This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:mozilla:firefox:11.0
Detail
VendorMozillaFirst view 2012-04-25
ProductFirefoxLast view2019-09-27
Version11.0TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:mozilla:firefox

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
4.32019-09-27CVE-2019-11754NetworkMediumNone Requ...
4.62019-09-27CVE-2019-11753LocalLowNone Requ...
9.32019-09-27CVE-2019-11752NetworkMediumNone Requ...
6.82019-09-27CVE-2019-11751NetworkMediumNone Requ...
4.32019-09-27CVE-2019-11750NetworkMediumNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
4.32019-09-27CVE-2019-11749NetworkMediumNone Requ...
4.32019-09-27CVE-2019-11748NetworkMediumNone Requ...
4.32019-09-27CVE-2019-11747NetworkMediumNone Requ...
6.82019-09-27CVE-2019-11746NetworkMediumNone Requ...
4.32019-09-27CVE-2019-11744NetworkMediumNone Requ...
4.32019-09-27CVE-2019-11743NetworkMediumNone Requ...
4.32019-09-27CVE-2019-11742NetworkMediumNone Requ...
4.32019-09-27CVE-2019-11741NetworkMediumNone Requ...
7.52019-09-27CVE-2019-11740NetworkLowNone Requ...
6.82019-09-27CVE-2019-11738NetworkMediumNone Requ...
52019-09-27CVE-2019-11737NetworkLowNone Requ...
4.42019-09-27CVE-2019-11736LocalMediumNone Requ...
7.52019-09-27CVE-2019-11735NetworkLowNone Requ...
7.52019-09-27CVE-2019-11734NetworkLowNone Requ...
52019-09-27CVE-2019-11733NetworkLowNone Requ...
6.82019-07-23CVE-2019-9821NetworkMediumNone Requ...
7.52019-07-23CVE-2019-9820NetworkLowNone Requ...
7.52019-07-23CVE-2019-9819NetworkLowNone Requ...
52019-07-23CVE-2019-9817NetworkLowNone Requ...

CWE : Common Weakness Enumeration

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
25% (256)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
10% (105)CWE-20Improper Input Validation
9% (94)CWE-200Information Exposure
9% (92)CWE-264Permissions, Privileges, and Access Controls
8% (85)CWE-416Use After Free
Hide | Show 20 More...
%idName
7% (79)CWE-399Resource Management Errors
4% (45)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
2% (24)CWE-254Security Features
2% (22)CWE-189Numeric Errors
1% (16)CWE-125Out-of-bounds Read
1% (16)CWE-17Code
1% (13)CWE-346Origin Validation Error
1% (13)CWE-284Access Control (Authorization) Issues
1% (12)CWE-362Race Condition
1% (12)CWE-94Failure to Control Generation of Code ('Code Injection')
1% (11)CWE-310Cryptographic Issues
1% (10)CWE-787Out-of-bounds Write
1% (10)CWE-190Integer Overflow or Wraparound
0% (8)CWE-704Incorrect Type Conversion or Cast
0% (7)CWE-352Cross-Site Request Forgery (CSRF)
0% (5)CWE-732Incorrect Permission Assignment for Critical Resource
0% (5)CWE-269Improper Privilege Management
0% (4)CWE-275Permission Issues
0% (4)CWE-19Data Handling
0% (3)CWE-287Improper Authentication

