Session fixation

The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox before 3.6.20, and 4.x through 5; Thunderbird 3.x before 3.1.12 and other versions before 6; SeaMonkey 2.x before 2.3; and possibly other products does not properly handle SVG text, which allows remote attackers to execute...

CVE-2011-0084

The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox before 3.6.20, and 4.x through 5; Thunderbird 3.x before 3.1.12 and other versions before 6; SeaMonkey 2.x before 2.3; and possibly other products does not properly handle SVG text, which allows remote attackers to execute...

CVE-2011-2378

The appendChild function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, SeaMonkey 2.x, and possibly other products does not properly handle DOM objects, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to dereferencing of a "dangling...

Mozilla Firefox 5.0 Multiple Vulnerabilities

Binary data 801346.prm...

Mozilla Firefox 3.6 < 3.6.20 Multiple Vulnerabilities

Binary data 801343.prm...

Mozilla Thunderbird 5 Multiple Vulnerabilities

Binary data 801266.prm...

Mozilla SeaMonkey 2.x < 2.3.0 Multiple Vulnerabilities

Binary data 801272.prm...

SUSE: Security Advisory for MozillaFirefox, MozillaThunderbird (SUSE-SA:2011:028)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Firefox 3.6 < 3.6.20 Multiple Vulnerabilities

The installed version of Firefox 3.6 is earlier than 3.6.20. As such, it is potentially affected by the following security issues : - A dangling pointer vulnerability exists in an SVG text manipulation routine. CVE-2011-0084 - A DOM accounting error exists in the 'appendChild' JavaScript function...

Mozilla Thunderbird < 6.0 Multiple Vulnerabilities

The installed version of Thunderbird is earlier than 6.0 and thus, is potentially affected by the following security issues : - Several memory safety bugs exist in the browser engine that may permit remote code execution. CVE-2011-2985, CVE-2011-2989, CVE-2011-2991, CVE-2011-2992 - A dangling...

SeaMonkey < 2.3.0 Multiple Vulnerabilities

The installed version of SeaMonkey is earlier than 2.3.0. Such versions are potentially affected by the following security issues : - An error in SVG text manipulation code creates a dangling pointer vulnerability. CVE-2011-0084 - Multiple, unspecified memory safety issues exist. CVE-2011-2985 - ...

CVE-2011-0084

The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox before 3.6.20, and 4.x through 5; Thunderbird 3.x before 3.1.12 and other versions before 6; SeaMonkey 2.x before 2.3; and possibly other products does not properly handle SVG text, which allows remote attackers to execute...

Mozilla Thunderbird 3.1 < 3.1.12 Multiple Vulnerabilities

The installed version of Thunderbird 3.1 is earlier than 3.1.12. As such, it is potentially affected by the following security issues : - Several memory safety bugs exist in the browser engine that may permit remote code execution. CVE-2011-2982 - A dangling pointer vulnerability exists in an SVG...

Mozilla Firefox SVGTextElement.getCharNumAtPosition Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the code...

Mozilla: Dangling pointer vulnerability in appendChild

The appendChild function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, SeaMonkey 2.x, and possibly other products does not properly handle DOM objects, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to dereferencing of a "dangling...

Mozilla: Crash in SVGTextElement.getCharNumAtPosition()

The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox before 3.6.20, and 4.x through 5; Thunderbird 3.x before 3.1.12 and other versions before 6; SeaMonkey 2.x before 2.3; and possibly other products does not properly handle SVG text, which allows remote attackers to execute...

Mozilla: Crash in SVGTextElement.getCharNumAtPosition()

The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox before 3.6.20, and 4.x through 5; Thunderbird 3.x before 3.1.12 and other versions before 6; SeaMonkey 2.x before 2.3; and possibly other products does not properly handle SVG text, which allows remote attackers to execute...

Mozilla: Dangling pointer vulnerability in appendChild

The appendChild function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, SeaMonkey 2.x, and possibly other products does not properly handle DOM objects, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to dereferencing of a "dangling...

Security issues addressed in Thunderbird 3.1.12 — Mozilla

Many of the issues listed below are not exploitable through mail since JavaScript is disabled by default in Thunderbird. These particular issues may be triggered while viewing RSS feeds and displaying full remote content rather than the feed summary. Addons that expose browser functionality may...

Security issues addressed in Firefox 3.6.20 — Mozilla

Miscellaneous memory safety hazards rv:1.9.2.20 Impact: Critical Description: Mozilla developers and community members identified and fixed several memory safety bugs in the browser engine used in Firefox 3.6 and other Mozilla-based products. Some of these bugs showed evidence of memory corruptio...