This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:mozilla:firefox:20.0.1
Detail
VendorMozillaFirst view 2012-05-01
ProductFirefoxLast view2019-09-27
Version20.0.1TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:mozilla:firefox

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
4.32019-09-27CVE-2019-11754NetworkMediumNone Requ...
4.62019-09-27CVE-2019-11753LocalLowNone Requ...
9.32019-09-27CVE-2019-11752NetworkMediumNone Requ...
6.82019-09-27CVE-2019-11751NetworkMediumNone Requ...
4.32019-09-27CVE-2019-11750NetworkMediumNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
4.32019-09-27CVE-2019-11749NetworkMediumNone Requ...
4.32019-09-27CVE-2019-11748NetworkMediumNone Requ...
4.32019-09-27CVE-2019-11747NetworkMediumNone Requ...
6.82019-09-27CVE-2019-11746NetworkMediumNone Requ...
4.32019-09-27CVE-2019-11744NetworkMediumNone Requ...
4.32019-09-27CVE-2019-11743NetworkMediumNone Requ...
4.32019-09-27CVE-2019-11742NetworkMediumNone Requ...
4.32019-09-27CVE-2019-11741NetworkMediumNone Requ...
7.52019-09-27CVE-2019-11740NetworkLowNone Requ...
6.82019-09-27CVE-2019-11738NetworkMediumNone Requ...
52019-09-27CVE-2019-11737NetworkLowNone Requ...
4.42019-09-27CVE-2019-11736LocalMediumNone Requ...
7.52019-09-27CVE-2019-11735NetworkLowNone Requ...
7.52019-09-27CVE-2019-11734NetworkLowNone Requ...
52019-09-27CVE-2019-11733NetworkLowNone Requ...
6.82019-07-23CVE-2019-9821NetworkMediumNone Requ...
7.52019-07-23CVE-2019-9820NetworkLowNone Requ...
7.52019-07-23CVE-2019-9819NetworkLowNone Requ...
52019-07-23CVE-2019-9817NetworkLowNone Requ...

CWE : Common Weakness Enumeration

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
26% (223)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
12% (102)CWE-20Improper Input Validation
10% (88)CWE-200Information Exposure
10% (85)CWE-416Use After Free
7% (67)CWE-264Permissions, Privileges, and Access Controls
Hide | Show 20 More...
%idName
3% (32)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
2% (25)CWE-399Resource Management Errors
2% (24)CWE-254Security Features
1% (16)CWE-189Numeric Errors
1% (16)CWE-125Out-of-bounds Read
1% (16)CWE-17Code
1% (13)CWE-346Origin Validation Error
1% (13)CWE-284Access Control (Authorization) Issues
1% (12)CWE-362Race Condition
1% (10)CWE-787Out-of-bounds Write
1% (10)CWE-310Cryptographic Issues
1% (10)CWE-190Integer Overflow or Wraparound
0% (8)CWE-704Incorrect Type Conversion or Cast
0% (8)CWE-94Failure to Control Generation of Code ('Code Injection')
0% (7)CWE-352Cross-Site Request Forgery (CSRF)
0% (5)CWE-732Incorrect Permission Assignment for Critical Resource
0% (5)CWE-269Improper Privilege Management
0% (4)CWE-275Permission Issues
0% (4)CWE-19Data Handling
0% (3)CWE-276Incorrect Default Permissions

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:23744The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24....
oval:org.mitre.oval:def:25000The PropertyProvider::FindJustificationRange function in Mozilla Firefox befo...
oval:org.mitre.oval:def:24571TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before ...
oval:org.mitre.oval:def:18495Use-after-free vulnerability in the nsEventListenerManager::SetEventHandler f...
oval:org.mitre.oval:def:17117The System Only Wrapper (SOW) and Chrome Object Wrapper (COW) implementations...
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:21047Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and S...
oval:org.mitre.oval:def:17096Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird befo...
oval:org.mitre.oval:def:18694The JavaScript engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before...
oval:org.mitre.oval:def:24710Cross-site scripting (XSS) using history navigations
oval:org.mitre.oval:def:17100Mozilla Firefox before 21.0 does not properly implement the INPUT element, wh...
oval:org.mitre.oval:def:20907RHSA-2013:1269: thunderbird security update (Important)
oval:org.mitre.oval:def:20767RHSA-2013:1268: firefox security update (Critical)
oval:org.mitre.oval:def:19905DSA-2759-1 iceweasel - several
oval:org.mitre.oval:def:19877DSA-2762-1 icedove - several
oval:org.mitre.oval:def:18789Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird befo...
oval:org.mitre.oval:def:24179ELSA-2013:1268: firefox security update (Critical)
oval:org.mitre.oval:def:23767ELSA-2013:1269: thunderbird security update (Important)
oval:org.mitre.oval:def:23564DEPRECATED: ELSA-2013:1268: firefox security update (Critical)
oval:org.mitre.oval:def:23194DEPRECATED: ELSA-2013:1269: thunderbird security update (Important)
oval:org.mitre.oval:def:27401DEPRECATED: ELSA-2013-1268 -- firefox security update (critical)
oval:org.mitre.oval:def:27396DEPRECATED: ELSA-2013-1269 -- thunderbird security update (important)
oval:org.mitre.oval:def:20982Mozilla Firefox before 26.0 does not properly remove the Application Installa...
oval:org.mitre.oval:def:27048USN-2373-1 -- Thunderbird vulnerabilities
oval:org.mitre.oval:def:28285DSA-3050-3 -- iceweasel security update
oval:org.mitre.oval:def:28243DSA-3061-1 -- icedove security update

