This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:mozilla:firefox:2.0
Detail
VendorMozillaFirst view 2006-10-31
ProductFirefoxLast view 2014-04-30
Version2.0TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:mozilla:firefox

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
10 2014-04-30 CVE-2014-1532 Network Low None Requ...
10 2014-04-30 CVE-2014-1531 Network Low None Requ...
4.3 2014-04-30 CVE-2014-1530 Network Medium None Requ...
9.3 2014-04-30 CVE-2014-1529 Network Medium None Requ...
5 2014-04-30 CVE-2014-1527 Network Low None Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
5.8 2014-04-30 CVE-2014-1526 Network Medium None Requ...
9.3 2014-04-30 CVE-2014-1525 Network Medium None Requ...
10 2014-04-30 CVE-2014-1524 Network Low None Requ...
4.3 2014-04-30 CVE-2014-1523 Network Medium None Requ...
10 2014-04-30 CVE-2014-1522 Network Low None Requ...
6.9 2014-04-30 CVE-2014-1520 Local Medium None Requ...
10 2014-04-30 CVE-2014-1519 Network Low None Requ...
10 2014-04-30 CVE-2014-1518 Network Low None Requ...
9.3 2014-03-19 CVE-2014-1514 Network Medium None Requ...
9.3 2014-03-19 CVE-2014-1513 Network Medium None Requ...
9.3 2014-03-19 CVE-2014-1512 Network Medium None Requ...
9.3 2014-03-19 CVE-2014-1511 Network Medium None Requ...
9.3 2014-03-19 CVE-2014-1510 Network Medium None Requ...
7.6 2014-03-19 CVE-2014-1509 Network High None Requ...
6.8 2014-03-19 CVE-2014-1508 Network Medium None Requ...
6.4 2014-03-19 CVE-2014-1506 Network Low None Requ...
6.8 2014-03-19 CVE-2014-1505 Network Medium None Requ...
2.6 2014-03-19 CVE-2014-1504 Network High None Requ...
6.8 2014-03-19 CVE-2014-1502 Network Medium None Requ...

CWE : Common Weakness Enumeration

%idName
28% (101)CWE-399Resource Management Errors
15% (57)CWE-264Permissions, Privileges, and Access Controls
14% (52)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
8% (31)CWE-20Improper Input Validation
7% (28)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
Hide | Show 10 More...
%idName
6% (23)CWE-200Information Exposure
6% (23)CWE-94Failure to Control Generation of Code ('Code Injection')
4% (16)CWE-189Numeric Errors
2% (8)CWE-16Configuration
1% (7)CWE-310Cryptographic Issues
1% (6)CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path ...
1% (5)CWE-287Improper Authentication
0% (1)CWE-352Cross-Site Request Forgery (CSRF)
0% (1)CWE-255Credentials Management
0% (1)CWE-59Improper Link Resolution Before File Access ('Link Following')

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-26Leveraging Race Conditions
CAPEC-29Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
CAPEC-172Time and State Attacks

