Total vulnerabilities in the database
Mozilla Firefox 3.0.5 and earlier 3.0.x versions, when designMode is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a certain (a) replaceChild or (b) removeChild call, followed by a (1) queryCommandValue, (2) queryCommandState, or (3) queryCommandIndeterm call. NOTE: it was later reported that 3.0.6 and 3.0.7 are also affected.
| Software | From | Fixed in |
|---|---|---|
| mozilla / firefox | 3.0.4 | 3.0.4.x |
| mozilla / firefox | 3.0.5 | 3.0.5.x |
| mozilla / firefox | 3.0-beta2 | 3.0-beta2.x |
| mozilla / firefox | 3.0.3 | 3.0.3.x |
| mozilla / firefox | 3.0 | 3.0.x |
| mozilla / firefox | 3.0.1 | 3.0.1.x |
| mozilla / firefox | 3.0.2 | 3.0.2.x |
| mozilla / firefox | 3.0-beta5 | 3.0-beta5.x |
| mozilla / firefox | 3.0-alpha | 3.0-alpha.x |