The process_bug.cgi script in Bugzilla allows remote attackers to execute arbitrary commands via shell metacharacters.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.8 |
Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | 4.51 |
| netscape | communicator | 4.05 |
| netscape | communicator | 4.6 |
| netscape | communicator | 4.73 |
| netscape | communicator | 4.61 |
| mozilla | mozilla | m15 |
| netscape | communicator | 4.0 |
| netscape | communicator | 4.5_beta |
| netscape | communicator | 4.08 |
| netscape | communicator | 4.07 |
| netscape | communicator | 4.5 |
| netscape | communicator | 4.7 |
| netscape | communicator | 4.72 |
| netscape | communicator | 4.06 |
Bugzilla 2.10 allows remote attackers to execute arbitrary commands via shell metacharacters in a username that is then processed by (1) the Bugzilla_login cookie in post_bug.cgi, or (2) the who parameter in process_bug.cgi.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.4 |
Bugzilla 2.10 allows remote attackers to access sensitive information, including the database username and password, via an HTTP request for the globals.pl file, which is normally returned by the web server without being executed.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.4 |
Bugzilla before 2.14 does not properly restrict access to confidential bugs, which could allow Bugzilla users to bypass viewing permissions via modified bug id parameters in (1) process_bug.cgi, (2) show_activity.cgi, (3) showvotes.cgi, (4) showdependencytree.cgi, (5) showdependencygraph.cgi, (6) showattachment.cgi, or (7) describecomponents.cgi.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.4 |
Bugzilla before 2.14 does not properly escape untrusted parameters, which could allow remote attackers to conduct unauthorized activities via cross-site scripting (CSS) and possibly SQL injection attacks on (1) the product or output form variables for reports.cgi, (2) the voteon, bug_id, and user variables for showvotes.cgi, (3) an invalid email address in createaccount.cgi, (4) an invalid ID in showdependencytree.cgi, (5) invalid usernames and other fields in process_bug.cgi, and (6) error messages in buglist.cgi.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.4 |
Bugzilla before 2.14 includes the username and password in URLs, which could allow attackers to gain privileges by reading the information from the web server logs, or by "shoulder-surfing" and observing the web browser's location bar.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.4 |
Bugzilla before 2.14 stores user passwords in plaintext and sends password requests in an email message, which could allow attackers to gain privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.4 |
Bugzilla before 2.14 does not restrict access to sanitycheck.cgi, which allows local users to cause a denial of service (CPU consumption) via a flood of requests to sanitycheck.cgi.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.4 |
process_bug.cgi in Bugzilla before 2.14 does not set the "groupset" bit when a bug is moved between product groups, which will cause the bug to have the old group's restrictions, which might not be as stringent.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.4 |
Bugzilla before 2.14 allows Bugzilla users to bypass group security checks by marking a bug as the duplicate of a restricted bug, which adds the user to the CC list of the restricted bug and allows the user to view the bug.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.4 |
Mozilla 0.9.6 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large number of images.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 0.9.6 |
CGI.pl in Bugzilla before 2.14.1, when using LDAP, allows remote attackers to obtain an anonymous bind to the LDAP server via a request that does not include a password, which causes a null password to be sent to the LDAP server.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | * |
Bugzilla before 2.14.1 allows remote attackers to (1) spoof a user comment via an HTTP request to process_bug.cgi using the "who" parameter, instead of the Bugzilla_login cookie, or (2) post a bug as another user by modifying the reporter parameter to enter_bug.cgi, which is passed to post_bug.cgi.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | * |
show_bug.cgi in Bugzilla before 2.14.1 allows a user with "Bugs Access" privileges to see other products that are not accessible to the user, by submitting a bug and reading the resulting Product pulldown menu.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | * |
Bugzilla before 2.14.1 allows remote attackers to inject arbitrary SQL code and create files or gain privileges via (1) the sql parameter in buglist.cgi, (2) invalid field names from the "boolean chart" query in buglist.cgi, (3) the mybugslink parameter in userprefs.cgi, (4) a malformed bug ID in the buglist parameter in long_list.cgi, and (5) the value parameter in editusers.cgi, which allows groupset privileges to be modified by attackers with blessgroupset privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | * |
Information leak in doeditvotes.cgi in Bugzilla before 2.14.1 may allow remote attackers to more easily conduct attacks on the login.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | * |
The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7 allows remote attackers to read arbitrary files and list directories on a client system by opening a URL that redirects the browser to the file on the client, then reading the result using the responseText property.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | navigator | 6.1 |
| mozilla | mozilla | 0.9.9 |
| mozilla | mozilla | 0.9.7 |
| netscape | navigator | 6.2 |
| mozilla | mozilla | 1.0 |
Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | navigator | 6.0 |
| netscape | navigator | 6.01 |
| mozilla | mozilla | 0.9.9 |
| mozilla | mozilla | 1.0 |
| netscape | communicator | 6.1 |
Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | navigator | 6.0 |
| netscape | navigator | 6.01 |
| netscape | navigator | 6.1 |
| mozilla | mozilla | 0.9.9 |
| galeon | galeon_browser | 1.2.1 |
| netscape | navigator | 6.2.2 |
| netscape | navigator | 6.2.1 |
| galeon | galeon_browser | 1.2 |
| netscape | navigator | 6.2 |
| mozilla | mozilla | 1.0 |
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, allows remote attackers to display restricted products and components via a direct HTTP request to queryhelp.cgi.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.14 |
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, when configured to perform reverse DNS lookups, allows remote attackers to bypass IP restrictions by connecting from a system with a spoofed reverse DNS hostname.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.14 |
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, (1) creates new directories with world-writable permissions, and (2) creates the params file with world-writable permissions, which allows local users to modify the files and execute code.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.14 |
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, allows authenticated users with editing privileges to delete other users by directly calling the editusers.cgi script with the "del" option.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.14 |
Cross-site scripting vulnerabilities in Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, could allow remote attackers to execute script as other Bugzilla users via the full name (real name) field, which is not properly quoted by editusers.cgi.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.14 |
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, when performing a mass change, sets the groupset of all bugs to the groupset of the first bug, which could inadvertently cause insecure groupset permissions to be assigned to some bugs.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.14 |
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, does not properly handle URL-encoded field names that are generated by some browsers, which could cause certain fields to appear to be unset, which has the effect of removing group permissions on bugs when buglist.cgi is provided with the encoded field names.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.14 |
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, directs error messages from the syncshadowdb command to the HTML output, which could leak sensitive information, including plaintext passwords, if syncshadowdb fails.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.14 |
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, may allow remote attackers to cause a denial of service or execute certain queries via a SQL injection attack on the sort order parameter to buglist.cgi.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.14 |
The Javascript "Same Origin Policy" (SOP), as implemented in (1) Netscape, (2) Mozilla, and (3) Internet Explorer, allows a remote web server to access HTTP and SOAP/XML content from restricted sites by mapping the malicious server's parent DNS domain name to the restricted site, loading a page from the restricted site into one frame, and passing the information to the attacker-controlled frame, which is allowed because the document.domain of the two frames matches on the parent domain.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | navigator | * |
| microsoft | internet_explorer | 6.0.2900 |
| mozilla | mozilla | * |
Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote attackers to corrupt heap memory and execute arbitrary code via a GIF image with a zero width.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 0.9.9 |
| mozilla | mozilla | 0.9.8 |
| mozilla | mozilla | 0.9.5 |
| mozilla | mozilla | 0.9.7 |
| mozilla | mozilla | 0.9.6 |
| netscape | navigator | 6.2.2 |
| netscape | navigator | 6.2.1 |
| netscape | navigator | 6.2 |
| opera_software | opera_web_browser | 6.0.1 |
| opera_software | opera_web_browser | 6.0 |
| opera_software | opera_web_browser | 5.12 |
| netscape | navigator | 6.2.3 |
| mozilla | mozilla | 1.0 |
Mozilla 1.1 and earlier, and Mozilla-based browsers such as Netscape and Galeon, set the document referrer too quickly in certain situations when a new page is being loaded, which allows web pages to determine the next page that is being visited, including manually entered URLs, using the onunload handler.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 0.9.9 |
| mozilla | mozilla | 0.9.8 |
| mozilla | mozilla | 0.9.5 |
| mozilla | mozilla | 0.9.7 |
| mozilla | mozilla | 0.9.6 |
| mozilla | mozilla | 1.0.1 |
| mozilla | mozilla | 1.1 |
| galeon | galeon_browser | 1.2.5 |
| mozilla | mozilla | 0.9.4 |
| galeon | galeon_browser | 1.2.4 |
| mozilla | mozilla | 0.9.3 |
| galeon | galeon_browser | 1.2.6 |
editproducts.cgi in Bugzilla 2.14.x before 2.14.4, and 2.16.x before 2.16.1, when the "usebuggroups" feature is enabled and more than 47 groups are specified, does not properly calculate bit values for large numbers, which grants extra permissions to users via known features of Perl math that set multiple bits.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.14.2 |
bugzilla_email_append.pl in Bugzilla 2.14.x before 2.14.4, and 2.16.x before 2.16.1, allows remote attackers to execute arbitrary code via shell metacharacters in a system call to processmail.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.14.2 |
Bugzilla 2.16.x before 2.16.1 does not properly filter apostrophes from an email address during account creation, which allows remote attackers to execute arbitrary SQL via a SQL injection attack.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.14.4 |
Heap-based buffer overflow in Netscape and Mozilla allows remote attackers to execute arbitrary code via a jar: URL that references a malformed .jar file, which overflows a buffer during decompression.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 0.9.9 |
| mozilla | mozilla | 0.9.8 |
| mozilla | mozilla | 0.9.7 |
| mozilla | mozilla | 0.9.6 |
| mozilla | mozilla | 1.0.1 |
| netscape | navigator | 6.2.2 |
| netscape | navigator | 6.2.1 |
| mozilla | mozilla | 1.1 |
| netscape | navigator | 6.2 |
| netscape | navigator | 6.2.3 |
| netscape | navigator | 7.0 |
| mozilla | mozilla | 1.0 |
Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 0.9.2.1 |
| netscape | navigator | 4.77 |
| netscape | communicator | 4.6 |
| netscape | communicator | 4.73 |
| netscape | communicator | 4.61 |
| netscape | communicator | 4.0 |
| netscape | navigator | 6.2 |
| mozilla | mozilla | 0.9.4.1 |
| netscape | communicator | 4.74 |
| netscape | communicator | 4.5_beta |
| netscape | navigator | 6.1 |
| netscape | communicator | 4.08 |
| mozilla | mozilla | 0.9.3 |
| netscape | communicator | 4.5 |
| netscape | communicator | 4.7 |
| netscape | communicator | 4.4 |
| netscape | communicator | 4.72 |
| netscape | communicator | 4.06 |
| netscape | navigator | 6.0 |
| netscape | communicator | 4.51 |
| mozilla | mozilla | 0.9.5 |
| netscape | communicator | 4.75 |
| mozilla | mozilla | 0.9.6 |
| mozilla | mozilla | 0.9.2 |
| netscape | communicator | 4.78 |
| mozilla | mozilla | 0.9.4 |
| netscape | navigator | 6.01 |
| netscape | communicator | 4.77 |
| netscape | communicator | 4.07 |
| netscape | communicator | 4.76 |
Heap-based buffer overflow in Netscape 6.2.3 and Mozilla 1.0 and earlier allows remote attackers to crash client browsers and execute arbitrary code via a PNG image with large width and height values and an 8-bit or 16-bit alpha channel.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | * |
| netscape | navigator | 6.2.3 |
Cross-site scripting (XSS) vulnerability in the quips feature in Mozilla Bugzilla 2.10 through 2.17 allows remote attackers to inject arbitrary web script or HTML via the "show all quips" page.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.16.11 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 2.17.6 |
Mozilla 1.0 allows remote attackers to steal cookies from other domains via a javascript: URL with a leading "//" and ending in a newline, which causes the host/path check to fail.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 1.0 |
The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 0.9.2.1 |
| mozilla | mozilla | 0.9.7 |
| netscape | communicator | 4.6 |
| netscape | communicator | 4.73 |
| netscape | communicator | 4.61 |
| netscape | navigator | 6.2.2 |
| netscape | communicator | 4.0 |
| netscape | navigator | 6.2 |
| mozilla | mozilla | 0.9.4.1 |
| netscape | communicator | 4.74 |
| netscape | navigator | 6.1 |
| netscape | communicator | 4.08 |
| mozilla | mozilla | 0.9.3 |
| netscape | communicator | 4.5 |
| netscape | communicator | 4.7 |
| netscape | communicator | 4.4 |
| netscape | communicator | 4.72 |
| netscape | communicator | 4.06 |
| mozilla | mozilla | 1.0 |
| netscape | navigator | 6.0 |
| mozilla | mozilla | 0.9.9 |
| mozilla | mozilla | 0.9.8 |
| netscape | communicator | 4.51 |
| mozilla | mozilla | 0.9.5 |
| netscape | communicator | 4.75 |
| mozilla | mozilla | 0.9.6 |
| mozilla | mozilla | 0.9.2 |
| netscape | navigator | 6.2.1 |
| mozilla | mozilla | 0.9.4 |
| netscape | navigator | 6.01 |
| netscape | communicator | 4.77 |
| netscape | communicator | 4.07 |
| netscape | communicator | 4.76 |
Cross-site scripting (XSS) vulnerability in the FTP view feature in Mozilla 1.0 allows remote attackers to inject arbitrary web script or HTML via the title tag of an ftp URL.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 1.1 |
| mozilla | mozilla | 1.0 |
The Cascading Style Sheets (CSS) implementation in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.6.1 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 3.0.1 |
| mozilla | thunderbird | 3.1.14 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | thunderbird | 3.1.13 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 2.0a1 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 3.6.18 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 3.6.16 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 3.6.20 |
| mozilla | thunderbird | 3.1.12 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | thunderbird | 3.1.15 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | firefox | 3.6.19 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | firefox | 3.6.15 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
The JavaScript implementation in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.6.1 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 3.0.1 |
