Vulnerabilities > Mozilla > Firefox > 3.0

DATE CVE VULNERABILITY TITLE RISK
2018-06-11 CVE-2018-5106 Information Exposure vulnerability in multiple products
Style editor traffic in the Developer Tools can be routed through a service worker hosted on a third party website if a user selects error links when these tools are open.
network
low complexity
mozilla canonical CWE-200
5.0
2018-06-11 CVE-2018-5105 WebExtensions can bypass user prompts to first save and then open an arbitrarily downloaded file.
local
low complexity
mozilla canonical
7.2
2018-06-11 CVE-2018-5104 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur during font face manipulation when a font face is freed while still in use, resulting in a potentially exploitable crash.
network
low complexity
debian redhat mozilla canonical CWE-416
7.5
2018-06-11 CVE-2018-5103 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur during mouse event handling due to issues with multiprocess support.
network
low complexity
debian redhat mozilla canonical CWE-416
7.5
2018-06-11 CVE-2018-5102 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur when manipulating HTML media elements with media streams, resulting in a potentially exploitable crash.
network
low complexity
debian redhat mozilla canonical CWE-416
7.5
2018-06-11 CVE-2018-5101 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur when manipulating floating "first-letter" style elements, resulting in a potentially exploitable crash.
network
low complexity
mozilla canonical CWE-416
5.0
2018-06-11 CVE-2018-5100 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur when arguments passed to the "IsPotentiallyScrollable" function are freed while still in use by scripts.
network
low complexity
mozilla canonical CWE-416
5.0
2018-06-11 CVE-2018-5099 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur when the widget listener is holding strong references to browser objects that have previously been freed, resulting in a potentially exploitable crash when these references are used.
network
low complexity
debian redhat mozilla canonical CWE-416
7.5
2018-06-11 CVE-2018-5098 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur when form input elements, focus, and selections are manipulated by script content.
network
low complexity
debian redhat mozilla canonical CWE-416
7.5
2018-06-11 CVE-2018-5097 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur during XSL transformations when the source document for the transformation is manipulated by script content during the transformation.
network
low complexity
debian redhat mozilla canonical CWE-416
7.5