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:10031The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and earlier; and...
oval:org.mitre.oval:def:11691Multiple unspecified vulnerabilities in the layout engine for Mozilla Firefox...
oval:org.mitre.oval:def:10661Multiple unspecified vulnerabilities in the JavaScript engine for Mozilla Fir...
oval:org.mitre.oval:def:9746Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before...
oval:org.mitre.oval:def:9626Use-after-free vulnerability in the LiveConnect bridge code for Mozilla Firef...
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:10895Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before ...
oval:org.mitre.oval:def:11077Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, and SeaMonkey befor...
oval:org.mitre.oval:def:10502Integer underflow in the SSLv2 support in Mozilla Network Security Services (...
oval:org.mitre.oval:def:10012Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox ...
oval:org.mitre.oval:def:8757GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x be...
oval:org.mitre.oval:def:9730Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0....
oval:org.mitre.oval:def:10164Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before ...
oval:org.mitre.oval:def:10086The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, a...
oval:org.mitre.oval:def:21788ELSA-2007:0097: firefox security update (Critical)
oval:org.mitre.oval:def:11665Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 do not properly imp...
oval:org.mitre.oval:def:10759Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1...
oval:org.mitre.oval:def:10066Multiple vulnerabilities in the layout engine for Mozilla Firefox 1.5.x befor...
oval:org.mitre.oval:def:20321DSA-1305-1 icedove - several vulnerabilities
oval:org.mitre.oval:def:10711Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox 1.5.x b...
oval:org.mitre.oval:def:11208The form autocomplete feature in Mozilla Firefox 1.5.x before 1.5.0.12, 2.x b...
oval:org.mitre.oval:def:9547Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1...
oval:org.mitre.oval:def:18949DSA-1308-1 iceweasel - several vulnerabilities
oval:org.mitre.oval:def:18918DSA-1306-1 xulrunner
oval:org.mitre.oval:def:18785DSA-1300-1 iceape
oval:org.mitre.oval:def:11433Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1...

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
77955Mozilla Multiple Product for Mac DOM Frame Deletion NULL Dereference Remote C...
76954Mozilla Multiple Product WebGL GPU Memory Random Image Disclosure
76952Mozilla Multiple Product Firebug JavaScript File Profiling Remote Memory Corr...
76950Mozilla Multiple Product Unchecked Allocation Failure Remote Memory Corruption
76949Mozilla Multiple Product SVG <mpath> Non-SVG Link Remote Memory Corruption
Hide | Show 20 More...
idDescription
76948Mozilla Multiple Product Shift-JIS XSS
76947Mozilla Multiple Product JSSubScriptLoader loadSubScript Method XPCNativeWrap...
75841Mozilla Multiple Product Enter Key Download Dialog Verification Bypass
75840Mozilla Multiple Product PLUGINSPAGE Enter Key Addon Installation Verificatio...
74587Mozilla Multiple Products Tab Element Dropping Weakness Remote Code Execution
74586Mozilla Multiple Products RegExp.input Property Same Origin Policy Bypass Inf...
74585Mozilla Multiple Products Multiple Unspecified Memory Corruption (2011-2982)
74584Mozilla Multiple Products Event-Management Same Origin Policy Bypass Remote C...
74583Mozilla Multiple Products ThinkPadSensor::Startup() Function Path Subversion ...
74582Mozilla Multiple Products .appendChild() Function DOM Object Handling Remote ...
74581Mozilla Multiple Products SVGTextElement.getCharNumAtPosition() Function SVG ...
74448Mozilla Firefox HTTPS Session HTTP Set-Cookie Header HSTS includeSubDomains W...
74319Mozilla Multiple Products netwerk/cookie/nsCookieService.cpp nsCookieService:...
73193Mozilla Multiple Products Non-whitelisted Site Install Dialog Triggering Weak...
73189Mozilla Multiple Products WebGL Texture Image Rendering Cross-domain Image Da...
73188Mozilla Multiple Products Trailing Dot Cookie Cross-domain Information Disclo...
73187Mozilla Multiple Products nsXULCommandDispatcher.cpp Use-after-free Remote Co...
73186Mozilla Multiple Products nsSVGPointList::AppendElement() Use-after-free Remo...
73185Mozilla Multiple Products nsSVGPathSegList::ReplaceItem() Use-after-free Remo...
73184Mozilla Multiple Products Array.reduceRight() Method Overflow

Milw0rm Exploits

idDescription
2009-07-15Multiple Web Browsers Denial of Service Exploit (1 bug to rule them all)
2009-03-25Mozilla Firefox XSL Parsing Remote Memory Corruption PoC 0day

