CVE search results

391 – 400 of 542 results

Detailed view

Sort by:

CVE-2009-3378

Medium priority

Some fixes available 3 of 6

The oggplay_data_handle_theora_frame function in media/liboggplay/src/liboggplay/oggplay_data.c in liboggplay, as used in Mozilla Firefox 3.5.x before 3.5.4, attempts to reuse an earlier frame data structure upon encountering a...

3 affected packages

firefox, xulrunner-1.9.1, xulrunner-1.9.2

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—
xulrunner-1.9.1	—	—	—	—
xulrunner-1.9.2	—	—	—	—

CVE-2009-3375

Low priority

Fixed

content/html/document/src/nsHTMLDocument.cpp in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allows user-assisted remote attackers to bypass the Same Origin Policy and read an arbitrary content selection via the...

4 affected packages

firefox-3.0, firefox-3.5, xulrunner-1.9, xulrunner-1.9.1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox-3.0	—	—	—	—
firefox-3.5	—	—	—	—
xulrunner-1.9	—	—	—	—
xulrunner-1.9.1	—	—	—	—

CVE-2009-3374

Medium priority

Fixed

The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects...

4 affected packages

firefox-3.0, firefox-3.5, xulrunner-1.9, xulrunner-1.9.1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox-3.0	—	—	—	—
firefox-3.5	—	—	—	—
xulrunner-1.9	—	—	—	—
xulrunner-1.9.1	—	—	—	—

CVE-2009-3371

Medium priority

Fixed

Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by creating JavaScript web-workers recursively.

2 affected packages

firefox-3.5, xulrunner-1.9.1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox-3.5	—	—	—	—
xulrunner-1.9.1	—	—	—	—

CVE-2009-3370

Medium priority

Fixed

Mozilla Firefox before 3.0.15, and 3.5.x before 3.5.4, allows remote attackers to read form history by forging mouse and keyboard events that leverage the auto-fill feature to populate form fields, in an attacker-readable form,...

2 affected packages

firefox-3.5, xulrunner-1.9.1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox-3.5	—	—	—	—
xulrunner-1.9.1	—	—	—	—

CVE-2009-1563

Low priority

Fixed

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-0689. Reason: This candidate is a duplicate of CVE-2009-0689. Certain codebase relationships were not originally clear. Notes: All CVE users should...

4 affected packages

firefox-3.0, firefox-3.5, xulrunner-1.9, xulrunner-1.9.1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox-3.0	—	—	—	—
firefox-3.5	—	—	—	—
xulrunner-1.9	—	—	—	—
xulrunner-1.9.1	—	—	—	—

CVE-2009-3379

Medium priority

Some fixes available 2 of 3

Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. ...

2 affected packages

firefox, xulrunner-1.9.1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—
xulrunner-1.9.1	—	—	—	—

CVE-2009-3377

Low priority

Some fixes available 5 of 12

Multiple unspecified vulnerabilities in liboggz before cf5feeaab69b05e24, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code...

4 affected packages

firefox, liboggz, xulrunner-1.9, xulrunner-1.9.1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—
liboggz	—	—	—	—
xulrunner-1.9	—	—	—	—
xulrunner-1.9.1	—	—	—	—

CVE-2009-3376

Low priority

Fixed

Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, does not properly handle a right-to-left override (aka RLO or U+202E) Unicode character in a download filename, which allows remote attackers to spoof...

5 affected packages

firefox-3.0, firefox-3.5, thunderbird, xulrunner-1.9, xulrunner-1.9.1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox-3.0	—	—	—	—
firefox-3.5	—	—	—	—
thunderbird	—	—	—	—
xulrunner-1.9	—	—	—	—
xulrunner-1.9.1	—	—	—	—

CVE-2009-3373

Medium priority

Some fixes available 8 of 10

Heap-based buffer overflow in the GIF image parser in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via unspecified vectors.

4 affected packages

firefox, seamonkey, xulrunner-1.9, xulrunner-1.9.1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
firefox	—	—	—	—
seamonkey	—	—	—	—
xulrunner-1.9	—	—	—	—
xulrunner-1.9.1	—	—	—	—

Export to JSON

Results by page:

Search CVE reports