Firefox

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:mozilla:firefox:3.2:beta3:*:*:*:*:*:*

part: a version: 3.2 update: beta3

VendorMozilla (be1b0d4e-21a7-5a25-9982-bbda6ef43ec1)
ProductFirefox (d152d976-2d5e-5cc4-89b6-e80c6d067896)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:deb/debian/firefox purl2cpe 2026-06-01 10:17:52.888575
pkg:mozilla/mozilla-central purl2cpe 2026-06-01 10:17:52.888577
pkg:rpm/fedora/firefox purl2cpe 2026-06-01 10:17:52.888578
pkg:rpm/opensuse/mozillafirefox purl2cpe 2026-06-01 10:17:52.888579

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2010-1210 vulnerable 2026-06-03 14:30:13.395296 Details available
intl/uconv/util/nsUnicodeDecodeHelper.cpp in Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 inserts a U+FFFD sequence into text in certain circumstances involving undefined positions, which might make it easier for remote attackers to conduct cross-site scripting (XSS) attacks via crafted 8-bit text.
Published: 2010-07-30T20:00:00.000Z
Updated: 2024-08-07T01:14:06.669Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2009-2654 vulnerable 2026-06-03 14:29:42.341079 Details available
Mozilla Firefox before 3.0.13, and 3.5.x before 3.5.2, allows remote attackers to spoof the address bar, and possibly conduct phishing attacks, via a crafted web page that calls window.open with an invalid character in the URL, makes document.write calls to the resulting object, and then calls the stop method during the loading of the error page.
Published: 2009-08-03T14:00:00.000Z
Updated: 2024-08-07T05:59:56.565Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.