Thunderbird@* Security Vulnerabilities and Issues — Thunderbird@* CVE List

Lucene search

MozillaThunderbird*

7 matches found

CVE•added 2007/02/26 8:28 p.m.•85 views

CVE-2007-0009

Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote attac...

6.8CVSS7.9AI score0.48677EPSS

CVE•added 2007/10/21 7:17 p.m.•81 views

CVE-2007-5340

Multiple vulnerabilities in the Javascript engine in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption.

4.3CVSS6.5AI score0.1475EPSS

CVE•added 2007/02/26 8:28 p.m.•80 views

CVE-2007-0008

Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to ex...

6.8CVSS7.4AI score0.14482EPSS

CVE•added 2007/10/21 7:17 p.m.•80 views

CVE-2007-5339

Multiple vulnerabilities in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption or assert errors.

4.3CVSS6.8AI score0.20176EPSS

CVE•added 2007/09/12 8:17 p.m.•78 views

CVE-2007-4841

Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to execute arbitrary commands via a (1) mailto, (2) nntp, (3) news, or (4) snews URI with invalid "%" encoding, related to improper file type handling on Windows XP with Internet Explorer ...

9.3CVSS7.2AI score0.43235EPSS

CVE•added 2007/02/26 7:28 p.m.•58 views

CVE-2007-0777

The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption.

9.3CVSS7.3AI score0.41894EPSS

CVE•added 2007/02/26 7:28 p.m.•51 views

CVE-2007-0776

Heap-based buffer overflow in the _cairo_pen_init function in Mozilla Firefox 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to execute arbitrary code via a large stroke-width attribute in the clipPath element in an SVG file.

9.3CVSS7.5AI score0.30178EPSS