Lucene search
K

67 matches found

UbuntuCve
UbuntuCve
added 2013/08/06 12:0 a.m.23 views

CVE-2013-1711

The XrayWrapper implementation in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 does not properly address the possibility of an XBL scope bypass resulting from non-native arguments in XBL function calls, which makes it easier for remote attackers to conduct cross-site scripting XSS attack...

4.3CVSS6.9AI score0.02158EPSS
Exploits0References3
NVD
NVD
added 2013/06/26 3:19 a.m.18 views

CVE-2013-1697

The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly restrict use of DefaultValue for method calls, which allows remote attackers to execute arbitrary JavaScript code with...

9.3CVSS8.2AI score0.03166EPSS
Exploits0References16
Prion
Prion
added 2013/06/26 3:19 a.m.15 views

Design/Logic Flaw

The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly restrict use of DefaultValue for method calls, which allows remote attackers to execute arbitrary JavaScript code with...

9.3CVSS7.6AI score0.03166EPSS
Exploits0References16Affected Software4
CVE
CVE
added 2013/06/26 1:0 a.m.151 views

CVE-2013-1697

CVE-2013-1697 affects Mozilla Firefox (before 22.0) and related Thunderbird/ESR builds. The XrayWrapper allowed bypassing restrictions on DefaultValue for method calls, enabling remote JavaScript execution with chrome privileges via a crafted site using a user-defined (1) toString or (2) valueOf....

9.3CVSS7.1AI score0.03166EPSS
Exploits0References16Affected Software1
Cvelist
Cvelist
added 2013/06/26 1:0 a.m.26 views

CVE-2013-1697

The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly restrict use of DefaultValue for method calls, which allows remote attackers to execute arbitrary JavaScript code with...

7.3AI score0.03166EPSS
Exploits0References16
OpenVAS
OpenVAS
added 2013/06/26 12:0 a.m.34 views

Mozilla Thunderbird ESR Multiple Vulnerabilities - June 13 (Mac OS X)

This host is installed with Mozilla Thunderbird ESR and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodmozillathunderbirdesrmultvulnjun13macosx.nasl 6104 2017-05-11 09:03:48Z teissa $ Mozilla Thunderbird ESR Multiple Vulnerabilities - June 13 Mac OS X Authors: Arun...

10CVSS0.8AI score0.69021EPSS
Exploits9References3
OpenVAS
OpenVAS
added 2013/06/26 12:0 a.m.42 views

Mozilla Thunderbird Multiple Vulnerabilities - June 13 (Windows)

The host is installed with Mozilla Thunderbird and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodmozillathunderbirdmultvulnjun13win.nasl 6115 2017-05-12 09:03:25Z teissa $ Mozilla Thunderbird Multiple Vulnerabilities - June 13 Windows Authors: Arun Kallavi Copyright:...

10CVSS0.5AI score0.69021EPSS
Exploits9References3
OpenVAS
OpenVAS
added 2013/06/26 12:0 a.m.26 views

Mozilla Thunderbird Multiple Vulnerabilities - June 13 (Mac OS X)

This host is installed with Mozilla Thunderbird and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodmozillathunderbirdmultvulnjun13macosx.nasl 6125 2017-05-15 09:03:42Z teissa $ Mozilla Thunderbird Multiple Vulnerabilities - June 13 Mac OS X Authors: Arun Kallavi...

10CVSS0.7AI score0.69021EPSS
Exploits9References3
UbuntuCve
UbuntuCve
added 2013/06/25 12:0 a.m.44 views

CVE-2013-1697

The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly restrict use of DefaultValue for method calls, which allows remote attackers to execute arbitrary JavaScript code with...

9.3CVSS7.4AI score0.03166EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2012/12/03 3:53 p.m.79 views

USN-1638-3: Firefox regressions

USN-1638-1 fixed vulnerabilities in Firefox. The new packages introduced regressions in cookies handling and the User Agent string. This update fixes the problem. Original advisory details: Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed Morley, Chris Lord, Boris Zbarsky,...