SAINT Exploits

DescriptionLink
Mozilla Firefox onreadystatechange Event Use After FreeMore info here
Firefox crypto.generateCRMFRequest command executionMore info here

ExploitDB Exploits

idDescription
34363Firefox toString console.time Privileged Javascript Injection
30474Firefox 5.0 - 15.0.1 - __exposedProps__ XCS Code Execution

OpenVAS Exploits

idDescription
2012-05-31Name : FreeBSD Ports: chromium
File : nvt/freebsd_chromium13.nasl
2012-05-07Name : Google Chrome Multiple Denial of Service Vulnerabilities - May 12 (Linux)
File : nvt/gb_google_chrome_mult_dos_vuln_may12_lin.nasl
2012-05-07Name : Google Chrome Multiple Denial of Service Vulnerabilities - May 12 (Mac OS X)
File : nvt/gb_google_chrome_mult_dos_vuln_may12_macosx.nasl
2012-05-07Name : Google Chrome Multiple Denial of Service Vulnerabilities - May 12 (Windows)
File : nvt/gb_google_chrome_mult_dos_vuln_may12_win.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2015-A-0223Multiple Security Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0061473
2015-A-0154Multiple Vulnerabilities in Oracle Fusion Middleware
Severity : Category I - VMSKEY : V0061081
2014-A-0113Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0053309
2014-A-0082Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0052487
2014-A-0064Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0050011
Hide | Show 5 More...
idDescription
2014-A-0043Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0046769
2014-A-0021Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0043921
2013-A-0233Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0042596
2013-A-0220Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0042380
2013-A-0203Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0041365

