet Explorer if a user approves execution when prompted. | 4.3 |
2019-07-23 | CVE-2019-11699 | Unspecified vulnerability in Mozilla Firefox A malicious page can briefly cause the wrong name to be highlighted as the domain name in the addressbar during page navigations. network mozilla | 4.3 |
2019-07-23 | CVE-2019-11695 | Unspecified vulnerability in Mozilla Firefox A custom cursor defined by scripting on a site can position itself over the addressbar to spoof the actual cursor when it should not be allowed outside of the primary web content area. network mozilla | 4.3 |
2019-07-23 | CVE-2019-11694 | Use of Uninitialized Resource vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked to a renderer from a broker when making a call to access an otherwise unavailable file. | 5.0 |
2019-07-23 | CVE-2019-11693 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox The bufferdata function in WebGL is vulnerable to a buffer overflow with specific graphics drivers on Linux. | 7.5 |
2019-04-26 | CVE-2019-9813 | Type Confusion vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird Incorrect handling of __proto__ mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. | 6.8 |
2019-04-26 | CVE-2019-9810 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. | 6.8 |