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:16743Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird...
oval:org.mitre.oval:def:23744The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24....
oval:org.mitre.oval:def:25000The PropertyProvider::FindJustificationRange function in Mozilla Firefox befo...
oval:org.mitre.oval:def:24571TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before ...
oval:org.mitre.oval:def:16692Untrusted search path vulnerability in the installer in Mozilla Firefox befor...
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:16893The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x t...
oval:org.mitre.oval:def:21545RHSA-2012:1362: thunderbird security update (Critical)
oval:org.mitre.oval:def:21341RHSA-2012:1361: xulrunner security update (Critical)
oval:org.mitre.oval:def:18116USN-1611-1 -- thunderbird vulnerabilities
oval:org.mitre.oval:def:16786Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird be...
oval:org.mitre.oval:def:23952ELSA-2012:1362: thunderbird security update (Critical)
oval:org.mitre.oval:def:23105DEPRECATED: ELSA-2012:1362: thunderbird security update (Critical)
oval:org.mitre.oval:def:23099ELSA-2012:1361: xulrunner security update (Critical)
oval:org.mitre.oval:def:23004DEPRECATED: ELSA-2012:1361: xulrunner security update (Critical)
oval:org.mitre.oval:def:27077DEPRECATED: ELSA-2012-1361 -- xulrunner security update (critical)
oval:org.mitre.oval:def:26871DEPRECATED: ELSA-2012-1362 -- thunderbird security update (critical)
oval:org.mitre.oval:def:18495Use-after-free vulnerability in the nsEventListenerManager::SetEventHandler f...
oval:org.mitre.oval:def:17117The System Only Wrapper (SOW) and Chrome Object Wrapper (COW) implementations...
oval:org.mitre.oval:def:21047Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and S...
oval:org.mitre.oval:def:17096Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird befo...
oval:org.mitre.oval:def:16729Use-after-free vulnerability in the JSDependentString::undepend function in M...
oval:org.mitre.oval:def:21630RHSA-2012:1483: thunderbird security update (Critical)
oval:org.mitre.oval:def:21071RHSA-2012:1482: firefox security update (Critical)
oval:org.mitre.oval:def:20112DSA-2584-1 iceape - several
oval:org.mitre.oval:def:19855DSA-2588-1 icedove - several

SAINT Exploits

DescriptionLink
Mozilla Firefox onreadystatechange Event Use After FreeMore info here
Mozilla Firefox XMLSerializer serializeToStream Use-after-free VulnerabilityMore info here
Firefox crypto.generateCRMFRequest command executionMore info here

ExploitDB Exploits

idDescription
34363Firefox toString console.time Privileged Javascript Injection
30474Firefox 5.0 - 15.0.1 - __exposedProps__ XCS Code Execution

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2013-09-18Name : Debian Security Advisory DSA 2457-2 (iceweasel - several vulnerabilities)
File : nvt/deb_2457_2.nasl
2013-09-18Name : Debian Security Advisory DSA 2458-2 (iceape - several vulnerabilities)
File : nvt/deb_2458_2.nasl
2013-09-18Name : Debian Security Advisory DSA 2513-1 (iceape - several vulnerabilities)
File : nvt/deb_2513_1.nasl
2013-09-18Name : Debian Security Advisory DSA 2553-1 (iceweasel - several vulnerabilities)
File : nvt/deb_2553_1.nasl
2013-09-18Name : Debian Security Advisory DSA 2583-1 (iceweasel - several vulnerabilities)
File : nvt/deb_2583_1.nasl
Hide | Show 20 More...
idDescription
2013-09-18Name : Debian Security Advisory DSA 2584-1 (iceape - several vulnerabilities)
File : nvt/deb_2584_1.nasl
2013-09-18Name : Debian Security Advisory DSA 2588-1 (icedove - several vulnerabilities)
File : nvt/deb_2588_1.nasl
2013-04-01Name : Mozilla Firefox ESR Code Execution Vulnerabilities - November12 (Mac OS X)
File : nvt/gb_mozilla_firefox_esr_code_exec_vuln_nov12_macosx.nasl
2013-04-01Name : Mozilla Firefox ESR Code Execution Vulnerabilities - November12 (Windows)
File : nvt/gb_mozilla_firefox_esr_code_exec_vuln_nov12_win.nasl
2012-12-13Name : SuSE Update for MozillaFirefox, openSUSE-SU-2012:0760-1 (MozillaFirefox,)
File : nvt/gb_suse_2012_0760_1.nasl
2012-12-13Name : SuSE Update for MozillaFirefox openSUSE-SU-2012:0899-1 (MozillaFirefox)
File : nvt/gb_suse_2012_0899_1.nasl
2012-12-13Name : SuSE Update for MozillaThunderbird openSUSE-SU-2012:0917-1 (MozillaThunderbird)
File : nvt/gb_suse_2012_0917_1.nasl
2012-12-13Name : SuSE Update for xulrunner openSUSE-SU-2012:0924-1 (xulrunner)
File : nvt/gb_suse_2012_0924_1.nasl
2012-12-13Name : SuSE Update for seamonkey openSUSE-SU-2012:0935-1 (seamonkey)
File : nvt/gb_suse_2012_0935_1.nasl
2012-12-13Name : SuSE Update for MozillaFirefox openSUSE-SU-2012:1064-1 (MozillaFirefox)
File : nvt/gb_suse_2012_1064_1.nasl
2012-12-13Name : SuSE Update for MozillaFirefox openSUSE-SU-2012:1345-1 (MozillaFirefox)
File : nvt/gb_suse_2012_1345_1.nasl
2012-12-13Name : SuSE Update for Mozilla Suite openSUSE-SU-2012:1412-1 (Mozilla Suite)
File : nvt/gb_suse_2012_1412_1.nasl
2012-12-06Name : Fedora Update for seamonkey FEDORA-2012-18931
File : nvt/gb_fedora_2012_18931_seamonkey_fc16.nasl
2012-12-06Name : Fedora Update for seamonkey FEDORA-2012-18952
File : nvt/gb_fedora_2012_18952_seamonkey_fc17.nasl
2012-12-04Name : Ubuntu Update for firefox USN-1638-3
File : nvt/gb_ubuntu_USN_1638_3.nasl
2012-11-26Name : Mozilla SeaMonkey Multiple Vulnerabilities-01 November12 (Windows)
File : nvt/gb_mozilla_seamonkey_mult_vuln01_nov12_win.nasl
2012-11-26Name : Mozilla SeaMonkey Multiple Vulnerabilities-02 November12 (Windows)
File : nvt/gb_mozilla_seamonkey_mult_vuln02_nov12_win.nasl
2012-11-26Name : Mozilla Thunderbird ESR Multiple Vulnerabilities-01 November12 (Windows)
File : nvt/gb_mozilla_thunderbird_esr_mult_vuln01_nov12_win.nasl
2012-11-26Name : Mozilla Thunderbird Multiple Vulnerabilities-01 November12 (Windows)
File : nvt/gb_mozilla_thunderbird_mult_vuln01_nov12_win.nasl
2012-11-26Name : Mozilla Thunderbird Multiple Vulnerabilities-02 November12 (Windows)
File : nvt/gb_mozilla_thunderbird_mult_vuln02_nov12_win.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2015-A-0223Multiple Security Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0061473
2015-A-0154Multiple Vulnerabilities in Oracle Fusion Middleware
Severity : Category I - VMSKEY : V0061081
2014-A-0113Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0053309
2014-A-0082Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0052487
2014-A-0064Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0050011
Hide | Show 6 More...
idDescription
2014-A-0043Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0046769
2014-A-0021Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0043921
2013-A-0233Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0042596
2013-A-0220Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0042380
2013-A-0203Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0041365
2012-A-0189Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1
Severity : Category I - VMSKEY : V0035032

