Lucene search
K
MozillaMozilla Suite

27 matches found

CVE
CVE
•added 2006/04/14 10:0 a.m.•175 views

CVE-2006-1733

CVE-2006-1733 affects Mozilla Firefox and Thunderbird 1.x before 1.5, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0. The flaw is in the compilation scope handling of privileged built‑in XBL bindings, enabling a remote attacker to run arbitrary code via (1) valueOf.call or (2) valueOf.appl...

6.8CVSS7.3AI score0.05077EPSS
CVE
CVE
•added 2006/04/14 10:0 a.m.•168 views

CVE-2006-1735

CVE-2006-1735 affects Mozilla Firefox and Thunderbird 1.x prior to 1.5 and 1.0.x prior to 1.0.8, Mozilla Suite prior to 1.7.13, and SeaMonkey prior to 1.0. The vulnerability arises from using an eval in an XBL method binding (XBL.method.eval) to create Javascript functions that are compiled with ...

9.3CVSS7.3AI score0.08979EPSS
CVE
CVE
•added 2006/04/14 6:0 p.m.•166 views

CVE-2006-1737

CVE-2006-1737 is described as an integer overflow in JavaScript when processing a very large regular expression, affecting Mozilla Firefox/Thunderbird (and related Mozilla-suite components) prior to specified updates. Connected advisories corroborate a memory-currption/robustness issue in JavaScr...

9.3CVSS7.3AI score0.04801EPSS
CVE
CVE
•added 2006/04/14 10:0 a.m.•121 views

CVE-2006-1741

CVE-2006-1741 affects Mozilla Firefox (1.x up to 1.5, and 1.0.x up to 1.0.8), Mozilla Suite up to 1.7.13, and SeaMonkey up to 1.0, enabling remote attackers to inject arbitrary JavaScript into other sites. The root causes involve (1) using a modal alert to suspend an event handler during page loa...

4.3CVSS6.2AI score0.03892EPSS
CVE
CVE
•added 2006/04/14 10:0 a.m.•109 views

CVE-2006-1742

CVE-2006-1742 affects Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0. The issue stems from improper handling of temporary variables that are not garbage collected, which could allow remote attackers to access freed memo...

5CVSS6.1AI score0.03877EPSS
CVE
CVE
•added 2006/04/14 10:0 a.m.•108 views

CVE-2006-1730

CVE-2006-1730 is a heap-based buffer overflow vulnerability caused by an integer overflow in the CSS letter-spacing handling, allowing remote code execution. Affected products and versions include Mozilla Firefox and Thunderbird 1.x before 1.5.0.2, and 1.0.x before 1.0.8; Mozilla Suite before 1.7...

9.3CVSS7.6AI score0.1034EPSS
CVE
CVE
•added 2006/04/14 10:0 a.m.•108 views

CVE-2006-1739

CVE-2006-1739 is a memory-corruption flaw in the CSS border rendering path used by Mozilla Firefox/Thunderbird/SeaMonkey. The issue could crash the browser or potentially allow arbitrary code execution via crafted CSS (out-of-bounds writes/buffer overflow). Affected products include Firefox/Thund...

9.3CVSS7.5AI score0.08251EPSS
CVE
CVE
•added 2005/09/23 4:0 a.m.•106 views

CVE-2005-2701

CVE-2005-2701 is a heap-based buffer overflow in the XBM image handling of Mozilla Firefox (pre-1.0.7) and Mozilla Suite (pre-1.7.12). Exploitation path involves a specially crafted XBM image that ends with many spaces instead of the proper end tag, enabling remote code execution under the user’s...

7.5CVSS7.7AI score0.0686EPSS
CVE
CVE
•added 2005/09/23 4:0 a.m.•105 views

CVE-2005-2703

CVE-2005-2703 affects Firefox up to 1.0.7 and Mozilla Suite up to 1.7.12. The issue lets a remote attacker modify HTTP headers of XML HTTP requests made via XMLHttpRequest, potentially enabling attacks such as HTTP request smuggling or splitting. This is triggered by how XMLHttpRequests are handl...

