Vulnerabilities > Mozilla > Firefox > 3.5.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-05-07 | CVE-2011-0076 | Privilege Escalation vulnerability in Mozilla Firefox/SeaMonkey Unspecified vulnerability in the Java Embedding Plugin (JEP) in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, on Mac OS X allows remote attackers to bypass intended access restrictions via unknown vectors. | 7.5 |
| 2011-05-07 | CVE-2011-0075 | Unspecified vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0077, and CVE-2011-0078. | 10.0 |
| 2011-05-07 | CVE-2011-0074 | Unspecified vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0075, CVE-2011-0077, and CVE-2011-0078. | 10.0 |
| 2011-05-07 | CVE-2011-0073 | Improper Input Validation vulnerability in Mozilla Firefox and Seamonkey Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly use nsTreeRange data structures, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "dangling pointer." | 10.0 |
| 2011-05-07 | CVE-2011-0072 | Unspecified vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0074, CVE-2011-0075, CVE-2011-0077, and CVE-2011-0078. | 10.0 |
| 2011-05-07 | CVE-2011-0071 | Path Traversal vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Directory traversal vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 on Windows allows remote attackers to determine the existence of arbitrary files, and possibly load resources, via vectors involving a resource: URL. | 5.0 |
| 2011-05-07 | CVE-2011-0070 | Unspecified vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0069. | 10.0 |
| 2011-05-07 | CVE-2011-0069 | Unspecified vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0070. | 10.0 |
| 2011-05-07 | CVE-2011-0067 | Improper Input Validation vulnerability in Mozilla Firefox and Seamonkey Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly implement autocompletion for forms, which allows remote attackers to read form history entries via a Java applet that spoofs interaction with the autocomplete controls. | 5.0 |
| 2011-05-07 | CVE-2011-0066 | Resource Management Errors vulnerability in Mozilla Firefox and Seamonkey Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mObserverList. | 10.0 |