Vulnerabilities > Mozilla > Firefox > 44.0.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-06-11 | CVE-2017-7813 | Incorrect Type Conversion or Cast vulnerability in Mozilla Firefox Inside the JavaScript parser, a cast of an integer to a narrower type can result in data read from outside the buffer being parsed. | 6.4 |
2018-06-11 | CVE-2017-7812 | Information Exposure vulnerability in Mozilla Firefox If web content on a page is dragged onto portions of the browser UI, such as the tab bar, links can be opened that otherwise would not be allowed to open. | 5.0 |
2018-06-11 | CVE-2017-7811 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox Memory safety bugs were reported in Firefox 55. | 10.0 |
2018-06-11 | CVE-2017-7810 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory safety bugs were reported in Firefox 55 and Firefox ESR 52.3. | 10.0 |
2018-06-11 | CVE-2017-7809 | Use After Free vulnerability in multiple products A use-after-free vulnerability can occur when an editor DOM node is deleted prematurely during tree traversal while still bound to the document. | 7.5 |
2018-06-11 | CVE-2017-7808 | Information Exposure vulnerability in Mozilla Firefox A content security policy (CSP) "frame-ancestors" directive containing origins with paths allows for comparisons against those paths instead of the origin. | 5.0 |
2018-06-11 | CVE-2017-7807 | Improper Input Validation vulnerability in multiple products A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. | 5.8 |
2018-06-11 | CVE-2017-7806 | Use After Free vulnerability in Mozilla Firefox A use-after-free vulnerability can occur when the layer manager is freed too early when rendering specific SVG content, resulting in a potentially exploitable crash. | 5.0 |
2018-06-11 | CVE-2017-7804 | Improper Input Validation vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird The destructor function for the "WindowsDllDetourPatcher" class can be re-purposed by malicious code in concert with another vulnerability to write arbitrary data to an attacker controlled location in memory. | 5.0 |
2018-06-11 | CVE-2017-7803 | Improper Privilege Management vulnerability in multiple products When a page's content security policy (CSP) header contains a "sandbox" directive, other directives are ignored. | 5.0 |