| mozilla | thunderbird | 3.1.14 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | thunderbird | 3.1.13 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 2.0a1 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 3.6.18 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 3.6.16 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 3.6.20 |
| mozilla | thunderbird | 3.1.12 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | thunderbird | 3.1.15 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | firefox | 3.6.19 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | firefox | 3.6.15 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
The data collection script for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 sets world-writable permissions for the data/mining directory when it runs, which allows local users to modify or delete the data.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.14.4 |
The default .htaccess scripts for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 do not include filenames for backup copies of the localconfig file that are made from editors such as vi and Emacs, which could allow remote attackers to obtain a database password by directly accessing the backup file.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.14.4 |
Unknown vulnerability in bonsai Mozilla CVS query tool allows remote attackers to execute arbitrary commands as the www-data user.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bonsai | 1.3 |
bonsai Mozilla CVS query tool leaks the absolute pathname of the tool in certain error messages generated by (1) cvslog.cgi, (2) cvsview2.cgi, or (3) multidiff.cgi.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bonsai | 1.3 |
Cross-site scripting vulnerabilities (XSS) in bonsai Mozilla CVS query tool allow remote attackers to execute arbitrary web script via (1) the file, root, or rev parameters to cvslog.cgi, (2) the file or root parameters to cvsblame.cgi, (3) various parameters to cvsquery.cgi, (4) the person parameter to showcheckins.cgi, (5) the module parameter to cvsqueryform.cgi, and (6) possibly other attack vectors as identified by Mozilla bug #146244.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bonsai | 1.3 |
bonsai Mozilla CVS query tool allows remote attackers to gain access to the parameters page without authentication.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bonsai | 1.3 |
The IMAP Client for Mozilla 1.3 and 1.4a allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large (1) literal and possibly (2) mailbox size values that cause either integer signedness errors or integer overflow errors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.4 |
The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 1.3 |
| ximian | evolution | 1.2.4 |
| microsoft | outlook_express | 6.00.2800.1106 |
| qualcomm | eudora | 5.2.1 |
| university_of_washington | pine | 4.53 |
| mutt | mutt | 1.4.1 |
| sylpheed | sylpheed_email_client | 0.8.11 |
| mozilla | mozilla | 1.4 |
| stuart_parmenter | balsa | 2.0.10 |
Mozilla allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Mozilla to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.2 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.0.1 |
| mozilla | mozilla | 1.2.1 |
| mozilla | mozilla | 1.1 |
| mozilla | mozilla | 1.0.2 |
| mozilla | mozilla | 1.4.2 |
| mozilla | mozilla | 1.3.1 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.0 |
Multiple cross-site scripting vulnerabilities (XSS) in Bugzilla 2.16.x before 2.16.3 and 2.17.x before 2.17.4 allow remote attackers to insert arbitrary HTML or web script via (1) multiple default German and Russian HTML templates or (2) ALT and NAME attributes in AREA tags as used by the GraphViz graph generation feature for local dependency graphs.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.1 |
Bugzilla 2.16.x before 2.16.3, 2.17.x before 2.17.4, and earlier versions allows local users to overwrite arbitrary files via a symlink attack on temporary files that are created in directories with group-writable or world-writable permissions.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 2.14.2 |
The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-502,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | * |
| sco | openserver | 5.0.7 |
SQL injection vulnerability in collectstats.pl for Bugzilla 2.16.3 and earlier allows remote authenticated users with editproducts privileges to execute arbitrary SQL via the product name.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 2.4 |
SQL injection vulnerability in Bugzilla 2.16.3 and earlier, and 2.17.1 through 2.17.4, allows remote authenticated users with editkeywords privileges to execute arbitrary SQL via the id parameter to editkeywords.cgi.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 2.4 |
editproducts.cgi in Bugzilla 2.16.3 and earlier, when usebuggroups is enabled, does not properly remove group add privileges from a group that is being deleted, which allows users with those privileges to perform unauthorized additions to the next group that is assigned with the original group ID.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 2.4 |
votes.cgi in Bugzilla 2.16.3 and earlier, and 2.17.1 through 2.17.4, allows remote attackers to read a user's voting page when that user has voted on a restricted bug, which allows remote attackers to read potentially sensitive voting information by modifying the who parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 2.4 |
describecomponents.cgi in Bugzilla 2.17.3 and 2.17.4 does not properly verify group membership when bug entry groups are used, which allows remote attackers to list component descriptions for otherwise restricted products.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 2.4 |
Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the trash folder when users select the 'Empty Trash' option, which could allow local users to access deleted messages.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 5.0 |
| netscape | navigator | 7.0 |
Netscape Navigator 7.0.2 and Mozilla allows remote attackers to access cookie information in a different domain via an HTTP request for a domain with an extra . (dot) at the end.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-59,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| netscape | navigator | 7.0.2 |
Mozilla before 1.4.2 executes Javascript events in the context of a new page while it is being loaded, allowing it to interact with the previous page (zombie document) and enable cross-domain and cross-site scripting (XSS) attacks, as demonstrated using onmousemove events.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 0.9.2.1 |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 0.9.7 |
| mozilla | mozilla | 1.1 |
| mozilla | mozilla | 0.9.4.1 |
| mozilla | mozilla | 0.9.48 |
| mozilla | mozilla | 1.3.1 |
| mozilla | mozilla | 0.9.3 |
| mozilla | mozilla | 1.2.1 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.0 |
| mozilla | mozilla | 0.9.9 |
| mozilla | mozilla | 0.9.8 |
| mozilla | mozilla | 0.9.5 |
| mozilla | mozilla | 0.9.6 |
| mozilla | mozilla | 1.0.1 |
| mozilla | mozilla | 0.9.2 |
| mozilla | mozilla | 1.0.2 |
| mozilla | mozilla | 0.8 |
| mozilla | mozilla | 0.9.4 |
| mozilla | mozilla | 0.9.35 |
| mozilla | mozilla | 1.2 |
| mozilla | mozilla | 1.4.1 |
Unknown versions of Mozilla allow remote attackers to cause a denial of service (high CPU/RAM consumption) using Javascript with an infinite loop that continues to add input to a form, possibly as the result of inserting control characters, as demonstrated using an embedded ctrl-U.
CVSS 2.0
Severity: LOW
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | * |
Mozilla (Suite) before 1.7.1, Firefox before 0.9.2, and Thunderbird before 0.7.2 allow remote attackers to launch arbitrary programs via a URI referencing the shell: protocol.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | * |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
DBI in Bugzilla 2.17.1 through 2.17.7 displays the database password in an error message when the SQL server is not running, which could allow remote attackers to gain sensitive information.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.17.6 |
Unknown vulnerability in the administrative controls in Bugzilla 2.17.1 through 2.17.7 allows users with "grant membership" privileges to grant memberships to groups that the user does not control.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.17.6 |
Bugzilla 2.17.5 through 2.17.7 embeds the password in an image URL, which could allow local users to view the password in the web server log files.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.17.6 |
SQL injection vulnerability in editusers.cgi in Bugzilla 2.16.x before 2.16.6, and 2.18 before 2.18rc1, allows remote attackers with privileges to grant membership to any group to execute arbitrary SQL.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.17.6 |
The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | navigator | 7.1 |
| mozilla | mozilla | 1.6 |
| firebirdsql | firebird | 0.7 |
Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7.0 and 7.1 and (2) Mozilla 1.6, and possibly earlier versions, allows remote attackers to execute arbitrary code.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | navigator | 7.1 |
| mozilla | mozilla | 1.6 |
| netscape | navigator | 7.0 |
Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, may allow remote POP3 mail servers to execute arbitrary code.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | * |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Mozilla 1.5 through 1.7 allows a CA certificate to be imported even when their DN is the same as that of the built-in CA root certificate, which allows remote attackers to cause a denial of service to SSL pages because the malicious certificate is treated as invalid.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | * |
Mozilla before 1.7 allows remote web servers to read arbitrary files via Javascript that sets the value of an <input type="file"> tag.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | * |
Mozilla allows remote attackers to cause Mozilla to open a URI as a different MIME type than expected via a null character (%00) in an FTP URI.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | * |
Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote attackers to use certain redirect sequences to spoof the security lock icon that makes a web page appear to be encrypted.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | * |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to install arbitrary extensions by using interactive events to manipulate the XPInstall Security dialog box.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | * |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof certificates of trusted web sites via redirects and Javascript that uses the "onunload" method.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.9.2 |
Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | * |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
The cert_TestHostName function in Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, only checks the hostname portion of a certificate when the hostname portion of the URI is not a fully qualified domain name (FQDN), which allows remote attackers to spoof trusted certificates.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | * |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Buffer overflow in LHA allows remote attackers to execute arbitrary code via long pathnames in LHarc format 2 headers for a .LHZ archive, as originally demonstrated using the "x" option but also exploitable through "l" and "v", and fixed in header.c, a different issue than CVE-2004-0771.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | * |
The (1) Mozilla 1.6, (2) Firebird 0.7 and (3) Firefox 0.8 web browsers do not properly verify that cached passwords for SSL encrypted sites are only sent via SSL encrypted sessions to the site, which allows a remote attacker to cause a cached password to be sent in cleartext to a spoofed site.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.6 |
| firebirdsql | firebird | 0.7 |
Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | network_security_services | 3.4.2 |
| netscape | directory_server | 4.13 |
| netscape | enterprise_server | 3.0.1 |
| netscape | enterprise_server | 3.4 |
| mozilla | network_security_services | 3.2 |
| netscape | directory_server | 3.12 |
| sun | one_web_server | 6.0 |
| hp | hp-ux | 11.23 |
| netscape | directory_server | 4.1 |
| netscape | enterprise_server | 3.6 |
| mozilla | network_security_services | 3.7 |
| netscape | certificate_server | 4.2 |
| netscape | enterprise_server | 2.0a |
| sun | one_web_server | 4.1 |
| netscape | enterprise_server | 3.0.7a |
| netscape | enterprise_server | 5.0 |
| sun | one_web_server | 6.1 |
| mozilla | network_security_services | 3.9 |
| sun | java_enterprise_system | 2003q4 |
| mozilla | network_security_services | 3.2.1 |
| mozilla | network_security_services | 3.3.2 |
| netscape | enterprise_server | 3.0.1b |
| hp | hp-ux | 11.11 |
| mozilla | network_security_services | 3.7.5 |
| sun | one_application_server | 6.0 |
| netscape | directory_server | 3.1 |
| sun | java_system_application_server | 7.1 |
| netscape | enterprise_server | 2.0 |
| mozilla | network_security_services | 3.8 |
| netscape | enterprise_server | 3.1 |
| netscape | enterprise_server | 4.1.1 |
| netscape | personalization_engine | * |
| netscape | directory_server | 4.11 |
| mozilla | network_security_services | 3.7.7 |
| netscape | enterprise_server | 3.2 |
| mozilla | network_security_services | 3.7.1 |
| mozilla | network_security_services | 3.5 |
| netscape | enterprise_server | 3.3 |
| hp | hp-ux | 11.00 |
| mozilla | network_security_services | 3.7.2 |
| netscape | enterprise_server | 3.5.1 |
| netscape | enterprise_server | 4.0 |
| netscape | enterprise_server | 3.0 |
| mozilla | network_security_services | 3.6.1 |
| netscape | enterprise_server | 4.1 |
| netscape | enterprise_server | 3.5 |
| mozilla | network_security_services | 3.4 |
| mozilla | network_security_services | 3.6 |
| mozilla | network_security_services | 3.7.3 |
| sun | java_enterprise_system | 2004q2 |
| mozilla | network_security_services | 3.3 |
| mozilla | network_security_services | 3.4.1 |
| sun | java_system_application_server | 7.0 |
| netscape | certificate_server | 1.0 |
| netscape | enterprise_server | 3.0l |
| mozilla | network_security_services | 3.3.1 |
| netscape | enterprise_server | 2.0.1c |
| netscape | directory_server | 1.3 |
Internet Explorer 6.0 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| kde | konqueror | 3.0.2 |
| kde | konqueror | 3.0.3 |
| suse | suse_linux | 1.0 |
| mozilla | firefox | 0.9.2 |
| kde | konqueror | 3.0 |
| kde | konqueror | 3.0.1 |
| kde | konqueror | 3.1.2 |
| microsoft | ie | 6.0 |
| kde | konqueror | 3.1 |
| suse | suse_linux | 8.2 |
| kde | konqueror | 3.1.3 |
| kde | konqueror | 3.0.5b |
| kde | konqueror | 3.1.4 |
| kde | konqueror | 3.2.1 |
| kde | konqueror | 3.0.5 |
| kde | konqueror | 3.1.1 |
| kde | konqueror | 3.1.5 |
| kde | konqueror | 2.2.2 |
| suse | suse_linux | 8 |
| suse | suse_linux | 8.1 |
| kde | konqueror | 2.1.1 |
| kde | konqueror | 2.1.2 |
| suse | suse_linux | 9.0 |
| microsoft | internet_explorer | 6.0 |
| kde | konqueror | 2.2.1 |
| kde | konqueror | 3.2.3 |
Mozilla Firefox 0.9.2 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. NOTE: it was later reported that 2.x is also affected.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| kde | konqueror | 3.0.2 |
| kde | konqueror | 3.0.3 |
| suse | suse_linux | 1.0 |
| mozilla | firefox | 0.9.2 |
| kde | konqueror | 3.0 |
| kde | konqueror | 3.0.1 |
| kde | konqueror | 3.1.2 |
| microsoft | ie | 6.0 |
| kde | konqueror | 3.1 |
| suse | suse_linux | 8.2 |
| kde | konqueror | 3.1.3 |
| kde | konqueror | 3.0.5b |
| kde | konqueror | 3.1.4 |
| kde | konqueror | 3.2.1 |
| kde | konqueror | 3.0.5 |
| kde | konqueror | 3.1.1 |
| kde | konqueror | 3.1.5 |
| kde | konqueror | 2.2.2 |
| suse | suse_linux | 8 |
| suse | suse_linux | 8.1 |
| kde | konqueror | 2.1.1 |
| kde | konqueror | 2.1.2 |
| suse | suse_linux | 9.0 |
| microsoft | internet_explorer | 6.0 |
| kde | konqueror | 2.2.1 |
| kde | konqueror | 3.2.3 |
Mozilla does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection."
