Vulnerabilities > Mozilla > Firefox > 2.0.0.5

DATE CVE VULNERABILITY TITLE RISK
2009-12-17 CVE-2009-3983 Multiple vulnerability in Mozilla Firefox, Seamonkey and Thunderbird
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user.
network
mozilla
6.8
2009-12-17 CVE-2009-3981 Remote Memory Corruption vulnerability in Mozilla Firefox, Seamonkey and Thunderbird
Unspecified vulnerability in the browser engine in Mozilla Firefox before 3.0.16, SeaMonkey before 2.0.1, and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
network
mozilla
critical
9.3
2009-12-17 CVE-2009-3979 Remote Memory Corruption vulnerability in Mozilla Firefox
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
network
mozilla
critical
9.3
2009-11-19 CVE-2009-3978 Unspecified vulnerability in Mozilla Firefox
The nsGIFDecoder2::GifWrite function in decoders/gif/nsGIFDecoder2.cpp in libpr0n in Mozilla Firefox before 3.5.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an animated GIF file with a large image size, a different vulnerability than CVE-2009-3373.
network
mozilla
4.3
2009-09-18 CVE-2008-7244 Resource Management Errors vulnerability in Mozilla Firefox
Mozilla Firefox 3.0.1 and earlier allows remote attackers to cause a denial of service (browser hang) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821.
network
low complexity
mozilla CWE-399
5.0
2009-09-10 CVE-2009-3079 Code Injection vulnerability in Mozilla Firefox
Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter.
network
low complexity
mozilla CWE-94
critical
10.0
2009-09-10 CVE-2009-3078 Improper Input Validation vulnerability in Mozilla Firefox
Visual truncation vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to trigger a vertical scroll and spoof URLs via unspecified Unicode characters with a tall line-height property.
network
low complexity
mozilla CWE-20
5.0
2009-09-10 CVE-2009-3077 Code Injection vulnerability in Mozilla Firefox
Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, does not properly manage pointers for the columns (aka TreeColumns) of a XUL tree element, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to a "dangling pointer vulnerability."
network
mozilla CWE-94
critical
9.3
2009-09-10 CVE-2009-3076 Unspecified vulnerability in Mozilla Firefox
Mozilla Firefox before 3.0.14 does not properly implement certain dialogs associated with the (1) pkcs11.addmodule and (2) pkcs11.deletemodule operations, which makes it easier for remote attackers to trick a user into installing or removing an arbitrary PKCS11 module.
network
mozilla
critical
9.3
2009-09-10 CVE-2009-3075 Unspecified vulnerability in Mozilla Firefox
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.2, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to use of mutable strings in the js_StringReplaceHelper function in js/src/jsstr.cpp, and unknown vectors.
network
low complexity
mozilla
critical
10.0