ExploitDB Exploits

idDescription
30474Firefox 5.0 - 15.0.1 - __exposedProps__ XCS Code Execution
18531Mozilla Firefox Firefox 4.0.1 Array.reduceRight() Exploit
17974Mozilla Firefox Array.reduceRight() Integer Overflow Exploit
10544Mozilla Firefox Location Bar Spoofing Vulnerability
9663Mozilla Firefox 2.0.0.16 UTF-8 URL Remote Buffer Overflow Exploit
Hide | Show 1 More...
idDescription
3340Mozilla Firefox <= 2.0.0.1 (location.hostname) Cross-Domain Vulnerability

Metasploit Exploits

idDescription
2007-06-27Mozilla Firefox Bootstrapped Addon Social Engineering Code Execution
2011-06-21Mozilla Firefox Array.reduceRight() Integer Overflow
2011-05-10Mozilla Firefox 3.6.16 mChannel Use-After-Free Vulnerability
2011-05-10Mozilla Firefox 3.6.16 mChannel Use-After-Free
2011-02-02Mozilla Firefox "nsTreeRange" Dangling Pointer Vulnerability
Hide | Show 4 More...
idDescription
2013-01-08Firefox XMLSerializer Use After Free
2011-12-06Firefox 8/9 AttributeChildRemoved() Use-After-Free
2013-08-06Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution
2013-01-08Firefox 17.0.1 Flash Privileged Code Injection

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2013-09-18Name : Debian Security Advisory DSA 2406-1 (icedove - several vulnerabilities
File : nvt/deb_2406_1.nasl
2013-09-18Name : Debian Security Advisory DSA 2458-2 (iceape - several vulnerabilities
File : nvt/deb_2458_2.nasl
2013-09-18Name : Debian Security Advisory DSA 2553-1 (iceweasel - several vulnerabilities
File : nvt/deb_2553_1.nasl
2013-09-18Name : Debian Security Advisory DSA 2583-1 (iceweasel - several vulnerabilities
File : nvt/deb_2583_1.nasl
2013-09-18Name : Debian Security Advisory DSA 2584-1 (iceape - several vulnerabilities
File : nvt/deb_2584_1.nasl
Hide | Show 20 More...
idDescription
2013-09-18Name : Debian Security Advisory DSA 2588-1 (icedove - several vulnerabilities
File : nvt/deb_2588_1.nasl
2013-04-01Name : Mozilla Firefox ESR Code Execution Vulnerabilities - November12 (Mac OS X)
File : nvt/gb_mozilla_firefox_esr_code_exec_vuln_nov12_macosx.nasl
2013-04-01Name : Mozilla Firefox ESR Code Execution Vulnerabilities - November12 (Windows)
File : nvt/gb_mozilla_firefox_esr_code_exec_vuln_nov12_win.nasl
2012-12-13Name : SuSE Update for MozillaFirefox, openSUSE-SU-2012:0760-1 (MozillaFirefox,)
File : nvt/gb_suse_2012_0760_1.nasl
2012-12-13Name : SuSE Update for MozillaFirefox openSUSE-SU-2012:1064-1 (MozillaFirefox)
File : nvt/gb_suse_2012_1064_1.nasl
2012-12-13Name : SuSE Update for MozillaFirefox openSUSE-SU-2012:1345-1 (MozillaFirefox)
File : nvt/gb_suse_2012_1345_1.nasl
2012-12-13Name : SuSE Update for Mozilla Suite openSUSE-SU-2012:1412-1 (Mozilla Suite)
File : nvt/gb_suse_2012_1412_1.nasl
2012-12-06Name : Fedora Update for seamonkey FEDORA-2012-18931
File : nvt/gb_fedora_2012_18931_seamonkey_fc16.nasl
2012-12-06Name : Fedora Update for seamonkey FEDORA-2012-18952
File : nvt/gb_fedora_2012_18952_seamonkey_fc17.nasl
2012-12-04Name : Ubuntu Update for firefox USN-1638-3
File : nvt/gb_ubuntu_USN_1638_3.nasl
2012-11-26Name : Mozilla SeaMonkey Multiple Vulnerabilities-01 November12 (Windows)
File : nvt/gb_mozilla_seamonkey_mult_vuln01_nov12_win.nasl
2012-11-26Name : Mozilla SeaMonkey Multiple Vulnerabilities-02 November12 (Windows)
File : nvt/gb_mozilla_seamonkey_mult_vuln02_nov12_win.nasl
2012-11-26Name : Mozilla Thunderbird ESR Multiple Vulnerabilities-01 November12 (Windows)
File : nvt/gb_mozilla_thunderbird_esr_mult_vuln01_nov12_win.nasl
2012-11-26Name : Mozilla Thunderbird Multiple Vulnerabilities-01 November12 (Windows)
File : nvt/gb_mozilla_thunderbird_mult_vuln01_nov12_win.nasl
2012-11-26Name : Mozilla Thunderbird Multiple Vulnerabilities-02 November12 (Windows)
File : nvt/gb_mozilla_thunderbird_mult_vuln02_nov12_win.nasl
2012-11-26Name : FreeBSD Ports: firefox
File : nvt/freebsd_firefox72.nasl
2012-11-26Name : Mozilla Firefox Code Execution Vulnerabilities - November12 (Mac OS X)
File : nvt/gb_mozilla_firefox_code_exec_vuln_nov12_macosx.nasl
2012-11-26Name : Mozilla Firefox Code Execution Vulnerabilities - November12 (Windows)
File : nvt/gb_mozilla_firefox_code_exec_vuln_nov12_win.nasl
2012-11-26Name : Mozilla Firefox ESR Multiple Vulnerabilities-01 November12 (Windows)
File : nvt/gb_mozilla_firefox_esr_mult_vuln01_nov12_win.nasl
2012-11-26Name : Mozilla Firefox Multiple Vulnerabilities - November12 (Mac OS X)
File : nvt/gb_mozilla_firefox_mult_vuln_nov12_macosx.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2014-A-0064Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0050011
2014-A-0043Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0046769
2014-A-0021Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0043921
2013-A-0233Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0042596
2011-A-0160Multiple Vulnerabilities in VMware vCenter Server 4.0 and vCenter Update Mana...
Severity : Category I - VMSKEY : V0030769