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 0.9.2 |
Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| conectiva | linux | 10.0 |
| redhat | enterprise_linux | 2.1 |
| mozilla | thunderbird | 0.7.1 |
| redhat | linux_advanced_workstation | 2.1 |
| suse | suse_linux | 1.0 |
| suse | suse_linux | 8 |
| mozilla | thunderbird | 0.7 |
| suse | suse_linux | 9.1 |
| suse | suse_linux | 8.1 |
| redhat | enterprise_linux_desktop | 3.0 |
| redhat | enterprise_linux | 3.0 |
| redhat | linux | 7.3 |
| mozilla | mozilla | 1.7 |
| redhat | linux | 9.0 |
| suse | suse_linux | 8.2 |
| suse | suse_linux | 9.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | thunderbird | 0.7.2 |
| conectiva | linux | 9.0 |
| mozilla | thunderbird | 0.7.3 |
| redhat | fedora_core | core_1.0 |
| mozilla | mozilla | 1.7.1 |
Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| conectiva | linux | 10.0 |
| redhat | enterprise_linux | 2.1 |
| mozilla | thunderbird | 0.7.1 |
| redhat | linux_advanced_workstation | 2.1 |
| suse | suse_linux | 1.0 |
| suse | suse_linux | 8 |
| mozilla | thunderbird | 0.7 |
| suse | suse_linux | 9.1 |
| suse | suse_linux | 8.1 |
| redhat | enterprise_linux_desktop | 3.0 |
| redhat | enterprise_linux | 3.0 |
| redhat | linux | 7.3 |
| mozilla | mozilla | 1.7 |
| redhat | linux | 9.0 |
| suse | suse_linux | 8.2 |
| suse | suse_linux | 9.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | thunderbird | 0.7.2 |
| conectiva | linux | 9.0 |
| mozilla | thunderbird | 0.7.3 |
| redhat | fedora_core | core_1.0 |
| mozilla | mozilla | 1.7.1 |
Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| conectiva | linux | 10.0 |
| redhat | enterprise_linux | 2.1 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 0.9.2 |
| redhat | enterprise_linux_desktop | 3.0 |
| redhat | enterprise_linux | 3.0 |
| redhat | linux | 7.3 |
| mozilla | mozilla | 1.7 |
| redhat | linux | 9.0 |
| conectiva | linux | 9.0 |
| redhat | fedora_core | core_1.0 |
| netscape | navigator | 7.0 |
| mozilla | mozilla | 1.7.1 |
| netscape | navigator | 7.2 |
| redhat | linux_advanced_workstation | 2.1 |
| netscape | navigator | 7.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | firefox | 0.9 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 0.9.3 |
| netscape | navigator | 7.0.2 |
| mozilla | mozilla | 1.7.2 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.3 |
| conectiva | linux | 10.0 |
| redhat | enterprise_linux | 2.1 |
| suse | suse_linux | 1.0 |
| mozilla | mozilla | 1.1 |
| mozilla | mozilla | 1.3.1 |
| mozilla | firefox | 0.9.2 |
| redhat | enterprise_linux_desktop | 3.0 |
| redhat | enterprise_linux | 3.0 |
| redhat | linux | 7.3 |
| mozilla | mozilla | 1.7 |
| redhat | linux | 9.0 |
| suse | suse_linux | 8.2 |
| mozilla | mozilla | 1.2.1 |
| conectiva | linux | 9.0 |
| redhat | fedora_core | core_1.0 |
| netscape | navigator | 7.0 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
| mozilla | mozilla | 1.0 |
| netscape | navigator | 7.2 |
| redhat | linux_advanced_workstation | 2.1 |
| mozilla | mozilla | 1.0.1 |
| netscape | navigator | 7.1 |
| mozilla | mozilla | 1.6 |
| suse | suse_linux | 8 |
| mozilla | firefox | 0.9.1 |
| mozilla | mozilla | 1.0.2 |
| suse | suse_linux | 9.1 |
| mozilla | firefox | 0.9 |
| suse | suse_linux | 8.1 |
| mozilla | mozilla | 1.2 |
| mozilla | mozilla | 1.4.1 |
| mozilla | firefox | 0.9.3 |
| suse | suse_linux | 9.0 |
| netscape | navigator | 7.0.2 |
| mozilla | mozilla | 1.7.2 |
| mozilla | mozilla | 1.4.2 |
The XPInstall installer in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 sets insecure permissions for certain installed files within xpi packages, which could allow local users to overwrite arbitrary files or execute arbitrary code.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 0.9.2.1 |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 0.9.7 |
| mozilla | thunderbird | 0.4 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | mozilla | 1.1 |
| mozilla | mozilla | 0.9.4.1 |
| mozilla | mozilla | 0.9.48 |
| mozilla | thunderbird | 0.5 |
| mozilla | mozilla | 1.3.1 |
| mozilla | mozilla | 1.4.4 |
| mozilla | mozilla | 0.9.3 |
| mozilla | mozilla | 1.7 |
| mozilla | mozilla | 1.2.1 |
| mozilla | thunderbird | 0.2 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
| mozilla | mozilla | 1.0 |
| mozilla | mozilla | 0.9.9 |
| mozilla | mozilla | 0.9.8 |
| mozilla | mozilla | 0.9.5 |
| mozilla | mozilla | 0.9.6 |
| mozilla | mozilla | 1.0.1 |
| mozilla | mozilla | 0.9.2 |
| mozilla | thunderbird | 0.1 |
| mozilla | mozilla | 1.6 |
| mozilla | thunderbird | 0.7 |
| mozilla | mozilla | 1.0.2 |
| mozilla | mozilla | 0.8 |
| mozilla | thunderbird | 0.3 |
| mozilla | mozilla | 0.9.4 |
| mozilla | thunderbird | 0.6 |
| mozilla | mozilla | 0.9.35 |
| mozilla | mozilla | 1.2 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.7.2 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | mozilla | 1.4.2 |
The Linux install .tar.gz archives for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8, create certain files with insecure permissions, which could allow local users to overwrite those files and execute arbitrary code.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 0.9.2.1 |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 0.9.7 |
| mozilla | thunderbird | 0.4 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | mozilla | 1.1 |
| mozilla | mozilla | 0.9.4.1 |
| mozilla | mozilla | 0.9.48 |
| mozilla | thunderbird | 0.5 |
| mozilla | mozilla | 1.3.1 |
| mozilla | mozilla | 1.4.4 |
| mozilla | mozilla | 0.9.3 |
| mozilla | mozilla | 1.7 |
| mozilla | mozilla | 1.2.1 |
| mozilla | thunderbird | 0.2 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
| mozilla | mozilla | 1.0 |
| mozilla | mozilla | 0.9.9 |
| mozilla | mozilla | 0.9.8 |
| mozilla | mozilla | 0.9.5 |
| mozilla | mozilla | 0.9.6 |
| mozilla | mozilla | 1.0.1 |
| mozilla | mozilla | 0.9.2 |
| mozilla | thunderbird | 0.1 |
| mozilla | mozilla | 1.6 |
| mozilla | thunderbird | 0.7 |
| mozilla | mozilla | 1.0.2 |
| mozilla | mozilla | 0.8 |
| mozilla | thunderbird | 0.3 |
| mozilla | mozilla | 0.9.4 |
| mozilla | thunderbird | 0.6 |
| mozilla | mozilla | 0.9.35 |
| mozilla | mozilla | 1.2 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.7.2 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | mozilla | 1.4.2 |
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows untrusted Javascript code to read and write to the clipboard, and possibly obtain sensitive information, via script-generated events such as Ctrl-Ins.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 0.9.2.1 |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 0.9.7 |
| mozilla | thunderbird | 0.4 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | mozilla | 1.1 |
| mozilla | mozilla | 0.9.4.1 |
| mozilla | mozilla | 0.9.48 |
| mozilla | thunderbird | 0.5 |
| mozilla | mozilla | 1.3.1 |
| mozilla | mozilla | 1.4.4 |
| mozilla | mozilla | 0.9.3 |
| mozilla | mozilla | 1.7 |
| mozilla | mozilla | 1.2.1 |
| mozilla | thunderbird | 0.2 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
| mozilla | mozilla | 1.0 |
| mozilla | mozilla | 0.9.9 |
| mozilla | mozilla | 0.9.8 |
| mozilla | mozilla | 0.9.5 |
| mozilla | mozilla | 0.9.6 |
| mozilla | mozilla | 1.0.1 |
| mozilla | mozilla | 0.9.2 |
| mozilla | thunderbird | 0.1 |
| mozilla | mozilla | 1.6 |
| mozilla | thunderbird | 0.7 |
| mozilla | mozilla | 1.0.2 |
| mozilla | mozilla | 0.8 |
| mozilla | thunderbird | 0.3 |
| mozilla | mozilla | 0.9.4 |
| mozilla | thunderbird | 0.6 |
| mozilla | mozilla | 0.9.35 |
| mozilla | mozilla | 1.2 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.7.2 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | mozilla | 1.4.2 |
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 may allow remote attackers to trick users into performing unexpected actions, including installing software, via signed scripts that request enhanced abilities using the enablePrivilege parameter, then modify the meaning of certain security-relevant dialog messages.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 0.9.2.1 |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 0.9.7 |
| mozilla | thunderbird | 0.4 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | mozilla | 1.1 |
| mozilla | mozilla | 0.9.4.1 |
| mozilla | mozilla | 0.9.48 |
| mozilla | thunderbird | 0.5 |
| mozilla | mozilla | 1.3.1 |
| mozilla | mozilla | 1.4.4 |
| mozilla | mozilla | 0.9.3 |
| mozilla | mozilla | 1.7 |
| mozilla | mozilla | 1.2.1 |
| mozilla | thunderbird | 0.2 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
| mozilla | mozilla | 1.0 |
| mozilla | mozilla | 0.9.9 |
| mozilla | mozilla | 0.9.8 |
| mozilla | mozilla | 0.9.5 |
| mozilla | mozilla | 0.9.6 |
| mozilla | mozilla | 1.0.1 |
| mozilla | mozilla | 0.9.2 |
| mozilla | thunderbird | 0.1 |
| mozilla | mozilla | 1.6 |
| mozilla | thunderbird | 0.7 |
| mozilla | mozilla | 1.0.2 |
| mozilla | mozilla | 0.8 |
| mozilla | thunderbird | 0.3 |
| mozilla | mozilla | 0.9.4 |
| mozilla | thunderbird | 0.6 |
| mozilla | mozilla | 0.9.35 |
| mozilla | mozilla | 1.2 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.7.2 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | mozilla | 1.4.2 |
Cross-site scripting (XSS) vulnerability in Bugzilla before 2.18, including 2.16.x before 2.16.11, allows remote attackers to inject arbitrary HTML and web script via forced error messages, as demonstrated using the action parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.16.11 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 2.16.4 |
Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 0.9.2.1 |
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 0.9.7 |
| mozilla | mozilla | 1.1 |
| mozilla | mozilla | 0.9.4.1 |
| mozilla | mozilla | 0.9.48 |
| mozilla | mozilla | 1.3.1 |
| mozilla | firefox | 0.9.2 |
| mozilla | mozilla | 0.9.3 |
| mozilla | mozilla | 1.7 |
| mozilla | mozilla | 1.2.1 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
| mozilla | mozilla | 1.0 |
| mozilla | mozilla | 0.9.9 |
| mozilla | mozilla | 0.9.8 |
| mozilla | mozilla | 1.7.3 |
| mozilla | mozilla | 0.9.5 |
| mozilla | mozilla | 0.9.6 |
| mozilla | mozilla | 1.0.1 |
| mozilla | mozilla | 0.9.2 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 0.9.1 |
| mozilla | mozilla | 1.0.2 |
| mozilla | mozilla | 0.8 |
| mozilla | mozilla | 0.9.4 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 0.9.35 |
| mozilla | mozilla | 1.2 |
| mozilla | mozilla | 1.4.1 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | mozilla | 1.4.2 |
Firefox and Mozilla allow remote attackers to cause a denial of service (application crash from memory consumption), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.9 |
| mozilla | firefox | 0.8 |
| mozilla | firefox | preview_release |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 0.9.2 |
Heap-based buffer overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol.cpp for Mozilla 1.7.3 and earlier allows remote attackers to cause a denial of service (application crash) via an NNTP URL (news:) with a trailing '\' (backslash) character, which prevents a string from being NULL terminated.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | * |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.7.3 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 1.7 |
| mozilla | mozilla | 1.6 |
| mozilla | mozilla | 1.7.2 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
Firefox before 1.0 and Mozilla before 1.7.5 allows inactive (background) tabs to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows and facilitate phishing attacks, aka the "Dialog Box Spoofing Vulnerability."
