Seamonkey@1.1.3 Security Vulnerabilities and Issues — Seamonkey@1.1.3 CVE List

Lucene search

MozillaSeamonkey1.1.3

7 matches found

CVE•added 2007/02/26 5:28 p.m.•86 views

CVE-2007-1095

Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 do not properly implement JavaScript onUnload handlers, which allows remote attackers to run certain JavaScript code and access the location DOM hierarchy in the context of the next web site that is visited by a client.

6.8CVSS6.2AI score0.02968EPSS

CVE•added 2007/08/08 1:17 a.m.•82 views

CVE-2007-3845

Mozilla Firefox before 2.0.0.6, Thunderbird before 1.5.0.13 and 2.x before 2.0.0.6, and SeaMonkey before 1.1.4 allow remote attackers to execute arbitrary commands via certain vectors associated with launching "a file handling program based on the file extension at the end of the URI," a variant of...

9.3CVSS7.1AI score0.43235EPSS

CVE•added 2007/07/03 10:30 a.m.•77 views

CVE-2007-3511

The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the "for" attribute in a label, which bypasses the focus prevention, as demonstrated by...

4.3CVSS6.3AI score0.02495EPSS

CVE•added 2007/08/08 1:17 a.m.•73 views

CVE-2007-3844

Mozilla Firefox 2.0.0.5, Thunderbird 2.0.0.5 and before 1.5.0.13, and SeaMonkey 1.1.3 allows remote attackers to conduct cross-site scripting (XSS) attacks with chrome privileges via an addon that inserts a (1) javascript: or (2) data: link into an about:blank document loaded by chrome via (a) the ...

4.3CVSS5.8AI score0.26705EPSS

CVE•added 2007/09/13 6:17 p.m.•65 views

CVE-2007-4879

Mozilla Firefox before Firefox 2.0.0.13, and SeaMonkey before 1.1.9, can automatically install TLS client certificates with minimal user interaction, and automatically sends these certificates when requested, which makes it easier for remote web sites to track user activities across domains by requ...

5CVSS6.1AI score0.01429EPSS

CVE•added 2007/11/14 1:46 a.m.•65 views

CVE-2007-5947

The jar protocol handler in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 retrieves the inner URL regardless of its MIME type, and considers HTML documents within a jar archive to have the same origin as the inner URL, which allows remote attackers to conduct cross-site scripting (XSS)...

4.3CVSS5.7AI score0.07915EPSS

CVE•added 2007/11/26 11:46 p.m.•51 views

CVE-2007-5959

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger memory corruption.

9.3CVSS7.9AI score0.1191EPSS