Lucene search

K

9 matches found

CVE
CVE
added 2005/05/02 4:0 a.m.69 views

CVE-2005-0989

The find_replen function in jsstr.c in the Javascript engine for Mozilla Suite 1.7.6, Firefox 1.0.1 and 1.0.2, and Netscape 7.2 allows remote attackers to read portions of heap memory in a Javascript string via the lambda replace method.

5CVSS6.2AI score0.25295EPSS
CVE
CVE
added 2005/12/09 3:3 p.m.67 views

CVE-2005-4134

Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not processed efficiently during startup. NOTE: desp...

5CVSS6.5AI score0.27694EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.63 views

CVE-2005-1157

Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to replace existing search plugins with malicious ones using sidebar.addSearchEngine and the same filename as the target engine, which may not be displayed in the GUI, which could then be used to execute mali...

7.5CVSS6.4AI score0.07353EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.59 views

CVE-2005-1156

Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to execute arbitrary script and code via a new search plugin using sidebar.addSearchEngine, aka "Firesearching 1."

7.5CVSS6.7AI score0.06778EPSS
CVE
CVE
added 2005/01/10 5:0 a.m.51 views

CVE-2004-1160

Netscape 7.x to 7.2, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window inject...

7.5CVSS6.7AI score0.01048EPSS
CVE
CVE
added 2005/07/14 4:0 a.m.45 views

CVE-2002-2061

Heap-based buffer overflow in Netscape 6.2.3 and Mozilla 1.0 and earlier allows remote attackers to crash client browsers and execute arbitrary code via a PNG image with large width and height values and an 8-bit or 16-bit alpha channel.

7.5CVSS8AI score0.03376EPSS
CVE
CVE
added 2005/02/26 5:0 a.m.42 views

CVE-2004-1753

The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, and Firefox 0.9.3 on MacOS X 10.3.5, when tabbed browsing is enabled, does not properly handle SetWindow(NULL) calls, which allows Java applets from one tab to draw to other tabs and facilitates phishing attacks that spoof tabs.

2.6CVSS6.5AI score0.00868EPSS
CVE
CVE
added 2005/07/14 4:0 a.m.40 views

CVE-2002-2013

Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.

5CVSS6.6AI score0.00477EPSS
CVE
CVE
added 2005/11/16 7:37 a.m.40 views

CVE-2003-1265

Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the trash folder when users select the 'Empty Trash' option, which could allow local users to access deleted messages.

2.1CVSS6.7AI score0.00071EPSS