Vulnerabilities > Mozilla > Firefox > 3.0.5

DATE CVE VULNERABILITY TITLE RISK
2018-06-11 CVE-2017-5452 Improper Input Validation vulnerability in Mozilla Firefox
Malicious sites can display a spoofed addressbar on a page when the existing location bar on the new page is scrolled out of view if an HTML editable page element is user selected.
network
mozilla CWE-20
4.3
2018-06-11 CVE-2017-5451 Improper Input Validation vulnerability in multiple products
A mechanism to spoof the addressbar through the user interaction on the addressbar and the "onblur" event.
4.3
2018-06-11 CVE-2017-5450 Improper Input Validation vulnerability in Mozilla Firefox
A mechanism to spoof the Firefox for Android addressbar using a "javascript:" URI.
network
low complexity
mozilla CWE-20
5.0
2018-06-11 CVE-2017-5449 Improper Input Validation vulnerability in multiple products
A possibly exploitable crash triggered during layout and manipulation of bidirectional unicode text in concert with CSS animations.
network
low complexity
redhat mozilla CWE-20
5.0
2018-06-11 CVE-2017-5448 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds write in "ClearKeyDecryptor" while decrypting some Clearkey-encrypted media content.
network
low complexity
debian redhat mozilla CWE-787
8.6
2018-06-11 CVE-2017-5447 Use After Free vulnerability in multiple products
An out-of-bounds read during the processing of glyph widths during text layout.
network
low complexity
debian redhat mozilla CWE-416
critical
9.1
2018-06-11 CVE-2017-5446 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read when an HTTP/2 connection to a servers sends "DATA" frames with incorrect data content.
network
low complexity
debian redhat mozilla CWE-125
critical
9.8
2018-06-11 CVE-2017-5445 Improper Validation of Array Index vulnerability in multiple products
A vulnerability while parsing "application/http-index-format" format content where uninitialized values are used to create an array.
network
low complexity
debian redhat mozilla CWE-129
7.5
2018-06-11 CVE-2017-5444 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A buffer overflow vulnerability while parsing "application/http-index-format" format content when the header contains improperly formatted data.
network
low complexity
debian redhat mozilla CWE-119
7.5
2018-06-11 CVE-2017-5443 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds write vulnerability while decoding improperly formed BinHex format archives.
network
low complexity
debian redhat mozilla CWE-787
critical
9.8