Seamonkey@1.1.2 Security Vulnerabilities and Issues — Seamonkey@1.1.2 CVE List

Lucene search

MozillaSeamonkey1.1.2

10 matches found

CVE•added 2007/02/26 5:28 p.m.•86 views

CVE-2007-1095

Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 do not properly implement JavaScript onUnload handlers, which allows remote attackers to run certain JavaScript code and access the location DOM hierarchy in the context of the next web site that is visited by a client.

6.8CVSS6.2AI score0.02968EPSS

CVE•added 2007/07/03 10:30 a.m.•77 views

CVE-2007-3511

The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the "for" attribute in a label, which bypasses the focus prevention, as demonstrated by...

4.3CVSS6.3AI score0.02495EPSS

CVE•added 2007/06/01 12:30 a.m.•68 views

CVE-2007-2867

Multiple vulnerabilities in the layout engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service (crash) via vectors related to dangling pointer...

9.3CVSS6.9AI score0.33239EPSS

CVE•added 2007/06/01 12:30 a.m.•65 views

CVE-2007-1362

Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to cause a denial of service via (1) a large cookie path parameter, which triggers memory consumption, or (2) an internal delimiter within cookie path or name values, which could tri...

4.3CVSS6.5AI score0.44569EPSS

CVE•added 2007/09/13 6:17 p.m.•65 views

CVE-2007-4879

Mozilla Firefox before Firefox 2.0.0.13, and SeaMonkey before 1.1.9, can automatically install TLS client certificates with minimal user interaction, and automatically sends these certificates when requested, which makes it easier for remote web sites to track user activities across domains by requ...

5CVSS6.1AI score0.01429EPSS

CVE•added 2007/11/14 1:46 a.m.•65 views

CVE-2007-5947

The jar protocol handler in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 retrieves the inner URL regardless of its MIME type, and considers HTML documents within a jar archive to have the same origin as the inner URL, which allows remote attackers to conduct cross-site scripting (XSS)...

4.3CVSS5.7AI score0.07915EPSS

CVE•added 2007/06/01 12:30 a.m.•63 views

CVE-2007-2870

Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to bypass the same-origin policy and conduct cross-site scripting (XSS) and other attacks by using the addEventListener method to add an event listener for a site, which is executed ...

4.3CVSS5.7AI score0.07535EPSS

CVE•added 2007/06/01 12:30 a.m.•60 views

CVE-2007-2868

Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code...

9.3CVSS7.8AI score0.38443EPSS

CVE•added 2007/06/01 12:30 a.m.•52 views

CVE-2007-2871

Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to spoof or hide the browser chrome, such as the location bar, by placing XUL popups outside of the browser's content pane. NOTE: this issue can be leveraged for phishing and other a...

4.3CVSS6.5AI score0.15561EPSS

CVE•added 2007/11/26 11:46 p.m.•51 views

CVE-2007-5959

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger memory corruption.

9.3CVSS7.9AI score0.1191EPSS