5CVSS6.5AI score0.01789EPSS
CVE
CVE
•added 2006/04/14 10:0 a.m.•105 views

CVE-2006-1728

CVE-2006-1728 affects multiple Mozilla-based products (Firefox and Thunderbird 1.x < 1.5.0.2; Mozilla Suite < 1.7.13; SeaMonkey

9.3CVSS7.2AI score0.09488EPSS
CVE
CVE
•added 2005/09/23 4:0 a.m.•103 views

CVE-2005-2706

The CVE-2005-2706 issue affects Firefox up to 1.0.6/1.0.x and Mozilla Suite up to 1.7.11, where an about: page (e.g., about:mozilla) could run JavaScript with chrome privileges due to a chrome privileges enforcement flaw. This could enable a remote attacker to inject or execute code with the brow...

6.4CVSS6.5AI score0.02763EPSS
CVE
CVE
•added 2006/04/14 10:0 a.m.•99 views

CVE-2006-1727

CVE-2006-1727 affects Mozilla-derived browsers: Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1. The issue allows remote attackers to gain chrome privileges through multiple attack vectors related to the use of XBL...

7.6CVSS6.4AI score0.06371EPSS
CVE
CVE
•added 2005/09/23 4:0 a.m.•97 views

CVE-2005-2702

CVE-2005-2702 affects Mozilla/Firefox: vulnerable when processing Unicode sequences, specifically zero-width non-joiner characters. Firefox prior to 1.0.7 and Mozilla Suite prior to 1.7.12 are at risk. Reported impact: remote attacker could cause a crash and, in some scenarios, may execute arbitr...

7.5CVSS7.4AI score0.03616EPSS
CVE
CVE
•added 2006/04/14 10:0 a.m.•97 views

CVE-2006-1731

CVE-2006-1731 affects Mozilla Firefox/Thunderbird 1.x and related Mozilla suites; the flaw lets a remote attacker trigger XSS by valueOf.call/valueOf.apply with no args, returning the Object prototype instead of the global window. Impact is cross-site scripting; vendors released fixes in Firefox/...

4.3CVSS5.4AI score0.0178EPSS
CVE
CVE
•added 2005/09/23 4:0 a.m.•96 views

CVE-2005-2705

CVE-2005-2705 is a real vulnerability affecting the JavaScript engine in Firefox prior to 1.0.7 and Mozilla Suite prior to 1.7.12. The root cause is an integer overflow in the JavaScript engine that could allow a remote attacker to execute arbitrary code. The impact is remote code execution with ...

7.5CVSS7.2AI score0.03616EPSS
CVE
CVE
•added 2005/09/23 4:0 a.m.•95 views

CVE-2005-2707

CVE-2005-2707 affects Mozilla Firefox (before 1.0.7) and Mozilla Suite (before 1.7.12). The issue allows remote attackers to spawn windows without typical UI components (address/status bars), enabling spoofing/phishing. The NVD entry assigns a base score of 5.0 (MEDIUM) with network attack vector...

5CVSS6.1AI score0.01789EPSS
CVE
CVE
•added 2006/04/14 10:0 a.m.•95 views

CVE-2006-1734

CVE-2006-1734 affects Mozilla Firefox/Thunderbird 1.x prior to 1.5 and 1.0.x prior to 1.0.8, Mozilla Suite prior to 1.7.13, and SeaMonkey prior to 1.0. The vulnerability arises from the Object.watch method being able to access the internal cloneParent function, enabling remote attackers to execut...

6.8CVSS7.3AI score0.06826EPSS
CVE
CVE
•added 2006/04/14 6:0 p.m.•95 views

CVE-2006-1738

CVE-2006-1738 affects Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0. The vulnerability allows a remote attacker to cause a crash (DoS) by altering the (1) -moz-grid and (2) -moz-grid-group display styles. Root cause is...

