Vulnerabilities > Mozilla > Firefox

DATE CVE VULNERABILITY TITLE RISK
2016-09-22 CVE-2016-5274 Use After Free vulnerability in Mozilla Firefox
Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between restyling and the Web Animations model implementation.
network
low complexity
mozilla CWE-416
critical
9.8
2016-09-22 CVE-2016-5273 Improper Access Control vulnerability in Mozilla Firefox
The mozilla::a11y::HyperTextAccessible::GetChildOffset function in the accessibility implementation in Mozilla Firefox before 49.0 allows remote attackers to execute arbitrary code via a crafted web site.
network
low complexity
mozilla CWE-284
8.8
2016-09-22 CVE-2016-5272 Improper Input Validation vulnerability in Mozilla Firefox
The nsImageGeometryMixin class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 does not properly perform a cast of an unspecified variable during handling of INPUT elements, which allows remote attackers to execute arbitrary code via a crafted web site.
network
low complexity
mozilla CWE-20
8.8
2016-09-22 CVE-2016-5271 Out-of-bounds Read vulnerability in Mozilla Firefox
The PropertyProvider::GetSpacingInternal function in Mozilla Firefox before 49.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via text runs in conjunction with a "display: contents" Cascading Style Sheets (CSS) property.
network
low complexity
mozilla CWE-125
6.5
2016-09-22 CVE-2016-5270 Out-of-bounds Write vulnerability in Mozilla Firefox
Heap-based buffer overflow in the nsCaseTransformTextRunFactory::TransformString function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to cause a denial of service (boolean out-of-bounds write) or possibly have unspecified other impact via Unicode characters that are mishandled during text conversion.
network
low complexity
mozilla CWE-787
critical
9.8
2016-09-22 CVE-2016-5257 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4 and Thunderbird < 45.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
network
low complexity
mozilla CWE-119
critical
9.8
2016-09-22 CVE-2016-5256 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
network
low complexity
mozilla CWE-119
critical
9.8
2016-09-22 CVE-2016-2827 Out-of-bounds Read vulnerability in Mozilla Firefox
The mozilla::net::IsValidReferrerPolicy function in Mozilla Firefox before 49.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a Content Security Policy (CSP) referrer directive with zero values.
network
low complexity
mozilla CWE-125
6.5
2016-09-06 CVE-2016-7153 Information Exposure vulnerability in multiple products
The HTTP/2 protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack.
network
low complexity
microsoft google apple opera mozilla CWE-200
5.3
2016-09-06 CVE-2016-7152 Information Exposure vulnerability in multiple products
The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack.
network
low complexity
opera apple mozilla microsoft google CWE-200
5.3