8.8AI score
Exploits0References2
OpenVAS
OpenVAS
added 2012/11/26 12:0 a.m.30 views

Mozilla Firefox Multiple Vulnerabilities-02 (Nov 2012) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9AI score0.11079EPSS
Exploits10References23
OpenVAS
OpenVAS
added 2012/11/26 12:0 a.m.30 views

Mozilla Firefox Multiple Vulnerabilities-02 (Nov 2012) - Mac OS X

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9AI score0.11079EPSS
Exploits10References19
OpenVAS
OpenVAS
added 2012/11/26 12:0 a.m.41 views

Mozilla SeaMonkey Multiple Vulnerabilities-02 November12 (Mac OS X)

This host is installed with Mozilla Seamonkey and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaseamonkeymultvuln02nov12macosx.nasl 6074 2017-05-05 09:03:14Z teissa $ Mozilla SeaMonkey Multiple Vulnerabilities-02 November12 Mac OS X Authors: Arun Kallavi Copyright...

10CVSS0.8AI score0.06155EPSS
Exploits5References10
OpenVAS
OpenVAS
added 2012/11/26 12:0 a.m.30 views

Mozilla SeaMonkey Multiple Vulnerabilities-02 November12 (Windows)

This host is installed with Mozilla Seamonkey and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaseamonkeymultvuln02nov12win.nasl 5999 2017-04-21 09:02:32Z teissa $ Mozilla SeaMonkey Multiple Vulnerabilities-02 November12 Windows Authors: Arun Kallavi Copyright:...

10CVSS0.9AI score0.06155EPSS
Exploits5References10
Tenable Nessus
Tenable Nessus
added 2012/11/23 12:0 a.m.47 views

Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : thunderbird vulnerabilities (USN-1636-1)

Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed Morley, Chris Lord, Boris Zbarsky, Julian Seward, Bill McCloskey, and Andrew McCreight discovered several memory corruption flaws in Thunderbird. If a user were tricked into opening a malicious website and had JavaScript...

10CVSS8.7AI score0.11079EPSS
Exploits15References26
NVD
NVD
added 2012/11/21 12:55 p.m.14 views

CVE-2012-4208

The XrayWrapper implementation in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 does not consider the compartment during property filtering, which allows remote attackers to bypass intended chrome-only restrictions on reading DOM object properties via a crafted w...

4.3CVSS8.3AI score0.0211EPSS
Exploits0References19
Prion
Prion
added 2012/11/21 12:55 p.m.13 views

Code injection

The XrayWrapper implementation in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 does not consider the compartment during property filtering, which allows remote attackers to bypass intended chrome-only restrictions on reading DOM object properties via a crafted w...

4.3CVSS6.8AI score0.0211EPSS
Exploits0References19Affected Software8
CVE
CVE
added 2012/11/21 11:0 a.m.108 views

CVE-2012-4208

CVE-2012-4208 affects Mozilla Firefox ≤ prior to 17.0, Thunderbird ≤ prior to 17.0, and SeaMonkey ≤ 2.13/2.14. The XrayWrapper did not consider compartment during property filtering, allowing remote sites to bypass chrome-only restrictions on reading DOM object properties. Impact per description:...

4.3CVSS8.1AI score0.0211EPSS
Exploits0References19Affected Software3
Cvelist
Cvelist
added 2012/11/21 11:0 a.m.20 views

CVE-2012-4208

The XrayWrapper implementation in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 does not consider the compartment during property filtering, which allows remote attackers to bypass intended chrome-only restrictions on reading DOM object properties via a crafted w...

8.3AI score0.0211EPSS
Exploits0References19
UbuntuCve
UbuntuCve
added 2012/11/21 12:0 a.m.20 views

CVE-2012-4208

The XrayWrapper implementation in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 does not consider the compartment during property filtering, which allows remote attackers to bypass intended chrome-only restrictions on reading DOM object properties via a crafted w...

4.3CVSS7.2AI score0.0211EPSS
Exploits0References3
Rows per page
Query Builder