16 matches found
EUVD-2012-1969
Malware in sbrugna...
EUVD-2012-0504
Malware in sbrugna...
EUVD-2011-0093
Malware in sbrugna...
EUVD-2007-0775
Malware in sbrugna...
EUVD-2010-0207
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2012-0464
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before...
Linux Distros Unpatched Vulnerability : CVE-2012-0458
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before...
Linux Distros Unpatched Vulnerability : CVE-2010-3774
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The NSSecurityCompareURIs function in netwerk/base/public/nsNetUtil.h in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, doe...
SUSE CVE-2008-1236
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors related to the layout engine...
SUSE CVE-2014-1591
Mozilla Firefox 33.0 and SeaMonkey before 2.31 include path strings in CSP violation reports, which allows remote attackers to obtain sensitive information via a web site that receives a report after a redirect...
CVE-2010-5074
CVE-2010-5074 affects Mozilla Firefox (before 4.0), Thunderbird (before 3.3), and SeaMonkey (before 2.1). The vulnerability stems from the layout engine comparing visited vs. unvisited links while processing CSS token sequences, causing a timing-based information disclosure. An attacker could rem...
javascript: URLs in chrome documents (MFSA 2011-08)
The nsIScriptableUnescapeHTML.parseFragment method in the ParanoidFragmentSink protection mechanism in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 does not properly sanitize HTML in a chrome document, which makes it easier for remot...
VulnCheck KEV: CVE-2010-3765
Mozilla Firefox, SeaMonkey, and Thunderbird contain an unspecified vulnerability when JavaScript is enabled. This allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation...
jar: scheme ignores the content-disposition: header on the inner URI
The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting XSS attacks and possibly other attacks via an uploaded .jar file with a...
Gentoo Security Advisory GLSA 200805-18 (mozilla ...)
The remote host is missing updates announced in advisory GLSA 200805-18. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Referrer spoofing bug
Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when generating the HTTP Referer header, does not list the entire URL when it contains Basic Authentication credentials without a username, which makes it easier for remote attackers to bypass application protection mechanisms that rely ...