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | mozilla | * |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.7.3 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 0.9.3 |
| mozilla | mozilla | 1.7.2 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
Firefox before 1.0 and Mozilla before 1.7.5 allow inactive (background) tabs to focus on input being entered in the active tab, as originally reported using form fields, which allows remote attackers to steal sensitive data that is intended for other sites, which could facilitate phishing attacks.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | mozilla | * |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.7.3 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 0.9.3 |
| mozilla | mozilla | 1.7.2 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7 allows remote attackers to determine the location of files on a user's hard drive by obscuring a file upload control and tricking the user into dragging text into that control.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 0.9.2.1 |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 0.9.7 |
| mozilla | thunderbird | 0.4 |
| mozilla | mozilla | 1.1 |
| mozilla | mozilla | 0.9.4.1 |
| mozilla | mozilla | 0.9.48 |
| firebirdsql | firebird | 0.7 |
| mozilla | thunderbird | 0.5 |
| mozilla | mozilla | 1.3.1 |
| mozilla | mozilla | 1.4.4 |
| mozilla | mozilla | 0.9.3 |
| mozilla | mozilla | 1.2.1 |
| mozilla | thunderbird | 0.2 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.0 |
| mozilla | mozilla | 0.9.9 |
| mozilla | mozilla | 0.9.8 |
| mozilla | mozilla | 0.9.5 |
| mozilla | mozilla | 0.9.6 |
| mozilla | mozilla | 1.0.1 |
| mozilla | mozilla | 0.9.2 |
| mozilla | thunderbird | 0.1 |
| mozilla | mozilla | 1.6 |
| mozilla | mozilla | 1.0.2 |
| mozilla | mozilla | 0.8 |
| mozilla | thunderbird | 0.3 |
| mozilla | mozilla | 0.9.4 |
| mozilla | thunderbird | 0.6 |
| mozilla | mozilla | 0.9.35 |
| mozilla | mozilla | 1.2 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.4.2 |
Unknown vulnerability in LiveConnect in Mozilla 1.7 beta allows remote attackers to read arbitrary files in known locations.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 1.7 |
Mozilla before 1.6 does not display the entire URL in the status bar when a link contains %00, which could allow remote attackers to trick users into clicking on unknown or untrusted sites and facilitate phishing attacks.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 0.9.2.1 |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 0.9.7 |
| mozilla | mozilla | 1.1 |
| mozilla | mozilla | 0.9.4.1 |
| mozilla | mozilla | 0.9.48 |
| mozilla | mozilla | 1.3.1 |
| mozilla | mozilla | 1.4.4 |
| mozilla | mozilla | 0.9.3 |
| mozilla | mozilla | 1.2.1 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.0 |
| mozilla | mozilla | 0.9.9 |
| mozilla | mozilla | 0.9.8 |
| mozilla | mozilla | 0.9.5 |
| mozilla | mozilla | 0.9.6 |
| mozilla | mozilla | 1.0.1 |
| mozilla | mozilla | 0.9.2 |
| mozilla | mozilla | 1.0.2 |
| mozilla | mozilla | 0.8 |
| mozilla | mozilla | 0.9.4 |
| mozilla | mozilla | 0.9.35 |
| mozilla | mozilla | 1.2 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.4.2 |
Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 1.3 |
| redhat | enterprise_linux | 2.1 |
| mozilla | mozilla | 1.1 |
| sgi | propack | 3.0 |
| mozilla | mozilla | 1.3.1 |
| redhat | enterprise_linux_desktop | 3.0 |
| redhat | enterprise_linux | 3.0 |
| redhat | linux | 7.3 |
| mozilla | mozilla | 1.4.4 |
| mozilla | mozilla | 1.7 |
| redhat | linux | 9.0 |
| mozilla | mozilla | 1.2.1 |
| redhat | fedora_core | core_1.0 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
| mozilla | mozilla | 1.0 |
| mozilla | mozilla | 1.7.3 |
| redhat | linux_advanced_workstation | 2.1 |
| mozilla | mozilla | 1.0.1 |
| mozilla | mozilla | 1.6 |
| redhat | fedora_core | core_2.0 |
| mozilla | mozilla | 1.0.2 |
| mozilla | mozilla | 1.8 |
| mozilla | mozilla | 1.2 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.7.2 |
| mozilla | mozilla | 1.4.2 |
Mozilla allows remote attackers to cause a denial of service (application crash from invalid memory access) via an "unusual combination of visual elements," including several large MARQUEE tags with large height parameters, as demonstrated by mangleme.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.7.3 |
| mozilla | mozilla | 1.0.1 |
| mozilla | mozilla | 1.6 |
| mozilla | mozilla | 1.1 |
| mozilla | mozilla | 1.0.2 |
| mozilla | mozilla | 1.3.1 |
| mozilla | mozilla | 1.8 |
| mozilla | mozilla | 1.2 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.7 |
| mozilla | mozilla | 1.2.1 |
| mozilla | mozilla | 1.7.2 |
| mozilla | mozilla | 1.4.2 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
| mozilla | mozilla | 1.0 |
process_bug.cgi in Bugzilla 2.9 through 2.18rc2 and 2.19 from CVS does not check edit permissions on the keywords field, which allows remote authenticated users to modify the keywords in a bug via the keywordaction parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 2.9 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.17.6 |
show_bug.cgi in Bugzilla 2.17.1 through 2.18rc2 and 2.19 from CVS, when using the insidergroup feature and exporting a bug to XML, shows comments and attachment summaries which are marked as private, which allows remote attackers to gain sensitive information.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.17.6 |
The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, and Firefox 0.9.3 on MacOS X 10.3.5, when tabbed browsing is enabled, does not properly handle SetWindow(NULL) calls, which allows Java applets from one tab to draw to other tabs and facilitates phishing attacks that spoof tabs.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | navigator | 7.2 |
| netscape | navigator | 7.1 |
| mozilla | firefox | 0.9.3 |
| mozilla | mozilla | 1.7.2 |
Mozilla Firefox before 0.10.1 allows remote attackers to delete arbitrary files in the download directory via a crafted data: URI that is not properly handled when the user clicks the Save button.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.9 |
| mozilla | firefox | 0.8 |
| mozilla | firefox | preview_release |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 0.9.2 |
Mozilla Mail 1.7.1 and 1.7.3, and Thunderbird before 0.9, when HTML-Mails is enabled, allows remote attackers to determine valid e-mail addresses via an HTML e-mail that references a Cascading Style Sheets (CSS) document on the attacker's server.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | thunderbird | 1.7.1 |
Mozilla Firefox before 1.0 truncates long filenames in the file download dialog box, which makes it easier for remote attackers to trick users into downloading files with dangerous extensions.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.9 |
| mozilla | firefox | 0.8 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 0.9.2 |
Mozilla Firefox 1.5.0.1, and possibly other versions, preserves some records of user activity even after uninstalling, which allows local users who share a Windows profile to view the records after a new installation of Firefox, as reported for the list of Passwords Never Saved web sites. NOTE: The vendor has disputed this issue, stating that "The uninstaller is primarily there to uninstall the application. It is not there to uninstall user data. For the moment I will stick by my module-owner decision.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.5.0.1 |
Opera offers an Open button to verify that a user wishes to execute a downloaded file, which allows user-assisted remote attackers to construct a race condition that tricks a user into clicking Open via a request for a different mouse or keyboard action very shortly before the Open dialog appears. NOTE: this is a different issue than CVE-2005-2407.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | - |
| opera | opera_browser | - |
Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to load local files via links "with a custom getter and toString method" that are middle-clicked by the user to be opened in a new tab.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.9 |
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.7.3 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 0.9.3 |
| mozilla | mozilla | 1.7.2 |
| mozilla | firefox | 0.9.1 |
| mozilla | mozilla | 1.7.1 |
| mozilla | firefox | 0.9.2 |
Firefox 0.9, Thunderbird 0.6 and other versions before 0.9, and Mozilla 1.7 before 1.7.5 save temporary files with world-readable permissions, which allows local users to read certain web content or attachments that belong to other users, e.g. content that is managed by helper applications such as PDF.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.9 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 0.6 |
| mozilla | mozilla | 1.7.3 |
| mozilla | mozilla | 1.7 |
| mozilla | mozilla | 1.7.2 |
| mozilla | thunderbird | 0.7 |
| mozilla | mozilla | 1.7.1 |
Firefox before 1.0 and Mozilla before 1.7.5 display the SSL lock icon when an insecure page loads a binary file from a trusted site, which could facilitate phishing attacks.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 0.9.2.1 |
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 0.9.7 |
| mozilla | mozilla | 1.1 |
| mozilla | mozilla | 0.9.4.1 |
| mozilla | mozilla | 0.9.48 |
| mozilla | mozilla | 1.3.1 |
| mozilla | firefox | 0.9.2 |
| mozilla | mozilla | 1.4.4 |
| mozilla | mozilla | 0.9.3 |
| mozilla | mozilla | 1.7 |
| mozilla | mozilla | 1.2.1 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
| mozilla | mozilla | 1.0 |
| mozilla | mozilla | * |
| mozilla | mozilla | 0.9.9 |
| mozilla | mozilla | 0.9.8 |
| mozilla | mozilla | 1.7.3 |
| mozilla | mozilla | 0.9.5 |
| mozilla | mozilla | 0.9.6 |
| mozilla | mozilla | 1.0.1 |
| mozilla | mozilla | 0.9.2 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 0.9.1 |
| mozilla | mozilla | 1.0.2 |
| mozilla | mozilla | 0.8 |
| mozilla | mozilla | 0.9.4 |
| mozilla | mozilla | 1.8 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.7.5 |
| mozilla | mozilla | 0.9.35 |
| mozilla | mozilla | 1.2 |
| mozilla | mozilla | 1.4.1 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | mozilla | 1.4.2 |
Firefox before 1.0 and Mozilla before 1.7.5 display the secure site lock icon when a view-source: URL references a secure SSL site while an insecure page is being loaded, which could facilitate phishing attacks.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.9 |
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.7.3 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 0.9.3 |
| mozilla | mozilla | 1.7.2 |
| mozilla | firefox | 0.9.1 |
| mozilla | mozilla | 1.7.1 |
| mozilla | firefox | 0.9.2 |
Firefox before 1.0 does not properly distinguish between user-generated and synthetic click events, which allows remote attackers to use Javascript to bypass the file download prompt when the user uses the Alt-click feature.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.9 |
| mozilla | firefox | 0.8 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 0.9.2 |
Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to obtain sensitive data from the clipboard via Javascript that generates a middle-click event on systems for which a middle-click performs a paste operation.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.9 |
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.7.3 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 0.9.3 |
| mozilla | mozilla | 1.7.2 |
| mozilla | firefox | 0.9.1 |
| mozilla | mozilla | 1.7.1 |
| mozilla | firefox | 0.9.2 |
Firefox before 1.0 and Mozilla before 1.7.5, when configured to use a proxy, respond to 407 proxy auth requests from arbitrary servers, which allows remote attackers to steal NTLM or SPNEGO credentials.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.9 |
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.7.3 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 0.9.3 |
| mozilla | mozilla | 1.7.2 |
| mozilla | firefox | 0.9.1 |
| mozilla | mozilla | 1.7.1 |
| mozilla | firefox | 0.9.2 |
Thunderbird before 0.9, when running on Windows systems, uses the default handler when processing javascript: links, which invokes Internet Explorer and may expose the Thunderbird user to vulnerabilities in the version of Internet Explorer that is installed on the user's system. NOTE: since the invocation between multiple products is a common practice, and the vulnerabilities inherent in multi-product interactions are not easily enumerable, this issue might be REJECTED in the future.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 0.6 |
| mozilla | thunderbird | 0.7 |
Thunderbird 0.6 through 0.9 and Mozilla 1.7 through 1.7.3 does not obey the network.cookie.disableCookieForMailNews preference, which could allow remote attackers to bypass the user's intended privacy and security policy by using cookies in e-mail messages.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 0.6 |
| mozilla | mozilla | 1.7.3 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | mozilla | 1.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | mozilla | 1.7.2 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | mozilla | 1.7.1 |
Firefox before 1.0 allows the user to store a (1) javascript: or (2) data: URLs as a Livefeed bookmark, then executes it in the security context of the currently loaded page when the user later accesses the bookmark, which could allow remote attackers to execute arbitrary code.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.9 |
| mozilla | firefox | 0.8 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 0.9.2 |
Mozilla 1.6 and possibly other versions allows remote attackers to cause a denial of service (application crash) via a XBM (X BitMap) file with a large (1) height or (2) width value.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 1.6 |
Firefox 1.0 does not prevent the user from dragging an executable file to the desktop when it has an image/gif content type but has a dangerous extension such as .bat or .exe, which allows remote attackers to bypass the intended restriction and execute arbitrary commands via malformed GIF files that can still be parsed by the Windows batch file parser, aka "firedragging."
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0 |
Firefox 1.0 does not invoke the Javascript Security Manager when a user drags a javascript: or data: URL to a tab, which allows remote attackers to bypass the security model, aka "firetabbing."
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0 |
Firefox 1.0 allows remote attackers to modify Boolean configuration parameters for the about:config site by using a plugin such as Flash, and the -moz-opacity filter, to display the about:config site then cause the user to double-click at a certain screen position, aka "Fireflashing."
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0 |
The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | * |
| opera | opera_browser | * |
| mozilla | camino | 0.8.5 |
| mozilla | firefox | 1.0 |
| omnigroup | omniweb | 5 |
| opera_software | opera_web_browser | 7.54 |
The International Domain Name (IDN) support in Epiphany allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | * |
| gnome | epiphany | * |
| opera | opera_browser | * |
| mozilla | camino | 0.8.5 |
| omnigroup | omniweb | 5 |
String handling functions in Mozilla 1.7.3, Firefox 1.0, and Thunderbird before 1.0.2, such as the nsTSubstring_CharT::Replace function, do not properly check the return values of other functions that resize the string, which allows remote attackers to cause a denial of service and possibly execute arbitrary code by forcing an out-of-memory state that causes a reallocation to fail and return a pointer to a fixed address, which leads to heap corruption.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | mozilla | 1.7.3 |
| mozilla | thunderbird | 0.4 |
| mozilla | thunderbird | 0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 0.2 |
Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | thunderbird | 1.0 |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.5.1 |
| mozilla | thunderbird | 0.4 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | thunderbird | 0.8 |
| mozilla | mozilla | 1.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | firefox | 0.10.1 |
| mozilla | thunderbird | 0.2 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
| mozilla | mozilla | 1.7.3 |
| mozilla | thunderbird | 0.1 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 0.3 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.7.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | mozilla | 1.4.1 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | thunderbird | 1.0.1 |
FireFox 1.0.1 and Mozilla before 1.7.6 do not sufficiently address all attack vectors for loading chrome files and hijacking drag and drop events, which allows remote attackers to execute arbitrary XUL code by tricking a user into dragging a scrollbar, a variant of CVE-2005-0527, aka "Firescrolling 2."
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.7.3 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.7.5 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
Firefox before 1.0.2 allows remote attackers to execute arbitrary code by tricking a user into saving a page as a Firefox sidebar panel, then using the sidebar panel to inject Javascript into a privileged page.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.9 |
| mozilla | firefox | 0.8 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 0.9.2 |
Firefox 1.0 allows remote attackers to execute arbitrary code via plugins that load "privileged content" into frames, as demonstrated using certain XUL events when a user drags a scrollbar two times, aka "Firescrolling."
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0 |
Firefox before 1.0.1 and Mozilla Suite before 1.7.6 use a predictable filename for the plugin temporary directory, which allows local users to delete arbitrary files of other users via a symlink attack on the plugtmp directory.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.7.3 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.7.5 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
Firefox before 1.0.1 and Mozilla before 1.7.6, when displaying the HTTP Authentication dialog, do not change the focus to the tab that generated the prompt, which could facilitate spoofing and phishing attacks.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.7.3 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.7.5 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
Firefox before 1.0.1 and Mozilla before 1.7.6 truncates long sub-domains or paths for display, which may allow remote malicious web sites to spoof legitimate sites and facilitate phishing attacks.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.7.3 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.7.5 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to spoof the extensions of files to download via the Content-Disposition header, which could be used to trick users into downloading dangerous content.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.7.3 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.7.5 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to overwrite arbitrary files by tricking the user into downloading a .LNK (link) file twice, which overwrites the file that was referenced in the first .LNK file.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-59,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | * |
| mozilla | firefox | * |
Firefox before 1.0.1 and Mozilla before 1.7.6 does not restrict xsl:include and xsl:import tags in XSLT stylesheets to the current domain, which allows remote attackers to determine the existence of files on the local system.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.7.3 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.7.5 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
The Form Fill feature in Firefox before 1.0.1 allows remote attackers to steal potentially sensitive information via an input control that monitors the values that are generated by the autocomplete capability.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.9 |
| mozilla | firefox | 0.8 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 0.9.2 |
The installation confirmation dialog in Firefox before 1.0.1, Thunderbird before 1.0.1, and Mozilla before 1.7.6 allows remote attackers to use InstallTrigger to spoof the hostname of the host performing the installation via a long "user:pass" sequence in the URL, which appears before the real hostname.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | thunderbird | 1.0 |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.5.1 |
| mozilla | thunderbird | 0.4 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | thunderbird | 0.8 |
| mozilla | mozilla | 1.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | firefox | 0.10.1 |
| mozilla | thunderbird | 0.2 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
| mozilla | mozilla | 1.7.3 |
| mozilla | thunderbird | 0.1 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 0.9.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 0.3 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.7.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | mozilla | 1.4.1 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
Firefox before 1.0.1 allows remote attackers to spoof the (1) security and (2) download modal dialog boxes, which could be used to trick users into executing script or downloading and executing a file, aka "Firespoofing."
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.9 |
| mozilla | firefox | 0.8 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 0.9.2 |
Heap-based buffer overflow in the UTF8ToNewUnicode function for Firefox before 1.0.1 and Mozilla before 1.7.6 might allow remote attackers to cause a denial of service (crash) or execute arbitrary code via invalid sequences in a UTF8 encoded string that result in a zero length value.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.7.3 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.7.5 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote attackers to spoof the SSL "secure site" lock icon via (1) a web site that does not finish loading, which shows the lock of the previous site, (2) a non-HTTP server that uses SSL, which causes the lock to be displayed when the SSL handshake is completed, or (3) a URL that generates an HTTP 204 error, which updates the icon and location information but does not change the display of the original site.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.7.3 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.7.5 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
The Plugin Finder Service (PFS) in Firefox before 1.0.3 allows remote attackers to execute arbitrary code via a javascript: URL in the PLUGINSPAGE attribute of an EMBED tag.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.9 |
| mozilla | firefox | 0.8 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 0.9.2 |
The find_replen function in jsstr.c in the Javascript engine for Mozilla Suite 1.7.6, Firefox 1.0.1 and 1.0.2, and Netscape 7.2 allows remote attackers to read portions of heap memory in a Javascript string via the lambda replace method.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.2 |
| netscape | navigator | 7.2 |
| mozilla | firefox | 1.0.1 |
| mozilla | mozilla | 1.7.6 |
Firefox before 1.0.3 and Mozilla Suite before 1.7.7, when blocking a popup, allows remote attackers to execute arbitrary code via a javascript: URL that is executed when the user selects the "Show javascript" option.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.7.3 |
| mozilla | firefox | 1.0.2 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.9.2 |
| mozilla | mozilla | 1.7.6 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.7.5 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to execute arbitrary script in other domains via a setter function for a variable in the target domain, which is executed when the user visits that domain, aka "Cross-site scripting through global scope pollution."
