Search CVE reports
141 – 150 of 222 results
Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via simultaneous XPCOM events, which...
6 affected packages
firefox, firefox-granparadiso, lightning-sunbird, midbrowser, mozilla-thunderbird, xulrunner
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-granparadiso | — | — | — | — |
| lightning-sunbird | — | — | — | — |
| midbrowser | — | — | — | — |
| mozilla-thunderbird | — | — | — | — |
| xulrunner | — | — | — | — |
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object() constructor to return a reference to...
6 affected packages
firefox, firefox-granparadiso, lightning-sunbird, midbrowser, mozilla-thunderbird, xulrunner
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-granparadiso | — | — | — | — |
| lightning-sunbird | — | — | — | — |
| midbrowser | — | — | — | — |
| mozilla-thunderbird | — | — | — | — |
| xulrunner | — | — | — | — |
Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long...
6 affected packages
firefox, firefox-granparadiso, lightning-sunbird, midbrowser, mozilla-thunderbird, xulrunner
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-granparadiso | — | — | — | — |
| lightning-sunbird | — | — | — | — |
| midbrowser | — | — | — | — |
| mozilla-thunderbird | — | — | — | — |
| xulrunner | — | — | — | — |
Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) via a VCard attachment with a malformed base64 field, which copies more data...
1 affected package
mozilla-thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mozilla-thunderbird | — | — | — | — |
Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage...
6 affected packages
firefox, firefox-granparadiso, lightning-sunbird, midbrowser, mozilla-thunderbird, xulrunner
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-granparadiso | — | — | — | — |
| lightning-sunbird | — | — | — | — |
| midbrowser | — | — | — | — |
| mozilla-thunderbird | — | — | — | — |
| xulrunner | — | — | — | — |
Mozilla Firefox 1.5.0.4, 2.0.x before 2.0.0.8, Mozilla Suite 1.7.13, Mozilla SeaMonkey 1.0.2 and other versions before 1.1.5, and Netscape 8.1 and earlier allow user-assisted remote attackers to read arbitrary files by tricking a...
3 affected packages
firefox, mozilla-thunderbird, thunderbird
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| mozilla-thunderbird | — | — | — | — |
| thunderbird | — | — | — | — |
EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain privileges via javascript that calls the valueOf method on objects that were created outside of the sandbox.
6 affected packages
firefox, firefox-granparadiso, lightning-sunbird, midbrowser, mozilla-thunderbird, xulrunner
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-granparadiso | — | — | — | — |
| lightning-sunbird | — | — | — | — |
| midbrowser | — | — | — | — |
| mozilla-thunderbird | — | — | — | — |
| xulrunner | — | — | — | — |
HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from...
6 affected packages
firefox, firefox-granparadiso, lightning-sunbird, midbrowser, mozilla-thunderbird, xulrunner
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-granparadiso | — | — | — | — |
| lightning-sunbird | — | — | — | — |
| midbrowser | — | — | — | — |
| mozilla-thunderbird | — | — | — | — |
| xulrunner | — | — | — | — |
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5.0.4 allows user-assisted remote attackers to inject arbitrary web script or HTML by tricking a user into (1) performing a "View Image" on a broken image in...
6 affected packages
midbrowser, firefox, firefox-granparadiso, lightning-sunbird, mozilla-thunderbird, xulrunner
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| midbrowser | — | — | — | — |
| firefox | — | — | — | — |
| firefox-granparadiso | — | — | — | — |
| lightning-sunbird | — | — | — | — |
| mozilla-thunderbird | — | — | — | — |
| xulrunner | — | — | — | — |
The PLUGINSPAGE functionality in Mozilla Firefox before 1.5.0.4 allows remote user-assisted attackers to execute privileged code by tricking a user into installing missing plugins and selecting the "Manual Install" button, then...
6 affected packages
firefox, firefox-granparadiso, lightning-sunbird, midbrowser, mozilla-thunderbird, xulrunner
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | — | — | — | — |
| firefox-granparadiso | — | — | — | — |
| lightning-sunbird | — | — | — | — |
| midbrowser | — | — | — | — |
| mozilla-thunderbird | — | — | — | — |
| xulrunner | — | — | — | — |