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
DateDescription
2014-03-08Mozilla Array.reduceRight integer overflow attempt
RuleID : 29625 - Type : BROWSER-FIREFOX - Revision : 1
2014-03-08Mozilla Array.reduceRight integer overflow attempt
RuleID : 29624 - Type : BROWSER-FIREFOX - Revision : 1
2014-03-08Mozilla Firefox nsTreeRange Use After Free attempt
RuleID : 29617 - Type : BROWSER-FIREFOX - Revision : 1
2014-03-06Mozilla Firefox SVG data processing obfuscated memory corruption attempt
RuleID : 29580 - Type : BROWSER-FIREFOX - Revision : 1
2014-03-06WAV processing buffer overflow attempt
RuleID : 29546 - Type : FILE-MULTIMEDIA - Revision : 2
Hide | Show 20 More...
DateDescription
2014-03-06WAV processing buffer overflow attempt
RuleID : 29545 - Type : FILE-MULTIMEDIA - Revision : 2
2014-03-06WAV processing buffer overflow attempt
RuleID : 29544 - Type : FILE-MULTIMEDIA - Revision : 2
2014-03-06WAV processing buffer overflow attempt
RuleID : 29543 - Type : FILE-MULTIMEDIA - Revision : 2
2014-03-06WAV processing buffer overflow attempt
RuleID : 29542 - Type : FILE-MULTIMEDIA - Revision : 1
2014-03-06WAV processing buffer overflow attempt
RuleID : 29541 - Type : FILE-MULTIMEDIA - Revision : 1
2014-03-06WAV processing buffer overflow attempt
RuleID : 29540 - Type : FILE-MULTIMEDIA - Revision : 1
2014-03-06WAV processing buffer overflow attempt
RuleID : 29539 - Type : FILE-MULTIMEDIA - Revision : 1
2014-03-06Mozilla Products SVG text content element getCharNumAtPosition use after free...
RuleID : 29503 - Type : BROWSER-FIREFOX - Revision : 1
2014-01-10Nailed exploit kit Firefox exploit download - autopwn
RuleID : 27080 - Type : EXPLOIT-KIT - Revision : 1
2014-01-10Mozilla products Ogg Vorbis decoding memory corruption attempt
RuleID : 25298 - Type : FILE-MULTIMEDIA - Revision : 3
2014-01-10Mozilla products Ogg Vorbis decoding memory corruption attempt
RuleID : 25297 - Type : FILE-MULTIMEDIA - Revision : 3
2014-01-10Mozilla Firefox Javascript arbitrary memory reading attempt
RuleID : 25292 - Type : BROWSER-FIREFOX - Revision : 2
2014-01-10Mozilla Firefox Javascript arbitrary memory reading attempt
RuleID : 25291 - Type : BROWSER-FIREFOX - Revision : 2
2014-01-10Mozilla Firefox Javascript arbitrary memory reading attempt
RuleID : 25290 - Type : BROWSER-FIREFOX - Revision : 2
2014-01-10Mozilla Firefox Javascript arbitrary memory reading attempt
RuleID : 25289 - Type : BROWSER-FIREFOX - Revision : 2
2014-01-10appendChild multiple parent nodes stack corruption attempt
RuleID : 25233 - Type : BROWSER-FIREFOX - Revision : 4
2014-01-10appendChild multiple parent nodes stack corruption attempt
RuleID : 25232 - Type : BROWSER-FIREFOX - Revision : 4
2014-01-10Mozilla Firefox iframe and xul element reload crash attempt
RuleID : 25228 - Type : BROWSER-FIREFOX - Revision : 4
2014-01-10Mozilla Firefox iframe and xul element reload crash attempt
RuleID : 25227 - Type : BROWSER-FIREFOX - Revision : 4
2014-01-10Mozilla Firefox onChannelRedirect method attempt
RuleID : 24994 - Type : BROWSER-FIREFOX - Revision : 3