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
DateDescription
2019-10-08Mozilla Firefox Custom Elements write-after-free attempt
RuleID : 51440 - Type : BROWSER-FIREFOX - Revision : 1
2019-10-08Mozilla Firefox Custom Elements write-after-free attempt
RuleID : 51439 - Type : BROWSER-FIREFOX - Revision : 1
2019-08-13Mozilla Firefox RemotePrompt sandbox escape attempt
RuleID : 50697 - Type : BROWSER-FIREFOX - Revision : 1
2019-08-13Mozilla Firefox RemotePrompt sandbox escape attempt
RuleID : 50696 - Type : BROWSER-FIREFOX - Revision : 1
2019-07-31Mozilla Firefox Array.prototype.pop type confusion attempt
RuleID : 50519 - Type : BROWSER-FIREFOX - Revision : 2
Hide | Show 20 More...
DateDescription
2019-07-31Mozilla Firefox Array.prototype.pop type confusion attempt
RuleID : 50518 - Type : BROWSER-FIREFOX - Revision : 2
2019-05-24Mozilla Firefox DOMSVGLength appendItem use after free attempt
RuleID : 49918 - Type : BROWSER-FIREFOX - Revision : 1
2019-05-24Mozilla Firefox DOMSVGLength appendItem use after free attempt
RuleID : 49917 - Type : BROWSER-FIREFOX - Revision : 1
2019-01-17Mozilla Firefox method array.prototype.push remote code execution attempt
RuleID : 48626 - Type : BROWSER-FIREFOX - Revision : 2
2019-01-17Mozilla Firefox method array.prototype.push remote code execution attempt
RuleID : 48625 - Type : BROWSER-FIREFOX - Revision : 2
2019-01-10Mozilla Firefox javascript type confusion code execution attempt
RuleID : 48565 - Type : BROWSER-FIREFOX - Revision : 1
2019-01-10Mozilla Firefox javascript type confusion code execution attempt
RuleID : 48564 - Type : BROWSER-FIREFOX - Revision : 1
2018-12-07out-of-bounds write attempt with malicious MAR file detected
RuleID : 48296 - Type : FILE-OTHER - Revision : 2
2018-12-07out-of-bounds write attempt with malicious MAR file detected
RuleID : 48295 - Type : FILE-OTHER - Revision : 2
2018-11-10libvorbis VORBIS audio data out of bounds write attempt
RuleID : 48106 - Type : FILE-MULTIMEDIA - Revision : 1
2018-11-10libvorbis VORBIS audio data out of bounds write attempt
RuleID : 48105 - Type : FILE-MULTIMEDIA - Revision : 1
2018-11-08Microsoft Edge OP_Memset type confusion attempt
RuleID : 48052 - Type : BROWSER-IE - Revision : 4
2018-11-08Microsoft Edge OP_Memset type confusion attempt
RuleID : 48051 - Type : BROWSER-IE - Revision : 4
2018-06-21Mozilla Firefox nsHTMLDocument SetBody use-after-free attempt
RuleID : 46781 - Type : BROWSER-FIREFOX - Revision : 2
2018-06-21Mozilla Firefox nsHTMLDocument SetBody use-after-free attempt
RuleID : 46767 - Type : BROWSER-FIREFOX - Revision : 4
2018-06-21Mozilla Firefox nsHTMLDocument SetBody use-after-free attempt
RuleID : 46766 - Type : BROWSER-FIREFOX - Revision : 2
2018-06-21Mozilla Firefox nsHTMLDocument SetBody use-after-free attempt
RuleID : 46765 - Type : BROWSER-FIREFOX - Revision : 2
2018-05-22Mozilla Firefox table object integer underflow
RuleID : 46399 - Type : BROWSER-OTHER - Revision : 2
2018-05-22Mozilla Firefox table object integer underflow
RuleID : 46398 - Type : BROWSER-OTHER - Revision : 2
2018-02-20Mozilla Firefox HTTP index format out of bounds read attempt
RuleID : 45476 - Type : BROWSER-FIREFOX - Revision : 2