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.7.3 |
| mozilla | firefox | 1.0.2 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.9.2 |
| mozilla | mozilla | 1.7.6 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.7.5 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
The favicon functionality in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to execute arbitrary code via a <LINK rel="icon"> tag with a javascript: URL in the href attribute, aka "Firelinking."
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.7.3 |
| mozilla | firefox | 1.0.2 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.9.2 |
| mozilla | mozilla | 1.7.6 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.7.5 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to execute arbitrary script and code via a new search plugin using sidebar.addSearchEngine, aka "Firesearching 1."
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.7.3 |
| mozilla | firefox | 1.0.2 |
| mozilla | mozilla | 1.5.1 |
| netscape | navigator | 7.2 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.9.2 |
| mozilla | mozilla | 1.7.6 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.7.5 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to replace existing search plugins with malicious ones using sidebar.addSearchEngine and the same filename as the target engine, which may not be displayed in the GUI, which could then be used to execute malicious script, aka "Firesearching 2."
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.7.3 |
| mozilla | firefox | 1.0.2 |
| mozilla | mozilla | 1.5.1 |
| netscape | navigator | 7.2 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.9.2 |
| mozilla | mozilla | 1.7.6 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.7.5 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
Multiple "missing security checks" in Firefox before 1.0.3 allow remote attackers to inject arbitrary Javascript into privileged pages using the _search target of the Firefox sidebar.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.9 |
| mozilla | firefox | 0.8 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 0.9.2 |
The native implementations of InstallTrigger and other functions in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 do not properly verify the types of objects being accessed, which causes the Javascript interpreter to continue execution at the wrong memory address, which may allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code by passing objects of the wrong type.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.7.3 |
| mozilla | firefox | 1.0.2 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.9.2 |
| mozilla | mozilla | 1.7.6 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.7.5 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
The privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to gain privileges by overriding certain properties or methods of DOM nodes, as demonstrated using multiple attacks involving the eval function or the Script object.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.7.3 |
| mozilla | firefox | 1.0.2 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.9.2 |
| mozilla | mozilla | 1.7.6 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.7.5 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
Firefox 1.0.3 allows remote attackers to execute arbitrary Javascript in other domains by using an IFRAME and causing the browser to navigate to a previous javascript: URL, which can lead to arbitrary code execution when combined with CVE-2005-1477.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The install function in Firefox 1.0.3 allows remote web sites on the browser's whitelist, such as update.mozilla.org or addon.mozilla.org, to execute arbitrary Javascript with chrome privileges, leading to arbitrary code execution on the system when combined with vulnerabilities such as CVE-2005-1476, as demonstrated using a javascript: URL as the package icon and a cross-site scripting (XSS) attack on a vulnerable whitelist site.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.3 |
Firefox before 1.0.4 and Mozilla Suite before 1.7.8 does not properly implement certain security checks for script injection, which allows remote attackers to execute script via "Wrapped" javascript: URLs, as demonstrated using (1) a javascript: URL in a view-source: URL, (2) a javascript: URL in a jar: URL, or (3) "a nested variant."
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | mozilla | * |
| mozilla | mozilla | 1.7.3 |
| mozilla | firefox | 1.0.2 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.9.2 |
| mozilla | mozilla | 1.7.6 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.7.5 |
| mozilla | firefox | 1.0.3 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
| mozilla | mozilla | 1.7.7 |
Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly limit privileges of Javascript eval and Script objects in the calling context, which allows remote attackers to conduct unauthorized activities via "non-DOM property overrides," a variant of CVE-2005-1160.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.3 |
| mozilla | firefox | 1.0.2 |
| mozilla | mozilla | 1.5.1 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
| mozilla | mozilla | 1.7.3 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | mozilla | 1.7.6 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.7.5 |
| mozilla | mozilla | 1.4.1 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | mozilla | 1.7.7 |
Bugzilla 2.10 through 2.18, 2.19.1, and 2.19.2 displays a different error message depending on whether a product exists or not, which allows remote attackers to determine hidden products.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 2.18.1 |
post_bug.cgi in Bugzilla 2.10 through 2.18, 2.19.1, and 2.19.2 allows remote authenticated users to "enter bugs into products that are closed for bug entry" by modifying the URL to specify the name of the product.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 2.17.6 |
Bugzilla 2.17.1 through 2.18, 2.19.1, and 2.19.2, when a user is prompted to log in while attempting to view a chart, displays the password in the URL, which may allow local users to gain sensitive information from web logs or browser history.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 2.17.6 |
The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows allows remote attackers to hide the real file types of downloaded files via the Content-Type HTTP header and a filename containing whitespace, dots, or ASCII byte 160.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0 |
| mozilla | firefox | 0.10.1 |
The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows uses the Content-Type HTTP header to determine the file type, but saves the original file extension when "Save to Disk" is selected, which allows remote attackers to hide the real file types of downloaded files.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0 |
| mozilla | firefox | 0.10.1 |
A regression error in Firefox 1.0.3 and Mozilla 1.7.7 allows remote attackers to inject arbitrary Javascript from one page into the frameset of another site, aka the frame injection spoofing vulnerability, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2004-0718.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.3 |
| mozilla | mozilla | 1.7.7 |
Mozilla 1.7.8, Firefox 1.0.4, Camino 0.8.4, Netscape 8.0.2, and K-Meleon 0.9, and possibly other products that use the Gecko engine, allow remote attackers to cause a denial of service (application crash) via JavaScript that repeatedly calls an empty function.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | camino | 0.8.4 |
| mozilla | mozilla | 1.7.8 |
| mozilla | firefox | 1.0.4 |
The Flag::validate and Flag::modify functions in Bugzilla 2.17.1 to 2.18.1 and 2.19.1 to 2.19.3 do not verify that the flag ID is appropriate for the given bug or attachment ID, which allows users to change flags on arbitrary bugs and obtain a bug summary via process_bug.cgi.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 2.18.1 |
Bugzilla 2.17.x, 2.18 before 2.18.2, 2.19.x, and 2.20 before 2.20rc1 inserts a bug into the database before it is marked private, which introduces a race condition and allows attackers to access information about the bug via buglist.cgi before MySQL replication is complete.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 2.18.1 |
The browser user interface in Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 and 7.2 does not properly distinguish between user-generated events and untrusted synthetic events, which makes it easier for remote attackers to perform dangerous actions that normally could only be performed manually by the user.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.3 |
| mozilla | firefox | 1.0.2 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 1.7.8 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
| mozilla | mozilla | 1.7.3 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | mozilla | 1.7.6 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.7.5 |
| mozilla | mozilla | 1.4.1 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | mozilla | 1.7.7 |
Firefox before 1.0.5, Thunderbird before 1.0.5, Mozilla before 1.7.9, Netscape 8.0.2, and K-Meleon 0.9 runs XBL scripts even when Javascript has been disabled, which makes it easier for remote attackers to bypass such protection.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | thunderbird | 1.0 |
| mozilla | mozilla | 1.3 |
| mozilla | firefox | 1.0.2 |
| mozilla | mozilla | 1.5.1 |
| mozilla | thunderbird | 0.4 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | mozilla | 1.7.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | thunderbird | 0.8 |
| mozilla | firefox | 1.0.3 |
| mozilla | mozilla | 1.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 0.10.1 |
| mozilla | thunderbird | 0.2 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
| mozilla | mozilla | 1.7.3 |
| mozilla | thunderbird | 0.1 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 0.9.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 0.3 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | mozilla | 1.7.6 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.7.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | mozilla | 1.4.1 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | mozilla | 1.7.2 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | mozilla | 1.7.7 |
Firefox 1.0.3 and 1.0.4, and Netscape 8.0.2, allows remote attackers to execute arbitrary code by tricking the user into using the "Set As Wallpaper" (in Firefox) or "Set as Background" (in Netscape) context menu on an image URL that is really a javascript: URL with an eval statement, aka "Firewalling."
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.0.4 |
The InstallTrigger.install method in Firefox before 1.0.5 and Mozilla before 1.7.9 allows remote attackers to execute a callback function in the context of another domain by forcing a page navigation after the install method has been called, which causes the callback to be run in the context of the new page and results in a same origin violation.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.3 |
| mozilla | firefox | 1.0.2 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 1.7.8 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
| mozilla | mozilla | 1.7.3 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | mozilla | 1.7.6 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.7.5 |
| mozilla | mozilla | 1.4.1 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | mozilla | 1.7.7 |
Firefox before 1.0.5 allows remote attackers to steal sensitive information by opening a malicious link in the Firefox sidebar using the _search target, then injecting script into other pages via a data: URL.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 and 7.2 allows remote attackers to cause a denial of service (access violation and crash), and possibly execute arbitrary code, by calling InstallVersion.compareTo with an object instead of a string.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.3 |
| mozilla | firefox | 1.0.2 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 1.7.8 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
| mozilla | mozilla | 1.7.3 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | mozilla | 1.7.6 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.7.5 |
| mozilla | mozilla | 1.4.1 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | mozilla | 1.7.7 |
Firefox before 1.0.5 and Mozilla before 1.7.9 allows a child frame to call top.focus and other methods in a parent frame, even when the parent is in a different domain, which violates the same origin policy and allows remote attackers to steal sensitive information such as cookies and passwords from web sites whose child frames do not verify that they are in the same domain as their parents.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.3 |
| mozilla | firefox | 1.0.2 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 1.7.8 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
| mozilla | mozilla | 1.7.3 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | mozilla | 1.7.6 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.7.5 |
| mozilla | mozilla | 1.4.1 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | mozilla | 1.7.7 |
Firefox before 1.0.5 allows remote attackers to steal information and possibly execute arbitrary code by using standalone applications such as Flash and QuickTime to open a javascript: URL, which is run in the context of the previous page, and may lead to code execution if the standalone application loads a privileged chrome: URL.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
Firefox before 1.0.5 and Mozilla before 1.7.9 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability."
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.3 |
| mozilla | firefox | 1.0.2 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 1.7.8 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
| mozilla | mozilla | 1.7.3 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | mozilla | 1.7.6 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.7.5 |
| mozilla | mozilla | 1.4.1 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | mozilla | 1.7.7 |
Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not properly verify the associated types of DOM node names within the context of their namespaces, which allows remote attackers to modify certain tag properties, possibly leading to execution of arbitrary script or code, as demonstrated using an XHTML document with IMG tags with custom properties ("XHTML node spoofing").