5CVSS6.1AI score0.04377EPSS
CVE
CVE
•added 2006/06/07 10:0 a.m.•94 views

CVE-2006-2894

The CVE-2006-2894 issue affects Mozilla Firefox up to 1.5.0.4 and Firefox 2.0.x before 2.0.0.8, Mozilla Suite 1.7.13, SeaMonkey before 1.1.5, Netscape 8.1 and earlier. A user-assisted trick using OnKeyDown/OnKeyPress/OnKeyUp events can cause characters of a target filename to be inserted into a f...

4CVSS6.2AI score0.09648EPSS
CVE
CVE
•added 2005/12/09 3:0 p.m.•93 views

CVE-2005-4134

CVE-2005-4134 affects Mozilla Firefox 1.5, Netscape 8.x (8.0.4 and 7.2) and K-Meleon prior to 0.9.12. A remote attacker can cause a denial of service (high CPU usage and delayed startup) by presenting a website with a large title, which is stored in history.dat but not efficiently processed durin...

5CVSS6.5AI score0.12589EPSS
CVE
CVE
•added 2006/04/14 10:0 a.m.•93 views

CVE-2006-1736

Technical details (affected product/version/root cause/impact) are not publicly provided in the connected documents. Monitor for updates.

2.6CVSS6AI score0.02438EPSS
CVE
CVE
•added 2006/04/14 10:0 a.m.•92 views

CVE-2006-0749

CVE-2006-0749 affects Mozilla Firefox and Thunderbird (Firefox/Thunderbird 1.x before 1.5 and Mozilla Suite before 1.7.13; SeaMonkey before 1.0.8). The issue is a memory corruption triggered by a particular sequence of HTML tags, leading to memory corruption, a remote crash, and possibly arbitrar...

9.3CVSS7.3AI score0.10487EPSS
CVE
CVE
•added 2005/09/23 4:0 a.m.•91 views

CVE-2005-2704

CVE-2005-2704 affects Firefox up to 1.0.6 and Mozilla Suite up to 1.7.11/12, where an XBL control implementing an internal XPCOM interface can enable remote spoofing of DOM objects. The vulnerability enables a attacker-controlled DOM objects to impersonate or misrepresent elements, aiding phishin...

5CVSS6.2AI score0.01818EPSS
CVE
CVE
•added 2006/04/14 10:0 a.m.•90 views

CVE-2006-1724

CVE-2006-1724 affects Firefox and Thunderbird before 1.5.0.2, 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1. It is an unspecified vulnerability related to DHTML that can cause a denial of service (crash) and possibly remote code execution. The initial document does n...

7.5CVSS7.3AI score0.0689EPSS
CVE
CVE
•added 2006/04/14 10:0 a.m.•87 views

CVE-2006-1729

CVE-2006-1729 affects Mozilla Firefox 1.x (before 1.5.0.2) and 1.0.x (before 1.0.8), Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1. The vulnerability lets remote attackers read arbitrary files by abusing input controls: (1) insert the target filename into a text box and convert that box...

4.3CVSS6.4AI score0.02234EPSS
CVE
CVE
•added 2006/04/14 10:0 a.m.•85 views

CVE-2006-1740

CVE-2006-1740 affects Mozilla-derived browsers, allowing remote attackers to spoof secure site indicators (e.g., the lock icon) by abusing a popup window that loads the trusted site and then navigates to a malicious site. Affected products include Firefox 1.x prior to 1.5 and 1.0.x prior to 1.0.8...

2.6CVSS5.9AI score0.02477EPSS
CVE
CVE
•added 2006/05/26 1:0 a.m.•65 views

CVE-2006-2613

CVE-2006-2613 affects Mozilla Suite 1.7.13, Mozilla Firefox 1.5.0.3 and possibly other versions before 1.8.0, as well as Netscape 7.2 and 8.1. A remote user‑assisted attacker can cause exceptions to be thrown and inspect message contents to obtain information such as the installation path. The ef...

4.3CVSS6.3AI score0.01664EPSS