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-fd194a1f14.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-def329f680.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-34f7f68029.nasl - Type : ACT_GATHER_INFO
2018-12-28Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1414.nasl - Type : ACT_GATHER_INFO
2018-12-27Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2018-3831.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2018-12-27Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2018-3833.nasl - Type : ACT_GATHER_INFO
2018-12-18Name : A web browser installed on the remote macOS host is affected by multiple vuln...
File : macosx_firefox_62_0.nasl - Type : ACT_GATHER_INFO
2018-12-14Name : The remote Debian host is missing a security update.
File : debian_DLA-1605.nasl - Type : ACT_GATHER_INFO
2018-12-13Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4354.nasl - Type : ACT_GATHER_INFO
2018-12-13Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_d10b49b28d0249e8afde0844626317af.nasl - Type : ACT_GATHER_INFO
2018-12-12Name : A web browser installed on the remote macOS host is affected by multiple vuln...
File : macosx_firefox_60_4_esr.nasl - Type : ACT_GATHER_INFO
2018-12-12Name : A web browser installed on the remote macOS host is affected by multiple vuln...
File : macosx_firefox_64_0.nasl - Type : ACT_GATHER_INFO
2018-12-12Name : A web browser installed on the remote Windows host is affected by multiple vu...
File : mozilla_firefox_60_4_esr.nasl - Type : ACT_GATHER_INFO
2018-12-12Name : A web browser installed on the remote Windows host is affected by multiple vu...
File : mozilla_firefox_64_0.nasl - Type : ACT_GATHER_INFO
2018-12-11Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1384.nasl - Type : ACT_GATHER_INFO
2018-11-27Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZLSA-2017-2831.nasl - Type : ACT_GATHER_INFO
2018-11-27Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZLSA-2017-2885.nasl - Type : ACT_GATHER_INFO
2018-11-26Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201811-10.nasl - Type : ACT_GATHER_INFO
2018-11-26Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201811-13.nasl - Type : ACT_GATHER_INFO
2018-11-21Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2018-3531.nasl - Type : ACT_GATHER_INFO
2018-11-21Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2018-3532.nasl - Type : ACT_GATHER_INFO
2018-11-13Name : The remote Debian host is missing a security update.
File : debian_DLA-1575.nasl - Type : ACT_GATHER_INFO
2018-11-13Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4337.nasl - Type : ACT_GATHER_INFO
2018-11-09Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2018-3403.nasl - Type : ACT_GATHER_INFO
2018-11-09Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201811-04.nasl - Type : ACT_GATHER_INFO