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.3 |
| mozilla | firefox | 1.0.2 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 1.7.8 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
| mozilla | mozilla | 1.7.3 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | mozilla | 1.7.6 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.7.5 |
| mozilla | mozilla | 1.4.1 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | mozilla | 1.7.7 |
Firefox before 1.0.5 and Mozilla before 1.7.9 does not properly clone base objects, which allows remote attackers to execute arbitrary code by navigating the prototype chain to reach a privileged object.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | mozilla | 1.3 |
| mozilla | firefox | 1.0.2 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 1.7.8 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
| mozilla | mozilla | 1.7.3 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | mozilla | 1.7.6 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.7.5 |
| mozilla | mozilla | 1.4.1 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | mozilla | 1.7.7 |
run-mozilla.sh in Thunderbird, with debugging enabled, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.5.0.9 |
Mozilla Firefox 1.0.4 and 1.0.5 does not choose the challenge with the strongest authentication scheme available as required by RFC2617, which might cause credentials to be sent in plaintext even if an encrypted channel is available.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.0.5 |
Firefox, when opening Microsoft Word documents, does not properly set the permissions on shared sections, which allows remote attackers to write arbitrary data to open applications in Microsoft Office.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 2.0 |
Mozilla Thunderbird 1.0 and Firefox 1.0.6 allows remote attackers to obfuscate URIs via a long URI, which causes the address bar to go blank and could facilitate phishing attacks.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.6 |
| mozilla | thunderbird | 1.0 |
Heap-based buffer overflow in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to execute arbitrary code via an XBM image file that ends in a large number of spaces instead of the expected end tag.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.2 |
| mozilla | mozilla_suite | 1.7.8 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | mozilla_suite | 1.7.7 |
| mozilla | firefox | * |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla_suite | 1.7.6 |
| mozilla | firefox | 1.0.4 |
| mozilla | mozilla_suite | * |
| mozilla | mozilla_suite | 1.7.10 |
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Unicode sequences with "zero-width non-joiner" characters.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.2 |
| mozilla | mozilla_suite | 1.7.8 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | mozilla_suite | 1.7.7 |
| mozilla | firefox | * |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla_suite | 1.7.6 |
| mozilla | firefox | 1.0.4 |
| mozilla | mozilla_suite | * |
| mozilla | mozilla_suite | 1.7.10 |
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smuggling and HTTP request splitting.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.2 |
| mozilla | mozilla_suite | 1.7.8 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | mozilla_suite | 1.7.7 |
| mozilla | firefox | * |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla_suite | 1.7.6 |
| mozilla | firefox | 1.0.4 |
| mozilla | mozilla_suite | * |
| mozilla | mozilla_suite | 1.7.10 |
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spoof DOM objects via an XBL control that implements an internal XPCOM interface.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.2 |
| mozilla | mozilla_suite | 1.7.8 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | mozilla_suite | 1.7.7 |
| mozilla | firefox | * |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla_suite | 1.7.6 |
| mozilla | firefox | 1.0.4 |
| mozilla | mozilla_suite | * |
| mozilla | mozilla_suite | 1.7.10 |
Integer overflow in the JavaScript engine in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 might allow remote attackers to execute arbitrary code.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.2 |
| mozilla | mozilla_suite | 1.7.8 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | mozilla_suite | 1.7.7 |
| mozilla | firefox | * |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla_suite | 1.7.6 |
| mozilla | firefox | 1.0.4 |
| mozilla | mozilla_suite | * |
| mozilla | mozilla_suite | 1.7.10 |
Firefox before 1.0.7 and Mozilla before Suite 1.7.12 allows remote attackers to execute Javascript with chrome privileges via an about: page such as about:mozilla.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.2 |
| mozilla | mozilla_suite | 1.7.8 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | mozilla_suite | 1.7.7 |
| mozilla | firefox | * |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla_suite | 1.7.6 |
| mozilla | firefox | 1.0.4 |
| mozilla | mozilla_suite | * |
| mozilla | mozilla_suite | 1.7.10 |
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spawn windows without user interface components such as the address and status bar, which could be used to conduct spoofing or phishing attacks.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.2 |
| mozilla | mozilla_suite | 1.7.8 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | mozilla_suite | 1.7.7 |
| mozilla | firefox | * |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla_suite | 1.7.6 |
| mozilla | firefox | 1.0.4 |
| mozilla | mozilla_suite | * |
| mozilla | mozilla_suite | 1.7.10 |
Buffer overflow in the International Domain Name (IDN) support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a hostname with all "soft" hyphens (character 0xAD), which is not properly handled by the NormalizeIDN call in nsStandardURL::BuildNormalizedSpec.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.0.5 |
Firefox 1.0.6 and Mozilla 1.7.10 allows attackers to execute arbitrary commands via shell metacharacters in a URL that is provided to the browser on the command line, which is sent unfiltered to bash.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.6 |
| mozilla | mozilla | 1.7.10 |
Firefox 1.0.6 allows attackers to cause a denial of service (crash) via a Proxy Auto-Config (PAC) script that uses an eval statement. NOTE: it is not clear whether an untrusted party has any role in triggering this issue, so it might not be a vulnerability.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.0.5 |
Bugzilla 2.18rc1 through 2.18.3, 2.19 through 2.20rc2, and 2.21 allows remote attackers to obtain sensitive information such as the list of installed products via the config.cgi file, which is accessible even when the requirelogin parameter is set.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 2.18.1 |
Bugzilla 2.19.1 through 2.20rc2 and 2.21, with user matching turned on in substring mode, allows attackers to list all users whose names match an arbitrary substring, even when the usevisibilitygroups parameter is set.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.19.3 |
The SMTP client in Mozilla Thunderbird 1.0.5 BETA, 1.0.7, and possibly other versions, does not notify users when it cannot establish a secure channel with the server, which allows remote attackers to obtain authentication information without detection via a man-in-the-middle (MITM) attack that bypasses TLS authentication or downgrades CRAM-MD5 authentication to plain authentication.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0.5 |
| mozilla | thunderbird | 1.0.7 |
Mozilla allows remote attackers to cause a denial of service (CPU consumption) via a Javascript BODY onload event that calls the window function.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | * |
Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not processed efficiently during startup. NOTE: despite initial reports, the Mozilla vendor does not believe that this issue can be used to trigger a crash or buffer overflow in Firefox. Also, it has been independently reported that Netscape 8.1 does not have this issue.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | navigator | * |
| k-meleon_project | k-meleon | 0.8 |
| k-meleon_project | k-meleon | 0.8.1 |
| mozilla | firefox | * |
| netscape | navigator | 7.2 |
| netscape | navigator | 7.1 |
| k-meleon_project | k-meleon | 0.7 |
| k-meleon_project | k-meleon | 0.8.2 |
| k-meleon_project | k-meleon | * |
| k-meleon_project | k-meleon | 0.7_service_pack_1 |
| mozilla | mozilla_suite | * |
The shadow database feature (syncshadowdb) in Bugzilla 2.9 through 2.16.10 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.9 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 2.16.4 |
Firefox and Mozilla can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote attackers to trick a user into accepting a cookie for a hostname formed via search-list expansion of the hostname entered by the user, or steal a cookie for an expanded hostname, as demonstrated by an attacker who operates an ap1.com Internet web site to steal cookies associated with an ap1.com.example.com intranet web site.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 0.9.2.1 |
| mozilla | firefox | 0.8 |
| mozilla | firefox | 1.0.2 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 1.7.10 |
| mozilla | mozilla | 0.9.4.1 |
| mozilla | mozilla | 1.7.8 |
| mozilla | firefox | 1.0.3 |
| mozilla | mozilla | 1.4.4 |
| mozilla | mozilla | 0.9.3 |
| mozilla | mozilla | 1.2.1 |
| mozilla | firefox | 1.0.4 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.1 |
| mozilla | mozilla | m16 |
| mozilla | mozilla | 0.9.9 |
| mozilla | mozilla | 1.7.3 |
| mozilla | mozilla | 1.0.1 |
| mozilla | mozilla | m15 |
| mozilla | firefox | 1.0.1 |
| mozilla | mozilla | 1.7.9 |
| mozilla | mozilla | 0.8 |
| mozilla | mozilla | 0.9.4 |
| mozilla | mozilla | 1.7.5 |
| mozilla | mozilla | 0.9.35 |
| mozilla | mozilla | 1.2 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.7.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 0.9.7 |
| mozilla | mozilla | 1.1 |
| mozilla | mozilla | 0.9.48 |
| mozilla | firefox | 1.0.5 |
| mozilla | mozilla | 1.3.1 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 1.5 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.0 |
| mozilla | firefox | preview_release |
| mozilla | mozilla | 0.9.8 |
| mozilla | mozilla | 0.9.5 |
| mozilla | mozilla | 0.9.6 |
| mozilla | mozilla | 0.9.2 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 0.9.1 |
| mozilla | mozilla | 1.0.2 |
| mozilla | mozilla | 1.8 |
| mozilla | mozilla | 1.7.6 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.7.11 |
| mozilla | mozilla | 1.4.1 |
| mozilla | firefox | 0.9.3 |
| mozilla | mozilla | 1.7.4 |
| mozilla | mozilla | 1.7.2 |
| mozilla | mozilla | 1.4.2 |
| mozilla | mozilla | 1.7.12 |
Mozilla Firefox 1.0.7 and earlier on Linux allows remote attackers to cause a denial of service (client crash) via an IFRAME element with a large value of the WIDTH attribute, which triggers a problem related to representation of floating-point numbers, leading to an infinite loop of widget resizes and a corresponding large number of function calls on the stack.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.0.7 |
Mozilla Firefox 1.0.1 and possibly other versions, including Mozilla and Thunderbird, allows remote attackers to spoof the URL in the Status Bar via an A HREF tag that contains a TABLE tag that contains another A tag.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | preview_release |
| mozilla | mozilla | 1.7.3 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | firefox | 0.9.2 |
| mozilla | mozilla | 1.7.6 |
| mozilla | firefox | 0.9 |
| mozilla | thunderbird | 0.8 |
| mozilla | mozilla | 1.7.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 0.9.3 |
| mozilla | mozilla | 1.7.4 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 0.10.1 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | firefox | 0.10 |
The XMLHttpRequest object in Mozilla 1.7.8 supports the HTTP TRACE method, which allows remote attackers to obtain (1) proxy authentication passwords via a request with a "Max-Forwards: 0" header or (2) arbitrary local passwords on the web server that hosts this object.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 1.7.8 |
GUI display truncation vulnerability in Mozilla Thunderbird 1.0.2, 1.0.6, and 1.0.7 allows user-assisted attackers to execute arbitrary code via an attachment with a filename containing a large number of spaces ending with a dangerous extension that is not displayed by Thunderbird, along with an inconsistent Content-Type header, which could be used to trick a user into downloading dangerous content by dragging or saving the attachment.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.5 |
The Javascript interpreter (jsinterp.c) in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via unknown attack vectors related to garbage collection.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | mozilla | 1.4.1 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.5 |
The function allocation code (js_NewFunction in jsfun.c) in Firefox 1.5 allows attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via user-defined methods that trigger garbage collection in a way that operates on freed objects.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.5 |
Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 allow remote attackers to execute arbitrary code by changing an element's style from position:relative to position:static, which causes Gecko to operate on freed memory.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | thunderbird | 1.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 0.9.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the QueryInterface method of the built-in Location and Navigator objects, which leads to memory corruption.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0 |
| mozilla | thunderbird | 1.5 |
The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, and SeaMonkey before 1.0 does not validate the attribute name, which allows remote attackers to execute arbitrary Javascript by injecting RDF data into the user's localstore.rdf file.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 0.9.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
Multiple integer overflows in Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the (1) EscapeAttributeValue in jsxml.c for E4X, (2) nsSVGCairoSurface::Init in SVG, and (3) nsCanvasRenderingContext2D.cpp in Canvas.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0 |
| mozilla | thunderbird | 1.5 |
The XML parser in Mozilla Firefox before 1.5.0.1 and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly read sensitive data via unknown attack vectors that trigger an out-of-bounds read.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0 |
The E4X implementation in Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 exposes the internal "AnyName" object to external interfaces, which allows multiple cooperating domains to exchange information in violation of the same origin restrictions.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0 |
| mozilla | thunderbird | 1.5 |
Cross-site scripting (XSS) vulnerability in Mozilla 1.7.12 and possibly earlier, Mozilla Firefox 1.0.7 and possibly earlier, and Netscape 8.1 and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the -moz-binding (Cascading Style Sheets) CSS property, which does not require that the style sheet have the same origin as the web page, as demonstrated by the compromise of a large number of LiveJournal accounts.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.6 |
| mozilla | mozilla | 1.7.3 |
| mozilla | firefox | 1.0.2 |
| mozilla | mozilla | 1.7.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | mozilla | 1.7.8 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 1.0.7 |
| mozilla | mozilla | 1.7.6 |
| mozilla | mozilla | 1.7.11 |
| mozilla | mozilla | 1.7.5 |
| mozilla | firefox | 1.0.3 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.7.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | mozilla | 1.7.12 |
| mozilla | mozilla | 1.7.1 |
| mozilla | mozilla | 1.7.7 |
Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via "an invalid and non-sensical ordering of table-related tags" that results in a negative array index.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.6 |
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | preview_release |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.0.5 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.5 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 1.0.3 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | firefox | 1.0.4 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.0.1 |
nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors involving a "particular sequence of HTML tags" that leads to memory corruption.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| mozilla | mozilla_suite | * |
Mozilla Thunderbird 1.5 allows user-assisted attackers to cause an unspecified denial of service by tricking the user into importing an LDIF file with a long field into the address book, as demonstrated by a long homePhone field.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.5 |
The WYSIWYG rendering engine ("rich mail" editor) in Mozilla Thunderbird 1.0.7 and earlier allows user-assisted attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript URI in the SRC attribute of an IFRAME tag, which is executed when the user edits the e-mail.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 0.4 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | thunderbird | 0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 0.6 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.0.1 |
SQL injection vulnerability in whineatnews.pl in Bugzilla 2.17 through 2.18.4 and 2.20 allows remote authenticated users with administrative privileges to execute arbitrary SQL commands via the whinedays parameter, as accessible from editparams.cgi.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 2.21.1 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 2.18.4 |
Bugzilla 2.16.10, 2.17 through 2.18.4, and 2.20 does not properly handle certain characters in the mostfreqthreshold parameter in duplicates.cgi, which allows remote attackers to trigger a SQL error.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 2.18.4 |
Bugzilla 2.16.10 does not properly handle certain characters in the (1) maxpatchsize and (2) maxattachmentsize parameters in attachment.cgi, which allows remote attackers to trigger a SQL error.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.16.10 |
Bugzilla 2.19.3 through 2.20 does not properly handle "//" sequences in URLs when redirecting a user from the login form, which could cause it to generate a partial URL in a form action that causes the user's browser to send the form data to another domain.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 2.21.1 |
| mozilla | bugzilla | 2.21.2 |
The HTML rendering engine in Mozilla Thunderbird 1.5, when "Block loading of remote images in mail messages" is enabled, does not properly block external images from inline HTML attachments, which could allow remote attackers to obtain sensitive information, such as application version or IP address, when the user reads the email and the external image is accessed.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.5 |
Mozilla Firefox 1.0.7 and 1.5.0.1 allows remote attackers to cause a denial of service (crash) via an HTML tag with a large number of script action handlers such as onload and onmouseover, which triggers the crash when the user views the page source. NOTE: Red Hat has disputed this issue, suggesting that "It is likely the reporter was running the IE Tab extension," and Mozilla also confirmed that this is not an issue in Firefox itself
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 1.0.7 |
Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due to the lack of sufficient public details from the vendor as of 20060413, it is unclear how CVE-2006-1529, CVE-2006-1530, CVE-2006-1531, and CVE-2006-1723 are different.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.6 |
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | preview_release |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.0.5 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.5 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 1.0.3 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | firefox | 1.0.4 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.0.1 |
Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due to the lack of sufficient public details from the vendor as of 20060413, it is unclear how CVE-2006-1529, CVE-2006-1530, CVE-2006-1531, and CVE-2006-1723 are different.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| debian | debian_linux | 3.1 |
Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due to the lack of sufficient public details from the vendor as of 20060413, it is unclear how CVE-2006-1529, CVE-2006-1530, CVE-2006-1531, and CVE-2006-1723 are different.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| debian | debian_linux | 3.1 |
Firefox 1.5.0.1 allows remote attackers to spoof the address bar and possibly conduct phishing attacks by re-opening the window to a malicious Shockwave Flash application, then changing the window location back to a trusted URL while the Flash application is still loading. NOTE: a followup was unable to replicate this issue.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.5.0.1 |
Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due to the lack of sufficient public details from the vendor as of 20060413, it is unclear how CVE-2006-1529, CVE-2006-1530, CVE-2006-1531, and CVE-2006-1723 are different.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.6 |
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | preview_release |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.0.5 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.5 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 1.0.3 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | firefox | 1.0.4 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.0.1 |
Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to DHTML.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| debian | debian_linux | 3.1 |
| mozilla | mozilla_suite | * |
Mozilla Firefox 1.5 before 1.5.0.2 and SeaMonkey before 1.0.1 causes certain windows to become translucent due to an interaction between XUL content windows and the history mechanism, which might allow user-assisted remote attackers to trick users into executing arbitrary code.
CVSS 2.0
Severity: LOW
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the js_ValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox' ForEach method.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.6 |
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | preview_release |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.0.5 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.5 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 1.0.3 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | firefox | 1.0.4 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.0.1 |
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to gain chrome privileges via multiple attack vectors related to the use of XBL scripts with "Print Preview".
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 5.10 |
| canonical | ubuntu_linux | 5.04 |
| canonical | ubuntu_linux | 4.10 |
| mozilla | mozilla_suite | * |
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via unknown vectors related to the crypto.generateCRMFRequest method.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 5.10 |
| canonical | ubuntu_linux | 5.04 |
| canonical | ubuntu_linux | 4.10 |
| mozilla | mozilla_suite | * |
Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| canonical | ubuntu_linux | 5.10 |
| canonical | ubuntu_linux | 5.04 |
| canonical | ubuntu_linux | 4.10 |
| mozilla | mozilla_suite | * |
Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via a large number in the CSS letter-spacing property that leads to a heap-based buffer overflow.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.6 |
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | mozilla_suite | 1.7.12 |
| mozilla | firefox | 1.0.5 |
| mozilla | mozilla_suite | 1.7.7 |
| mozilla | thunderbird | 1.5 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 1.0.3 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 1.5 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | mozilla_suite | 1.7.6 |
| mozilla | firefox | 1.0.4 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | mozilla_suite | 1.7.8 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | seamonkey | 1.0 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | mozilla_suite | 1.7.11 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | mozilla_suite | 1.7.10 |
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 returns the Object class prototype instead of the global window object when (1) .valueOf.call or (2) .valueOf.apply are called without any arguments, which allows remote attackers to conduct cross-site scripting (XSS) attacks.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.6 |
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.0.5 |
| mozilla | mozilla_suite | 1.7.7 |
| mozilla | thunderbird | 1.5 |
| mozilla | firefox | * |
| mozilla | firefox | 1.0.3 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| mozilla | mozilla_suite | 1.7.6 |
| mozilla | firefox | 1.0.4 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | mozilla_suite | * |
| mozilla | mozilla_suite | 1.7.8 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | mozilla_suite | 1.7.11 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | mozilla_suite | 1.7.10 |
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to bypass same-origin protections and conduct cross-site scripting (XSS) attacks via unspecified vectors involving the window.controllers array.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.6 |
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.0.5 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.5 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 1.0.3 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | firefox | 1.0.4 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.0.1 |
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly protect the compilation scope of privileged built-in XBL bindings, which allows remote attackers to execute arbitrary code via the (1) valueOf.call or (2) valueOf.apply methods of an XBL binding, or (3) "by inserting an XBL method into the DOM's document.body prototype chain."
