6 matches found
SUSE CVE-2009-1311
Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow user-assisted remote attackers to obtain sensitive information via a web page with an embedded frame, which causes POST data from an outer page to be sent to the inner frame's URL during a SAVEMODEFILEONLY save of the inner frame...
SUSE CVE-2009-1313
The nsTextFrame::ClearTextRun function in layout/generic/nsTextFrameThebes.cpp in Mozilla Firefox 3.0.9 allows remote attackers to cause a denial of service memory corruption and probably execute arbitrary code via unspecified vectors. NOTE: this vulnerability reportedly exists because of an...
CVE-2012-3301
Multiple CRLF injection vulnerabilities in the HTTP server in IBM Lotus Domino 8.5.x before 8.5.4 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input involving 1 Mozilla Firefox 3.0.9 and earlier or 2 unspecified browsers...
CVE-2009-1313
The nsTextFrame::ClearTextRun function in layout/generic/nsTextFrameThebes.cpp in Mozilla Firefox 3.0.9 allows remote attackers to cause a denial of service memory corruption and probably execute arbitrary code via unspecified vectors. NOTE: this vulnerability reportedly exists because of an...
Mozilla Foundation Security Advisory 2009-18
Mozilla Foundation Security Advisory 2009-18 Title: XSS hazard using third-party stylesheets and XBL bindings Impact: Low Announced: April 21, 2009 Reporter: Cefn Hoile Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.0.9 Description Web developer Cefn Hoile reported that sites which...
Firefox 2 and 3 Layout engine crash
The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service application crash and possibly trigger memory corruption via vectors related to nsSVGElement::BindToTree...