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
DateDescription
2020-01-14IonMonkey MArraySlice buffer overflow attempt
RuleID : 52431 - Type : BROWSER-FIREFOX - Revision : 1
2020-01-14IonMonkey MArraySlice buffer overflow attempt
RuleID : 52430 - Type : BROWSER-FIREFOX - Revision : 1
2020-01-14Mozilla Firefox RemotePrompt sandbox escape attempt
RuleID : 52425 - Type : BROWSER-FIREFOX - Revision : 1
2020-01-14Mozilla Firefox RemotePrompt sandbox escape attempt
RuleID : 52424 - Type : BROWSER-FIREFOX - Revision : 1
2019-10-08Mozilla Firefox Custom Elements write-after-free attempt
RuleID : 51440 - Type : BROWSER-FIREFOX - Revision : 1
Hide | Show 20 More...
DateDescription
2019-10-08Mozilla Firefox Custom Elements write-after-free attempt
RuleID : 51439 - Type : BROWSER-FIREFOX - Revision : 1
2019-08-13Mozilla Firefox RemotePrompt sandbox escape attempt
RuleID : 50697 - Type : BROWSER-FIREFOX - Revision : 2
2019-08-13Mozilla Firefox RemotePrompt sandbox escape attempt
RuleID : 50696 - Type : BROWSER-FIREFOX - Revision : 2
2019-07-31Mozilla Firefox Array.prototype.pop type confusion attempt
RuleID : 50519 - Type : BROWSER-FIREFOX - Revision : 2
2019-07-31Mozilla Firefox Array.prototype.pop type confusion attempt
RuleID : 50518 - Type : BROWSER-FIREFOX - Revision : 2
2019-05-24Mozilla Firefox DOMSVGLength appendItem use after free attempt
RuleID : 49918 - Type : BROWSER-FIREFOX - Revision : 1
2019-05-24Mozilla Firefox DOMSVGLength appendItem use after free attempt
RuleID : 49917 - Type : BROWSER-FIREFOX - Revision : 1
2019-01-17Mozilla Firefox method array.prototype.push remote code execution attempt
RuleID : 48626 - Type : BROWSER-FIREFOX - Revision : 2
2019-01-17Mozilla Firefox method array.prototype.push remote code execution attempt
RuleID : 48625 - Type : BROWSER-FIREFOX - Revision : 2
2019-01-10Mozilla Firefox javascript type confusion code execution attempt
RuleID : 48565 - Type : BROWSER-FIREFOX - Revision : 1
2019-01-10Mozilla Firefox javascript type confusion code execution attempt
RuleID : 48564 - Type : BROWSER-FIREFOX - Revision : 1
2018-12-07out-of-bounds write attempt with malicious MAR file detected
RuleID : 48296 - Type : FILE-OTHER - Revision : 2
2018-12-07out-of-bounds write attempt with malicious MAR file detected
RuleID : 48295 - Type : FILE-OTHER - Revision : 2
2018-11-10libvorbis VORBIS audio data out of bounds write attempt
RuleID : 48106 - Type : FILE-MULTIMEDIA - Revision : 1
2018-11-10libvorbis VORBIS audio data out of bounds write attempt
RuleID : 48105 - Type : FILE-MULTIMEDIA - Revision : 1
2018-11-08Multiple browsers memory corruption attempt
RuleID : 48052 - Type : BROWSER-IE - Revision : 6
2018-11-08Multiple browsers memory corruption attempt
RuleID : 48051 - Type : BROWSER-IE - Revision : 6
2018-06-21Mozilla Firefox nsHTMLDocument SetBody use-after-free attempt
RuleID : 46781 - Type : BROWSER-FIREFOX - Revision : 2
2018-06-21Mozilla Firefox nsHTMLDocument SetBody use-after-free attempt
RuleID : 46767 - Type : BROWSER-FIREFOX - Revision : 4
2018-06-21Mozilla Firefox nsHTMLDocument SetBody use-after-free attempt
RuleID : 46766 - Type : BROWSER-FIREFOX - Revision : 2

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-fd194a1f14.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-def329f680.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-34f7f68029.nasl - Type : ACT_GATHER_INFO
2018-12-28Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1414.nasl - Type : ACT_GATHER_INFO
2018-12-27Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2018-3831.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2018-12-27Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2018-3833.nasl - Type : ACT_GATHER_INFO
2018-12-18Name : A web browser installed on the remote macOS host is affected by multiple vuln...
File : macosx_firefox_62_0.nasl - Type : ACT_GATHER_INFO
2018-12-14Name : The remote Debian host is missing a security update.
File : debian_DLA-1605.nasl - Type : ACT_GATHER_INFO
2018-12-13Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4354.nasl - Type : ACT_GATHER_INFO
2018-12-13Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_d10b49b28d0249e8afde0844626317af.nasl - Type : ACT_GATHER_INFO
2018-12-12Name : A web browser installed on the remote macOS host is affected by multiple vuln...
File : macosx_firefox_60_4_esr.nasl - Type : ACT_GATHER_INFO
2018-12-12Name : A web browser installed on the remote macOS host is affected by multiple vuln...
File : macosx_firefox_64_0.nasl - Type : ACT_GATHER_INFO
2018-12-12Name : A web browser installed on the remote Windows host is affected by multiple vu...
File : mozilla_firefox_60_4_esr.nasl - Type : ACT_GATHER_INFO
2018-12-12Name : A web browser installed on the remote Windows host is affected by multiple vu...
File : mozilla_firefox_64_0.nasl - Type : ACT_GATHER_INFO
2018-12-11Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1384.nasl - Type : ACT_GATHER_INFO
2018-11-27Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZLSA-2017-2831.nasl - Type : ACT_GATHER_INFO
2018-11-27Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZLSA-2017-2885.nasl - Type : ACT_GATHER_INFO
2018-11-26Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201811-10.nasl - Type : ACT_GATHER_INFO
2018-11-26Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201811-13.nasl - Type : ACT_GATHER_INFO
2018-11-21Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2018-3531.nasl - Type : ACT_GATHER_INFO
2018-11-21Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2018-3532.nasl - Type : ACT_GATHER_INFO
2018-11-13Name : The remote Debian host is missing a security update.
File : debian_DLA-1575.nasl - Type : ACT_GATHER_INFO
2018-11-13Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4337.nasl - Type : ACT_GATHER_INFO
2018-11-09Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2018-3403.nasl - Type : ACT_GATHER_INFO
2018-11-09Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201811-04.nasl - Type : ACT_GATHER_INFO