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.6 |
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.0.5 |
| mozilla | mozilla_suite | 1.7.7 |
| mozilla | thunderbird | 1.5 |
| mozilla | firefox | * |
| mozilla | firefox | 1.0.3 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| mozilla | mozilla_suite | 1.7.6 |
| mozilla | firefox | 1.0.4 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | mozilla_suite | * |
| mozilla | mozilla_suite | 1.7.8 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | mozilla_suite | 1.7.11 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | mozilla_suite | 1.7.10 |
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using the Object.watch method to access the "clone parent" internal function.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.6 |
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.0.5 |
| mozilla | mozilla_suite | 1.7.7 |
| mozilla | thunderbird | 1.5 |
| mozilla | firefox | * |
| mozilla | firefox | 1.0.3 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| mozilla | mozilla_suite | 1.7.6 |
| mozilla | firefox | 1.0.4 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | mozilla_suite | * |
| mozilla | mozilla_suite | 1.7.8 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | mozilla_suite | 1.7.11 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | mozilla_suite | 1.7.10 |
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using an eval in an XBL method binding (XBL.method.eval) to create Javascript functions that are compiled with extra privileges.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.6 |
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.0.5 |
| mozilla | mozilla_suite | 1.7.7 |
| mozilla | thunderbird | 1.5 |
| mozilla | firefox | * |
| mozilla | firefox | 1.0.3 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| mozilla | mozilla_suite | 1.7.6 |
| mozilla | firefox | 1.0.4 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | mozilla_suite | * |
| mozilla | mozilla_suite | 1.7.8 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | mozilla_suite | 1.7.11 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | mozilla_suite | 1.7.10 |
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to trick users into downloading and saving an executable file via an image that is overlaid by a transparent image link that points to the executable, which causes the executable to be saved when the user clicks the "Save image as..." option. NOTE: this attack is made easier due to a GUI truncation issue that prevents the user from seeing the malicious extension when there is extra whitespace in the filename.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.6 |
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.0.5 |
| mozilla | mozilla_suite | 1.7.7 |
| mozilla | thunderbird | 1.5 |
| mozilla | firefox | * |
| mozilla | firefox | 1.0.3 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| mozilla | mozilla_suite | 1.7.6 |
| mozilla | firefox | 1.0.4 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | mozilla_suite | * |
| mozilla | mozilla_suite | 1.7.8 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | mozilla_suite | 1.7.11 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | mozilla_suite | 1.7.10 |
Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary bytecode via JavaScript with a large regular expression.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.6 |
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | mozilla_suite | 1.7.12 |
| mozilla | firefox | 1.0.5 |
| mozilla | mozilla_suite | 1.7.7 |
| mozilla | thunderbird | 1.5 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 1.0.3 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 1.5 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | mozilla_suite | 1.7.6 |
| mozilla | firefox | 1.0.4 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | mozilla_suite | 1.7.8 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | mozilla_suite | 1.7.11 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | mozilla_suite | 1.7.10 |
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) by changing the (1) -moz-grid and (2) -moz-grid-group display styles.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.6 |
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | mozilla_suite | 1.7.12 |
| mozilla | firefox | 1.0.5 |
| mozilla | mozilla_suite | 1.7.7 |
| mozilla | thunderbird | 1.5 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 1.0.3 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 1.5 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | mozilla_suite | 1.7.6 |
| mozilla | firefox | 1.0.4 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | mozilla_suite | 1.7.8 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | mozilla_suite | 1.7.11 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | mozilla_suite | 1.7.10 |
The CSS border-rendering code in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain Cascading Style Sheets (CSS) that causes an out-of-bounds array write and buffer overflow.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.6 |
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | mozilla_suite | 1.7.12 |
| mozilla | firefox | 1.0.5 |
| mozilla | mozilla_suite | 1.7.7 |
| mozilla | thunderbird | 1.5 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 1.0.3 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 1.5 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | mozilla_suite | 1.7.6 |
| mozilla | firefox | 1.0.4 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | mozilla_suite | 1.7.8 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | mozilla_suite | 1.7.11 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | mozilla_suite | 1.7.10 |
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening the trusted site in a popup window, then changing the location to a malicious site.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.6 |
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.0.5 |
| mozilla | mozilla_suite | 1.7.7 |
| mozilla | thunderbird | 1.5 |
| mozilla | firefox | * |
| mozilla | firefox | 1.0.3 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| mozilla | mozilla_suite | 1.7.6 |
| mozilla | firefox | 1.0.4 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | mozilla_suite | * |
| mozilla | mozilla_suite | 1.7.8 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | mozilla_suite | 1.7.11 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | mozilla_suite | 1.7.10 |
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to inject arbitrary Javascript into other sites by (1) "using a modal alert to suspend an event handler while a new page is being loaded", (2) using eval(), and using certain variants involving (3) "new Script;" and (4) using window.__proto__ to extend eval, aka "cross-site JavaScript injection".
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | * |
| canonical | ubuntu_linux | 5.10 |
| canonical | ubuntu_linux | 5.04 |
| canonical | ubuntu_linux | 4.10 |
| mozilla | mozilla_suite | * |
The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly handle temporary variables that are not garbage collected, which might allow remote attackers to trigger operations on freed memory and cause memory corruption.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.6 |
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.0.5 |
| mozilla | mozilla_suite | 1.7.7 |
| mozilla | thunderbird | 1.5 |
| mozilla | firefox | * |
| mozilla | firefox | 1.0.3 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| mozilla | mozilla_suite | 1.7.6 |
| mozilla | firefox | 1.0.4 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | mozilla_suite | * |
| mozilla | mozilla_suite | 1.7.8 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | mozilla_suite | 1.7.11 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | mozilla_suite | 1.7.10 |
A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the InstallTrigger.install method, which leads to memory corruption.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.7 |
Mozilla Camino 1.0 and earlier allow remote attackers to cause a denial of service (null dereference and application crash or hang) via HTML with certain improperly nested elements. NOTE: this might be the same issue as CVE-2006-1724.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | camino | 0.8.4 |
| mozilla | camino | 0.9 |
| mozilla | camino | 0.4 |
| mozilla | camino | 0.6 |
| mozilla | camino | 0.8.2 |
| mozilla | camino | 0.3 |
| mozilla | camino | 1.0 |
| mozilla | camino | 0.5 |
| mozilla | camino | 0.7 |
| mozilla | camino | 0.8.1 |
| mozilla | camino | 0.1 |
| mozilla | camino | 0.8 |
| mozilla | camino | 0.2 |
| mozilla | camino | 0.8.3 |
Mozilla Firefox 1.5.0.2 and possibly other versions before 1.5.0.4, Netscape 8.1, 8.0.4, and 7.2, and K-Meleon 0.9.13 allows user-assisted remote attackers to open local files via a web page with an IMG element containing a SRC attribute with a non-image file:// URL, then tricking the user into selecting View Image for the broken image, as demonstrated using a .wma file to launch Windows Media Player, or by referencing an "alternate web page."
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | navigator | 8.1 |
| netscape | navigator | 7.2 |
| netscape | navigator | 8.0.40 |
| k-meleon_project | k-meleon | 0.9.13 |
| mozilla | firefox | 1.5.0.2 |
Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain Javascript that is not properly handled by the contentWindow.focus method in an iframe, which causes a reference to a deleted controller context object. NOTE: this was originally claimed to be a buffer overflow in (1) js320.dll and (2) xpcom_core.dll, but the vendor disputes this claim.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.5.0.2 |
Argument injection vulnerability in Mozilla Firefox 1.0.6 allows user-assisted remote attackers to modify command line arguments to an invoked mail client via " (double quote) characters in a mailto: scheme handler, as demonstrated by launching Microsoft Outlook with an arbitrary filename as an attachment. NOTE: it is not clear whether this issue is implementation-specific or a problem in the Microsoft API.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-88,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.6 |
Mozilla Firefox 1.5.0.3 allows remote attackers to cause a denial of service via a web page with a large number of IMG elements in which the SRC attribute is a mailto URI. NOTE: another researcher found that the web page caused a temporary browser slowdown instead of a crash.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.5.0.3 |
Bugzilla 2.20rc1 through 2.20 and 2.21.1, when using RSS 1.0, allows remote attackers to conduct cross-site scripting (XSS) attacks via a title element with HTML encoded sequences such as ">", which are automatically decoded by some RSS readers. NOTE: this issue is not in Bugzilla itself, but rather due to design or documentation inconsistencies within RSS, or implementation vulnerabilities in RSS readers. While this issue normally would not be included in CVE, it is being identified since the Bugzilla developers have addressed it.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.21.1 |
IE Tab 1.0.9 plugin for Mozilla Firefox 1.5.0.3 allows remote user-assisted attackers to cause a denial of service (application crash), possibly due to a null dereference, via certain Javascript, as demonstrated using a url parameter to the content/reloaded.html page in a chrome:// URI. Some third-party researchers claim that they are unable to reproduce this vulnerability.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ie_tab | ie_tab | 1.0.9 |
| mozilla | firefox | 1.5.0.3 |
Mozilla Suite 1.7.13, Mozilla Firefox 1.5.0.3 and possibly other versions before before 1.8.0, and Netscape 7.2 and 8.1, and possibly other versions and products, allows remote user-assisted attackers to obtain information such as the installation path by causing exceptions to be thrown and checking the message contents.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.5.0.1 |
| netscape | navigator | 8.1 |
| netscape | navigator | 7.2 |
| mozilla | mozilla_suite | 1.7.13 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 1.5.0.3 |
Unspecified versions of Mozilla Firefox allow remote attackers to cause a denial of service (crash) via a web page that contains a large number of nested marquee tags. NOTE: a followup post indicated that the initial report could not be verified.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 2.0 |
Mozilla Firefox and Thunderbird before 1.5.0.4 associates XUL attributes with the wrong URL under certain unspecified circumstances, which might allow remote attackers to bypass restrictions by causing a persisted string to be associated with the wrong URL.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 1.0.6 |
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.4 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 1.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 0.8 |
| mozilla | firefox | * |
| mozilla | firefox | 1.0.3 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 1.5 |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | firefox | 1.0.4 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 0.10.1 |
| mozilla | thunderbird | 0.2 |
| mozilla | firefox | 0.10 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 0.9.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 0.3 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | thunderbird | 1.0.1 |
Certain privileged UI code in Mozilla Firefox and Thunderbird before 1.5.0.4 calls content-defined setters on an object prototype, which allows remote attackers to execute code at a higher privilege than intended.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 1.0.6 |
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.4 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 1.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 0.8 |
| mozilla | firefox | 1.0.3 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 1.5 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | firefox | 1.0.4 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 0.10.1 |
| mozilla | thunderbird | 0.2 |
| mozilla | firefox | 0.10 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 0.9.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 0.3 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 0.9.3 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | thunderbird | 1.0.1 |
Unspecified vulnerability in Mozilla Firefox before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to execute arbitrary code by using the nsISelectionPrivate interface of the Selection object to add a SelectionListener and create notifications that are executed in a privileged context.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | * |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | * |
| mozilla | firefox | 0.9.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments, which causes an invalid array index and triggers a buffer overflow.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) nested <option> tags in a select tag, (2) a DOMNodeRemoved mutation event, (3) "Content-implemented tree views," (4) BoxObjects, (5) the XBL implementation, (6) an iframe that attempts to remove itself, which leads to memory corruption.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 1.0.6 |
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 1.5.3 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 0.8 |
| mozilla | firefox | 1.0.3 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 1.5 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 1.0.4 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | preview_release |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 0.9 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | thunderbird | 1.0.1 |
Integer overflow in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via "jsstr tagify," which leads to memory corruption.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Double free vulnerability in nsVCard.cpp in Mozilla Thunderbird before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a VCard that contains invalid base64 characters.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
Firefox 1.5.0.2 does not fix all test cases associated with CVE-2006-1729, which allows remote attackers to read arbitrary files by inserting the target filename into a text box, then turning that box into a file upload control.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
Mozilla Firefox and Thunderbird before 1.5.0.4 strip the Unicode Byte-order-Mark (BOM) from a UTF-8 page before the page is passed to the parser, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a BOM sequence in the middle of a dangerous tag such as SCRIPT.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
The PLUGINSPAGE functionality in Mozilla Firefox before 1.5.0.4 allows remote user-assisted attackers to execute privileged code by tricking a user into installing missing plugins and selecting the "Manual Install" button, then using nested javascript: URLs. NOTE: the manual install button is used for downloading software from a remote web site, so this issue would not cross privilege boundaries if the user progresses to the point of installing malicious software from the attacker-controlled site.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5.0.4 allows user-assisted remote attackers to inject arbitrary web script or HTML by tricking a user into (1) performing a "View Image" on a broken image in which the SRC attribute contains a Javascript URL, or (2) selecting "Show only this frame" on a frame whose SRC attribute contains a Javascript URL.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via (1) invalid HTTP response headers with spaces between the header name and the colon, which might not be ignored in some cases, or (2) HTTP 1.1 headers through an HTTP 1.0 proxy, which are ignored by the proxy but processed by the client.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain privileges via javascript that calls the valueOf method on objects that were created outside of the sandbox.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.0.6 |
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | preview_release |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.0.5 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.5 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 1.0.3 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 1.5 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | firefox | 1.0.4 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.0.1 |
Double free vulnerability in the getRawDER function for nsIX509Cert in Firefox allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via certain Javascript code.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | preview_release |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
Mozilla Firefox 1.5.0.4, 2.0.x before 2.0.0.8, Mozilla Suite 1.7.13, Mozilla SeaMonkey 1.0.2 and other versions before 1.1.5, and Netscape 8.1 and earlier allow user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those characters to be inserted into a file upload input control, which can then upload the file when the user submits the form.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | navigator | * |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | mozilla_suite | 1.7.13 |
| mozilla | seamonkey | 1.0.2 |
Cross-domain vulnerability in Mozilla Firefox allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object. NOTE: this description was based on a report that has since been retracted by the original authors. The authors misinterpreted their test results. Other third parties also disputed the original report. Therefore, this is not a vulnerability. It is being assigned a candidate number to provide a clear indication of its status
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | preview_release |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 1.0 |
Mozilla Firefox 1.5.0.4 and earlier allows remote user-assisted attackers to cause a denial of service (crash) via a form with a multipart/form-data encoding and a user-uploaded file. NOTE: a third party has claimed that this issue might be related to the LiveHTTPHeaders extension.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 1.5.0.3 |
Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by redirecting the browser to another page, which leads to a concurrency failure that causes structures to be freed incorrectly, as demonstrated by (1) ffoxdie and (2) ffoxdie3. NOTE: it has been reported that Netscape 8.1 and K-Meleon 1.0.1 are also affected by ffoxdie. Mozilla confirmed to CVE that ffoxdie and ffoxdie3 trigger the same underlying vulnerability. NOTE: it was later reported that Firefox 2.0 RC2 and 1.5.0.7 are also affected.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 1.0.7 |
| netscape | navigator | 8.1 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0 |
| k-meleon_project | k-meleon | 1.0.1 |
Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote attackers to forge signatures for SSL/TLS and email certificates, a similar vulnerability to CVE-2006-4339. NOTE: on 20061107, Mozilla released an advisory stating that these versions were not completely patched by MFSA2006-60. The newer fixes for 1.5.0.7 are covered by CVE-2006-5462.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| mozilla | network_security_services | * |
Mozilla Firefox 1.5.0.6 allows remote attackers to execute arbitrary JavaScript in the context of the browser's session with an arbitrary intranet web server, by hosting script on an Internet web server that can be made inaccessible by the attacker and that has a domain name under the attacker's control, which can force the browser to drop DNS pinning and perform a new DNS query for the domain name after the script is already running.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.5.0.6 |
Stack-based buffer overflow in Mozilla Firefox allows remote attackers to execute arbitrary code via unspecified vectors involving JavaScript. NOTE: the vendor and original researchers have released a follow-up comment disputing the severity of this issue, in which the researcher states that "we mentioned that there was a previously known Firefox vulnerability that could result in a stack overflow ending up in remote code execution. However, the code we presented did not in fact do this... I have not succeeded in making this code do anything more than cause a crash and eat up system resources"
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | preview_release |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 1.5.7 |
Multiple unspecified vulnerabilities in Mozilla Firefox have unspecified vectors and impact, as claimed during ToorCon 2006. NOTE: the vendor and original researchers have released a follow-up comment disputing this issue, in which one researcher states that "I have no undisclosed Firefox vulnerabilities. The person who was speaking with me made this claim, and I honestly have no idea if he has them or not.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | preview_release |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 1.5.7 |
Firefox 1.5.0.7 on Kubuntu Linux allows remote attackers to cause a denial of service (crash) via a long URL in an A tag. NOTE: this issue has been disputed by several vendors, who could not reproduce the report. In addition, the scope of the impact - system freeze - suggests an issue that is not related to Firefox. Due to this impact, CVE concurs with the dispute
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.5.0.7 |
The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced, which allows remote attackers to cause a denial of service via any plugins that reduce the precision.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-835,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 4.0 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 6.06 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 6.10 |
| canonical | ubuntu_linux | 5.10 |
| debian | debian_linux | 3.1 |
Mozilla Firefox 2.0, possibly only when running on Windows, allows remote attackers to bypass the Phishing Protection mechanism by representing an IP address in (1) dotted-hex, (2) dotted-octal, (3) single decimal integer, (4) single hex integer, or (5) single octal integer format, which is not captured by the blacklist filter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 2.0.0.1 |
The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the "for" attribute in a label, which bypasses the focus prevention, as demonstrated by changing focus from a textarea to a file upload field.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 1.0.99 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | seamonkey | 1.1 |
Mozilla Firefox 2.0.0.4 allows remote attackers to cause a denial of service by opening multiple tabs in a popup window. NOTE: this issue has been disputed by third party researchers, stating that "this does not crash on me, and I can't see a likely mechanism of action that would lead to a DoS condition.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 2.0.0.4 |
Mozilla Firefox before 2.0.0.6, Thunderbird before 1.5.0.13 and 2.x before 2.0.0.6, and SeaMonkey before 1.1.4 allow remote attackers to execute arbitrary commands via certain vectors associated with launching "a file handling program based on the file extension at the end of the URI," a variant of CVE-2007-4041. NOTE: the vendor states that "it is still possible to launch a filetype handler based on extension rather than the registered protocol handler."
