Web Browser Vulnerabilities Calendar
| KEY: | Browser vulnerability publicly disclosed | Browser vulnerability actively exploited | Browser patch issued for vulnerabilities not previously disclosed |
| MONTH | INTERNET EXPLORER | FIREFOX | ||
|---|---|---|---|---|
| January 2006 | ||||
| December 2005 | 12/28: Trojan Spotted Exploiting unpatched IE/WMF Flaw | |||
| 12/13: Microsoft Patches Two Critical IE Flaws: MS05-054 (CVE-2005-2831) MS05-054 (CVE-2005-1970) (fixes Tobias exploit code from May) | 12/13: Microsoft Patches Two Critical IE Flaws: MS05-054 (CVE-2005-2831) MS05-054 (CVE-2005-1970) (fixes Tobias exploit code from May) | |||
| 12/1: Trojan Downloader spotted using unpatched IE flaw (CVE-1970) | ||||
| November 2005 | 11/21: MS Advisory: Exploit released for unpatched IE Flaw (later fixed in MS05-054/1970) | |||
| October 2005 | 10/11: Microsoft Patches Critical IE Bug: MS05-052 (CVE-2005-2127) | |||
| September 2005 | 9/21: Firefox 1.0.7 issued: Fixes three critical vulnerabilities: Bug #300936, Bug #296134, Bug #307259 | |||
| 9/8: Researcher details critical Firefox flaw | ||||
| August 2005 | 8/30: Critical IE Flaw Detailed (Still unpatched in 2006) | |||
| 8/18: Fr-Sirt Releases Exploit for unpatched IE flaw (fixed in MS05-052) | ||||
| 8/9: MS Patches Two Critical IE Flaws: MS05-038 (CVE-2005-1988) (Zalewski), and MS05-038 (CVE-2005-1990) | ||||
| July 2005 | 7/15: Michal Zalewski releases proof of concept exploit for IE bug | |||
| 7/12: Microsoft Patches Critical IE Flaw: MS05-037 (CVE-2005-2087) - Includes 7/5 Fix | 7/12: Mozilla Fixes Three Critical Firefox Flaws: Bug #295011, CAN-2005-1476, Bug #295854 | |||
| 7/5: Microsoft Interim IE Patch Fixes Browser 0day | ||||
| June 2005 | 6/30: Microsoft Warns of Unpatched IE flaw exploitation | |||
| 6/14: Microsoft Patches Critical IE Bug MS05-026 (CVE-2005-1208) | ||||
| May 2005 | 5/28: Ben Tobias publishes IE Exploit (MS patches in Dec. 05) | |||
| 5/11: Firefox 1.0.4 Update Plugs Seven Critical Flaws (including two leaked): Bug #290908, CAN-2005-1531, Bug #293671, Bug #291150, Bug #292691, Bug #292499, Bug #291745 | ||||
| 5/7: Two Firefox Flaws Reported Publicly; Proof of Concept leaked for Bug #292691 (CAN-2005-1476) | ||||
| April 2005 | 4/15: Firefox 1.0.3 Update Fixes Three Critical Flaws: Bug #289074, Bug #290079, Bug #290036 | |||
| 4/12: Microsoft Patches Two Critical IE Flaws: MS05-020 (CVE-2005-0553) and MS05-020 (CVE-2005-0554) | ||||
| March 2005 | 3/22: Firefox 1.0.2 Fixes Critical Flaw, CAN-2005-0399 | |||
| February 2005 | 2/24: Firefox 1.0.1 Fixes Critical Flaw, Bug #271732 | |||
| 2/8: Microsoft Fixes Two Critical IE Bugs: MS05-014 (CVE-2005-0054) and MS05-013 (CVE-2005-1319) (Fixes Exploit code released in Dec.) | ||||
| January 2005 | 1/11: Microsoft Patches Critical IE Vulnerability: MS05-001 (CVE-2005-1043) (Fixes Exploit code released in Dec.) | |||
| December 2004 and earlier | ||||
Compiled by Brian Krebs, washingtonpost.com - February 7, 2006