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2014-10-01Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-1246.nasl - Type : ACT_GATHER_INFO
2014-09-29Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140916_nss_and_nspr_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-09-18Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-1246.nasl - Type : ACT_GATHER_INFO
2014-09-16Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1246.nasl - Type : ACT_GATHER_INFO
2014-08-01Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2994.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2014-07-31Name : The remote host is running software with multiple vulnerabilities.
File : oracle_traffic_director_july_2014_cpu.nasl - Type : ACT_GATHER_INFO
2014-07-23Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0917.nasl - Type : ACT_GATHER_INFO
2014-07-23Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0917.nasl - Type : ACT_GATHER_INFO
2014-07-23Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0917.nasl - Type : ACT_GATHER_INFO
2014-07-23Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140722_nss_and_nspr_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-07-18Name : The remote web server is affected by multiple vulnerabilities.
File : glassfish_cpu_jul_2014.nasl - Type : ACT_GATHER_INFO
2014-07-18Name : A web proxy server on the remote host is affected by multiple vulnerabilities.
File : iplanet_web_proxy_4_0_24.nasl - Type : ACT_GATHER_INFO
2014-07-18Name : The remote web server is affected by multiple vulnerabilities.
File : sun_java_web_server_7_0_20.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_4_mozilla-js192-110307.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_4_mozilla-js192-110429.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_4_mozilla-js192-110622.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_4_mozilla-js192-110817.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_4_mozilla-js192-120201.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_seamonkey-100917.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_seamonkey-101021.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_seamonkey-101213.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_seamonkey-110302.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_seamonkey-110429.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_seamonkey-110819.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_seamonkey-111130.nasl - Type : ACT_GATHER_INFO