Search CVE reports
111 – 120 of 148 results
Some fixes available 8 of 11
intl/uconv/util/nsUnicodeDecodeHelper.cpp in Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 inserts a U+FFFD sequence into text in certain circumstances involving undefined positions, which might make it easier...
4 affected packages
firefox, firefox-3.0, firefox-3.5, xulrunner-1.9.2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| firefox-3.5 | — | — | — | — |
| xulrunner-1.9.2 | — | — | — | — |
Some fixes available 8 of 11
Use-after-free vulnerability in the NodeIterator implementation in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via a crafted NodeFilter...
4 affected packages
firefox, firefox-3.0, firefox-3.5, xulrunner-1.9.2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| firefox-3.5 | — | — | — | — |
| xulrunner-1.9.2 | — | — | — | — |
Some fixes available 8 of 11
Use-after-free vulnerability in the attribute-cloning functionality in the DOM implementation in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary...
4 affected packages
firefox, firefox-3.0, firefox-3.5, xulrunner-1.9.2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| firefox-3.5 | — | — | — | — |
| xulrunner-1.9.2 | — | — | — | — |
Some fixes available 8 of 11
Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 do not properly implement read restrictions for CANVAS elements, which allows remote attackers to obtain sensitive cross-origin information via vectors involving reference...
4 affected packages
firefox, firefox-3.0, firefox-3.5, xulrunner-1.9.2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| firefox-3.5 | — | — | — | — |
| xulrunner-1.9.2 | — | — | — | — |
Some fixes available 12 of 15
The startDocumentLoad function in browser/base/content/browser.js in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, does not properly implement the Same Origin Policy in...
5 affected packages
firefox, firefox-3.0, firefox-3.5, seamonkey, xulrunner-1.9.2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| firefox-3.5 | — | — | — | — |
| seamonkey | — | — | — | — |
| xulrunner-1.9.2 | — | — | — | — |
Some fixes available 10 of 18
The nsIScriptableUnescapeHTML.parseFragment method in the ParanoidFragmentSink protection mechanism in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 does not properly...
6 affected packages
firefox, firefox-3.0, firefox-3.5, seamonkey, thunderbird, xulrunner-1.9.2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| firefox-3.5 | — | — | — | — |
| seamonkey | — | — | — | — |
| thunderbird | — | — | — | — |
| xulrunner-1.9.2 | — | — | — | — |
Some fixes available 10 of 20
Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, executes a mail application in situations where an IMG element has a SRC attribute that is a redirect to a mailto: URL, which allows remote attackers...
7 affected packages
seamonkey, firefox, firefox-3.0, firefox-3.5, xulrunner...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| seamonkey | — | — | — | — |
| firefox | — | — | — | — |
| firefox-3.0 | — | — | — | — |
| firefox-3.5 | — | — | — | — |
| xulrunner | — | — | — | — |
| xulrunner-1.9 | — | — | — | — |
| xulrunner-1.9.1 | — | — | — | — |
The GeckoActiveXObject function in Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, generates different exception messages depending on whether the referenced COM object is listed in the registry,...
5 affected packages
firefox-3.0, firefox-3.5, seamonkey, xulrunner-1.9, xulrunner-1.9.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox-3.0 | — | — | — | — |
| firefox-3.5 | — | — | — | — |
| seamonkey | — | — | — | — |
| xulrunner-1.9 | — | — | — | — |
| xulrunner-1.9.1 | — | — | — | — |
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code...
2 affected packages
firefox-3.5, xulrunner-1.9.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox-3.5 | — | — | — | — |
| xulrunner-1.9.1 | — | — | — | — |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via...
2 affected packages
firefox-3.5, xulrunner-1.9.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox-3.5 | — | — | — | — |
| xulrunner-1.9.1 | — | — | — | — |