Mozilla Firefox < 2.0.0.15

The version of Firefox installed on the remote Windows host is prior to 2.0.0.15. It is, therefore, affected by a vulnerability as referenced in the mfsa2008-24 advisory. - Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to...

Mozilla Firefox < 2.0.0.15

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 2.0.0.15. It is, therefore, affected by a vulnerability as referenced in the mfsa2008-24 advisory. - Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote...

EUVD-2019-15430

Malware in sbrugna...

CVE-2019-5859

Insufficient filtering in URI schemes in Google Chrome on Windows prior to 76.0.3809.87 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...

CVE-2010-3771

Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle injection of an ISINDEX element into an about:blank page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via vectors related to redirection to a...

CVE-2010-1504

Cross-site scripting XSS vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to inject arbitrary web script or HTML via vectors related to a chrome://downloads URI...

CVE-2008-2803

The mozIJSSubScriptLoader.LoadScript function in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 does not apply XPCNativeWrappers to scripts loaded from 1 file: URIs, 2 data: URIs, or 3 certain non-canonical chrome: URIs, which allows remote attacker...

Firefox arbitrary JavaScript code execution

Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to execute arbitrary code via an XUL document that includes a script from a chrome: URI that points to a fastload file, related to this file's "privilege level."...

Debian DSA-1506-1 : iceape - several vulnerabilities

Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the SeaMonkey Internet Suite. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0412 Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren a...

Debian DSA-1489-1 : iceweasel - several vulnerabilities

Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0412 Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren and Paul...

Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : firefox vulnerabilities (USN-576-1)

Various flaws were discovered in the browser and JavaScript engine. By tricking a user into opening a malicious web page, an attacker could execute arbitrary code with the user's privileges. CVE-2008-0412, CVE-2008-0413 Flaws were discovered in the file upload form control. A malicious website...

Debian DSA-1484-1 : xulrunner - several vulnerabilities

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0412 Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren and Paul Nickerson discover...

Mozilla Foundation Security Advisory 2008-05

Mozilla Foundation Security Advisory 2008-05 Title: Directory traversal via chrome: URI Impact: High Announced: February 7, 2008 Reporter: Gerry Eisenhaur Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 2.0.0.12 Thunderbird 2.0.0.12 SeaMonkey 1.1.8 Description Gerry Eisenhaur reported...

CVE-2008-0418

Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing sessio...

CVE-2008-0418

Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing sessio...

chrome: directory traversal

Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing sessio...

SeaMonkey < 1.1.8 Multiple Vulnerabilities

The installed version of SeaMonkey is affected by various security issues : - Several stability bugs leading to crashes which, in some cases, show traces of memory corruption - Several file input focus stealing vulnerabilities that could result in uploading of arbitrary files provided their full...

Cross site scripting

Cross-site scripting XSS vulnerability in the Fizzle 0.5 extension for Firefox allows remote attackers to inject arbitrary web script or HTML via RSS feeds, which are executed by the chrome: URI handler...

CVE-2007-1678

Cross-site scripting XSS vulnerability in the Fizzle 0.5 extension for Firefox allows remote attackers to inject arbitrary web script or HTML via RSS feeds, which are executed by the chrome: URI handler...