Vulnerabilities > Mozilla > Firefox > 3.5.2

DATE CVE VULNERABILITY TITLE RISK
2010-06-24 CVE-2010-0183 Resource Management Errors vulnerability in Mozilla Firefox and Seamonkey
Use-after-free vulnerability in the nsCycleCollector::MarkRoots function in Mozilla Firefox 3.5.x before 3.5.10 and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a crafted HTML document, related to an improper frame construction process for menus.
network
mozilla CWE-399
critical
9.3
2010-06-01 CVE-2010-2117 Resource Management Errors vulnerability in Mozilla Firefox
Mozilla Firefox 3.0.19, 3.5.x, and 3.6.x allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid (1) news:// or (2) nntp:// URIs.
network
mozilla CWE-399
4.3
2010-05-20 CVE-2010-1990 Resource Management Errors vulnerability in Mozilla Firefox and Seamonkey
Mozilla Firefox 3.6.x, 3.5.x, 3.0.19, and earlier, and SeaMonkey, executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many IFRAME elements.
network
low complexity
mozilla CWE-399
5.0
2010-04-28 CVE-2010-1585 Improper Input Validation vulnerability in Mozilla Firefox, Seamonkey and Thunderbird
The nsIScriptableUnescapeHTML.parseFragment method in the ParanoidFragmentSink protection mechanism in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 does not properly sanitize HTML in a chrome document, which makes it easier for remote attackers to execute arbitrary JavaScript with chrome privileges via a javascript: URI in input to an extension, as demonstrated by a javascript:alert sequence in (1) the HREF attribute of an A element or (2) the ACTION attribute of a FORM element.
network
mozilla CWE-20
critical
9.3
2010-04-05 CVE-2010-0182 Improper Input Validation vulnerability in Mozilla Firefox, Seamonkey and Thunderbird
The XMLDocument::load function in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 does not perform the expected nsIContentPolicy checks during loading of content by XML documents, which allows attackers to bypass intended access restrictions via crafted content.
network
mozilla CWE-20
4.3
2010-04-05 CVE-2010-0181 Improper Input Validation vulnerability in Mozilla Firefox and Seamonkey
Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, executes a mail application in situations where an IMG element has a SRC attribute that is a redirect to a mailto: URL, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many images.
network
mozilla CWE-20
4.3
2010-04-05 CVE-2010-0179 Code Injection vulnerability in Mozilla Firefox, Seamonkey and Thunderbird
Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects, which allows remote attackers to execute arbitrary JavaScript via a crafted HTTP response.
network
high complexity
mozilla CWE-94
5.1
2010-04-05 CVE-2010-0178 Code Injection vulnerability in Mozilla Firefox and Seamonkey
Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, does not prevent applets from interpreting mouse clicks as drag-and-drop actions, which allows remote attackers to execute arbitrary JavaScript with Chrome privileges by loading a chrome: URL and then loading a javascript: URL.
network
high complexity
mozilla CWE-94
7.6
2010-04-05 CVE-2010-0177 Resource Management Errors vulnerability in Mozilla Firefox and Seamonkey
Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, frees the contents of the window.navigator.plugins array while a reference to an array element is still active, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to a "dangling pointer vulnerability."
network
mozilla CWE-399
critical
9.3
2010-04-05 CVE-2010-0176 Resource Management Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird
Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 do not properly manage reference counts for option elements in a XUL tree optgroup, which might allow remote attackers to execute arbitrary code via unspecified vectors that trigger access to deleted elements, related to a "dangling pointer vulnerability."
network
mozilla CWE-399
critical
9.3