Lucene search

K
MozillaSeamonkey2.0.5

220 matches found

CVE
CVE
added 2012/08/29 10:56 a.m.55 views

CVE-2012-3975

The DOMParser component in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 loads subresources during parsing of text/html data within an extension, which allows remote attackers to obtain sensitive information by providing crafted data to privileged extension code.

4.3CVSS8.8AI score0.00923EPSS
CVE
CVE
added 2012/03/14 7:55 p.m.54 views

CVE-2012-0463

The nsWindow implementation in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 does not check the validity of an instance after even...

7.5CVSS9.7AI score0.04347EPSS
CVE
CVE
added 2012/04/25 10:10 a.m.54 views

CVE-2012-0472

The cairo-dwrite implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9, when certain Windows Vista and Windows 7 configurations are used, does not properly restrict font-renderin...

9.3CVSS9.6AI score0.01525EPSS
CVE
CVE
added 2012/04/25 10:10 a.m.54 views

CVE-2012-0475

Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 do not properly construct the Origin and Sec-WebSocket-Origin HTTP headers, which might allow remote attackers to bypass an IPv6 literal ACL via a cross-site (1) XMLHttpRequest or (2) WebSocket operation involv...

2.6CVSS9AI score0.00289EPSS
CVE
CVE
added 2012/08/29 10:56 a.m.54 views

CVE-2012-1971

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to garba...

9.3CVSS9.8AI score0.02146EPSS
CVE
CVE
added 2011/08/18 6:55 p.m.53 views

CVE-2011-2987

Heap-based buffer overflow in Almost Native Graphics Layer Engine (ANGLE), as used in the WebGL implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products might allow remote attackers to execute arbitrary code via unspecified vectors...

10CVSS9.7AI score0.07952EPSS
CVE
CVE
added 2011/08/18 6:55 p.m.53 views

CVE-2011-2992

The Ogg reader in the browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vector...

10CVSS9.7AI score0.03915EPSS
CVE
CVE
added 2012/08/29 10:56 a.m.53 views

CVE-2012-3971

Summer Institute of Linguistics (SIL) Graphite 2, as used in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the (1) Silf::readClassMap and (2) ...

10CVSS9.4AI score0.03136EPSS
CVE
CVE
added 2014/02/17 10:55 p.m.53 views

CVE-2014-2018

Cross-site scripting (XSS) vulnerability in Mozilla Thunderbird 17.x through 17.0.8, Thunderbird ESR 17.x through 17.0.10, and SeaMonkey before 2.20 allows user-assisted remote attackers to inject arbitrary web script or HTML via an e-mail message containing a data: URL in a (1) OBJECT or (2) EMBED...

4.3CVSS7.7AI score0.23161EPSS
CVE
CVE
added 2011/12/07 7:55 p.m.52 views

CVE-2010-5074

The layout engine in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 executes different code for visited and unvisited links during the processing of Cascading Style Sheets (CSS) token sequences, which makes it easier for remote attackers to obtain sensitive information...

4.3CVSS8.9AI score0.00178EPSS
CVE
CVE
added 2011/08/18 6:55 p.m.52 views

CVE-2011-2991

The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products does not properly implement JavaScript, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary...

10CVSS9.8AI score0.04124EPSS
CVE
CVE
added 2011/12/21 4:2 a.m.52 views

CVE-2011-3661

YARR, as used in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted JavaScript.

7.5CVSS9.6AI score0.04527EPSS
CVE
CVE
added 2012/03/14 7:55 p.m.51 views

CVE-2012-0454

Use-after-free vulnerability in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 on 32-bit Windows 7 platforms allows remote attackers to cause a denial of service (application crash) or poss...

7.5CVSS7.8AI score0.02911EPSS
CVE
CVE
added 2011/08/18 6:55 p.m.50 views

CVE-2011-2988

Buffer overflow in an unspecified string class in the WebGL shader implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a lo...

10CVSS9.7AI score0.04825EPSS
CVE
CVE
added 2011/04/15 8:55 p.m.49 views

CVE-2011-1712

The txXPathNodeUtils::getXSLTId function in txMozillaXPathTreeWalker.cpp and txStandaloneXPathTreeWalker.cpp in Mozilla Firefox before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1, and SeaMonkey before 2.0.14, allows remote attackers to obtain potentially sensitive information about heap memor...

4.3CVSS9AI score0.00331EPSS
CVE
CVE
added 2012/06/18 7:55 p.m.49 views

CVE-2011-3671

Use-after-free vulnerability in the nsHTMLSelectElement function in nsHTMLSelectElement.cpp in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allows remote attackers to execute arbitrary code via vectors involving removal of the parent node of an element.

7.5CVSS7.4AI score0.01755EPSS
CVE
CVE
added 2011/12/21 4:2 a.m.48 views

CVE-2011-3660

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trig...

10CVSS9.8AI score0.03749EPSS
CVE
CVE
added 2011/08/18 6:55 p.m.47 views

CVE-2011-2990

The implementation of Content Security Policy (CSP) violation reports in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other products does not remove proxy-authorization credentials from the listed request headers, which allows attackers to obtain sensitive information by re...

5CVSS8.9AI score0.00542EPSS
CVE
CVE
added 2011/12/07 7:55 p.m.45 views

CVE-2002-2437

The JavaScript implementation in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web...

5CVSS6.1AI score0.00294EPSS
CVE
CVE
added 2011/12/21 4:2 a.m.45 views

CVE-2011-3664

Mozilla Firefox before 9.0, Thunderbird before 9.0, and SeaMonkey before 2.6 on Mac OS X do not properly handle certain DOM frame deletions by plugins, which allows remote attackers to cause a denial of service (incorrect pointer dereference and application crash) or possibly have unspecified other...

6.8CVSS7.2AI score0.01153EPSS
Total number of security vulnerabilities220