Firefox Mobile
Monthly
Mozilla Firefox before 15.0 on Android does not properly implement unspecified callers of the __android_log_print function, which allows remote attackers to execute arbitrary code via a crafted web. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted font. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, on 64-bit platforms allows remote attackers to cause a denial of service (invalid heap read operation and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and memory corruption) or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Mozilla Firefox before 15.0 on Android does not properly implement unspecified callers of the __android_log_print function, which allows remote attackers to execute arbitrary code via a crafted web. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted font. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, on 64-bit platforms allows remote attackers to cause a denial of service (invalid heap read operation and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and memory corruption) or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.