Vulnerabilities > Mozilla
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-23 | CVE-2019-11712 | Cross-Site Request Forgery (CSRF) vulnerability in Mozilla Firefox POST requests made by NPAPI plugins, such as Flash, that receive a status 308 redirect response can bypass CORS requirements. | 8.8 |
| 2019-07-23 | CVE-2019-11711 | When an inner window is reused, it does not consider the use of document.domain for cross-origin protections. | 8.8 |
| 2019-07-23 | CVE-2019-11710 | Out-of-bounds Write vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 67. | 9.8 |
| 2019-07-23 | CVE-2019-11709 | Out-of-bounds Write vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7. | 9.8 |
| 2019-07-23 | CVE-2019-11708 | Improper Input Validation vulnerability in Mozilla Firefox ESR Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. | 10.0 |
| 2019-07-23 | CVE-2019-11707 | Type Confusion vulnerability in Mozilla Thunderbird A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. | 8.8 |
| 2019-07-23 | CVE-2019-11706 | Type Confusion vulnerability in Mozilla Thunderbird A flaw in Thunderbird's implementation of iCal causes a type confusion in icaltimezone_get_vtimezone_properties when processing certain email messages, resulting in a crash. | 7.5 |
| 2019-07-23 | CVE-2019-11705 | Out-of-bounds Write vulnerability in Mozilla Thunderbird A flaw in Thunderbird's implementation of iCal causes a stack buffer overflow in icalrecur_add_bydayrules when processing certain email messages, resulting in a potentially exploitable crash. | 9.8 |
| 2019-07-23 | CVE-2019-11704 | Out-of-bounds Write vulnerability in Mozilla Thunderbird A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in icalmemory_strdup_and_dequote when processing certain email messages, resulting in a potentially exploitable crash. | 9.8 |
| 2019-07-23 | CVE-2019-11703 | Out-of-bounds Write vulnerability in Mozilla Thunderbird A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parser_get_next_char when processing certain email messages, resulting in a potentially exploitable crash. | 9.8 |