5 matches found
CVE-2013-6674
CVE-2013-6674 is an XSS vulnerability in Mozilla Thunderbird 17.x up to 17.0.8, Thunderbird ESR 17.x up to 17.0.10, and SeaMonkey before 2.20. The issue is triggered by an email containing a data: URL inside an IFRAME, allowing a user‑assisted remote attacker to inject arbitrary web script/HTML. ...
Mozilla SeaMonkey - Filter Bypass & Persistent Vulnerability
Document Title: =============== Mozilla SeaMonkey - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=967 Mozilla Bug Tracking ID: 881686 http://www.vulnerability-lab.com/getcontent.php?id=953 Mozilla Bug Tracking I...
Mozilla Thunderbird does not adequately restrict HTML elements in email message content
Overview Mozilla Thunderbird does not adequately restrict HTML elements in email content, which could allow an attacker to execute arbitrary script when a specially-crafted email message is forwarded or replied to. Description Vulnerability Lab has reported a vulnerability in the way Mozilla...
Mozilla Bug Bounty #5 - WireTap Remote Web Vulnerability
Document Title: =============== Mozilla Bug Bounty 5 - WireTap Remote Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=953 Mozilla Bug Tracking ID: 875818 Video: http://www.vulnerability-lab.com/getcontent.php?id=1182 KBCERT: VU863369...
SeaMonkey < 2.20 Multiple Vulnerabilities
The installed version of SeaMonkey is a version prior to 2.20. It is, therefore, potentially affected by the following vulnerabilities : - Various errors exist that could allow memory corruption conditions. CVE-2013-1701, CVE-2013-1702 - Use-after-free errors exist related to DOM modification whe...