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | firefox | 2.0.0.5 |
Multiple vulnerabilities in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption or assert errors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
Multiple vulnerabilities in the Javascript engine in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
Remote code execution in the Venkman script debugger in Mozilla Firefox before 2.0.0.8.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 sets the Referer header to the window or frame in which script is running, instead of the address of the content that initiated the script, which allows remote attackers to spoof HTTP Referer headers and bypass Referer-based CSRF protection schemes by setting window.location and using a modal alert dialog that causes the wrong Referer to be sent.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 1.0.3 |
| mozilla | seamonkey | * |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 1.5.7 |
The browser engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to the (1) nsTableFrame::GetFrameAtOrBefore, (2) nsAccessibilityService::GetAccessible, (3) nsBindingManager::GetNestedInsertionPoint, (4) nsXBLPrototypeBinding::AttributeChanged, (5) nsColumnSetFrame::GetContentInsertionFrame, and (6) nsLineLayout::TrimTrailingWhiteSpaceIn methods, and other vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
The JavaScript engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via (1) a large switch statement, (2) certain uses of watch and eval, (3) certain uses of the mousedown event listener, and other vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to trick the user into uploading arbitrary files via label tags that shift focus to a file input field, aka "focus spoofing."
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to execute script outside of the sandbox and conduct cross-site scripting (XSS) attacks via multiple vectors including the XMLDocument.load function, aka "JavaScript privilege escalation bugs."
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allow remote attackers to inject arbitrary web script or HTML via certain character encodings, including (1) a backspace character that is treated as whitespace, (2) 0x80 with Shift_JIS encoding, and (3) "zero-length non-ASCII sequences" in certain Asian character sets.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when generating the HTTP Referer header, does not list the entire URL when it contains Basic Authentication credentials without a username, which makes it easier for remote attackers to bypass application protection mechanisms that rely on Referer headers, such as with some Cross-Site Request Forgery (CSRF) mechanisms.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
The JavaScript engine in Mozilla Firefox before 2.0.0.14, Thunderbird before 2.0.0.14, and SeaMonkey before 1.1.10 allows remote attackers to cause a denial of service (garbage collector crash) and possibly have other impacts via a crafted web page. NOTE: this is due to an incorrect fix for CVE-2008-1237.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | * |
| mozilla | firefox | 2.0.0.9 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | seamonkey | 1.0.99 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | seamonkey | 1.1 |
feedWriter in Mozilla Firefox before 2.0.0.17 allows remote attackers to execute scripts with chrome privileges via vectors related to feed preview and the (1) elem.doCommand, (2) elem.dispatchEvent, (3) _setTitleText, (4) _setTitleImage, and (5) _initSubscriptionUI functions.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 0.9_rc |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | * |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 1.5.7 |
Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly change the source URI when processing a canvas element and an HTTP redirect, which allows remote attackers to bypass the same origin policy and access arbitrary images that are not directly accessible to the attacker. NOTE: this issue can be leveraged to enumerate software on the client by performing redirections related to moz-icon.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 2.0.0.15 |
| mozilla | thunderbird | 0.4 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 0.1 |
| mozilla | thunderbird | 2.0.0.13 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 0.10.1 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 1.5.2 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 1.0.8 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | seamonkey | 1.0.99 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 0.9_rc |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 0.9.2 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | * |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | firefox | 0.9.1 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | seamonkey | 1.1.8 |
The layout engine in Mozilla Firefox 3.x before 3.0.4, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via multiple vectors that trigger an assertion failure or other consequences.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.1 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | seamonkey | 1.1 |
The session restore feature in Mozilla Firefox 3.x before 3.0.4 and 2.x before 2.0.0.18 allows remote attackers to violate the same origin policy to conduct cross-site scripting (XSS) attacks and execute arbitrary JavaScript with chrome privileges via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 4.0 |
| canonical | ubuntu_linux | 8.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 6.06 |
| canonical | ubuntu_linux | 8.10 |
| canonical | ubuntu_linux | 7.10 |
nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| suse | linux_enterprise_debuginfo | 10 |
| debian | debian_linux | 4.0 |
| canonical | ubuntu_linux | 8.04 |
| canonical | ubuntu_linux | 6.06 |
| suse | linux_enterprise_software_development_kit | 10 |
| suse | linux_enterprise_server | 9 |
| opensuse | opensuse | 10.2 |
| canonical | ubuntu_linux | 8.10 |
| novell | open_enterprise_server | - |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| opensuse | opensuse | 10.3 |
| fedoraproject | fedora | 8 |
| novell | linux_desktop | 9 |
| canonical | ubuntu_linux | 7.10 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
| fedoraproject | fedora | 9 |
| opensuse | opensuse | 11.0 |
Mozilla Firefox 2.x before 2.0.0.19 allows remote attackers to run arbitrary JavaScript with chrome privileges via vectors related to the feed preview, a different vulnerability than CVE-2008-3836.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | * |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 2.0.0.4 |
Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy and conduct cross-site scripting (XSS) attacks via an XBL binding to an "unloaded document."
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 4.0 |
| canonical | ubuntu_linux | 8.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 6.06 |
| debian | debian_linux | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 8.10 |
| canonical | ubuntu_linux | 7.10 |
Unspecified vulnerability in the session-restore feature in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19 allows remote attackers to bypass the same origin policy, inject content into documents associated with other domains, and conduct cross-site scripting (XSS) attacks via unknown vectors related to restoration of SessionStore data.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 4.0 |
| canonical | ubuntu_linux | 8.04 |
| mozilla | firefox | * |
| debian | debian_linux | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 8.10 |
| canonical | ubuntu_linux | 7.10 |
Bugzilla 2.20.x before 2.20.5, 2.22.x before 2.22.3, and 3.0.x before 3.0.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain sensitive information by reading these files, a different vulnerability than CVE-2011-2977.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.0.0 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 2.22.2 |
| mozilla | bugzilla | 3.0 |
| mozilla | bugzilla | 3.0.2 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 3.0.1 |
| mozilla | bugzilla | 2.20.2 |
Mozilla Firefox before 4 cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.5.18 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Cross-domain vulnerability in js/src/jsobj.cpp in Mozilla Firefox 3.x before 3.0.6 allows remote attackers to bypass the Same Origin Policy, and access the properties of an arbitrary window and conduct cross-site scripting (XSS) attacks, via vectors involving a chrome XBL method and the window.eval function.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.0.4 |
| mozilla | firefox | 3.0.1 |
Mozilla Firefox before 3.0.6 and SeaMonkey do not block links to the (1) about:plugins and (2) about:config URIs from .desktop files, which allows user-assisted remote attackers to bypass the Same Origin Policy and execute arbitrary code with chrome privileges via vectors involving the URL field in a Desktop Entry section of a .desktop file, related to representation of about: URIs as jar:file:// URIs. NOTE: this issue exists because of an incomplete fix for CVE-2008-4582.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-59,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 2.0_.10 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 2.0_.7 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0_.5 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0_.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 0.9_rc |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 2.0_.9 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | * |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 2.0_.4 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 2.0_.6 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 2.0_8 |
Memory leak in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service (memory consumption and application crash) via a crafted image file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-401,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.1 |
| sun | openjdk | * |
| gimp | gimp | * |
| littlecms | little_cms | * |
Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.1 |
| sun | openjdk | * |
| gimp | gimp | * |
| littlecms | little_cms | * |
Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.1 |
| sun | openjdk | * |
| gimp | gimp | * |
| littlecms | little_cms | * |
The layout engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption and assertion failures.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 1.0.3 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 1.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | * |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey allows remote attackers to inject arbitrary web script or HTML via vectors involving XBL JavaScript bindings and remote stylesheets, as exploited in the wild by a March 2009 eBay listing.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 2.0_.10 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 1.0.3 |
| mozilla | seamonkey | * |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 2.0_.7 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0_.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0_.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 0.9_rc |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 2.0_.9 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | * |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.0beta5 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 2.0_.4 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 2.0_.6 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 2.0.0.21 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 2.0_8 |
The nsTextFrame::ClearTextRun function in layout/generic/nsTextFrameThebes.cpp in Mozilla Firefox 3.0.9 allows remote attackers to cause a denial of service (memory corruption) and probably execute arbitrary code via unspecified vectors. NOTE: this vulnerability reportedly exists because of an incorrect fix for CVE-2009-1302.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.0.9 |
Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to execute arbitrary code via unspecified method calls that attempt to access freed objects in low-memory situations.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.5.7 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 3.0.11 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Race condition in the NPObjWrapper_NewResolve function in modules/plugin/base/src/nsJSNPRuntime.cpp in xul.dll in Mozilla Firefox 3 before 3.0.11 might allow remote attackers to execute arbitrary code via a page transition during Java applet loading, related to a use-after-free vulnerability for memory associated with a destroyed Java object.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-362,CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 5.0 |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_eus | 5.3 |
| redhat | enterprise_linux_desktop | 4.0 |
| redhat | enterprise_linux_workstation | 4.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_aus | 5.3 |
| redhat | enterprise_linux | 4.0 |
| fedoraproject | fedora | 10 |
| redhat | enterprise_linux_eus | 4.8 |
| redhat | enterprise_linux_server | 4.0 |
| fedoraproject | fedora | 9 |
Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. NOTE: this was originally reported for Firefox before 3.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.9 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N | 2.2 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-295,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 8.04 |
| debian | debian_linux | 5.0 |
| suse | linux_enterprise_server | 9 |
| canonical | ubuntu_linux | 8.10 |
| opensuse | opensuse | * |
| canonical | ubuntu_linux | 9.04 |
| mozilla | network_security_services | * |
| suse | linux_enterprise | 11.0 |
| suse | linux_enterprise | 10.0 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash collision in less than brute-force time. NOTE: the scope of this issue is currently limited because the amount of computation required is still large.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-295,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| gnu | gnutls | 1.1.15 |
| gnu | gnutls | 2.4.0 |
| gnu | gnutls | 2.6.0 |
| gnu | gnutls | 1.0.17 |
| gnu | gnutls | 2.3.3 |
| gnu | gnutls | 1.5.4 |
| gnu | gnutls | 1.7.13 |
| mozilla | nss | 3.11.7 |
| gnu | gnutls | 1.7.16 |
| gnu | gnutls | 1.3.4 |
| gnu | gnutls | 1.7.0 |
| gnu | gnutls | 2.0.2 |
| gnu | gnutls | 1.5.5 |
| openssl | openssl | 0.9.8j |
| mozilla | nss | 3.11.8 |
| gnu | gnutls | 2.5.0 |
| mozilla | nss | 3.4 |
| gnu | gnutls | 1.7.2 |
| gnu | gnutls | 2.3.7 |
| gnu | gnutls | 2.1.2 |
| gnu | gnutls | 2.1.6 |
| mozilla | nss | 3.12.1 |
| gnu | gnutls | 1.7.17 |
| gnu | gnutls | 1.7.6 |
| gnu | gnutls | 1.1.13 |
| gnu | gnutls | 1.2.1 |
| gnu | gnutls | 2.1.3 |
| gnu | gnutls | 1.4.0 |
| gnu | gnutls | 1.7.3 |
| gnu | gnutls | 1.7.11 |
| gnu | gnutls | 2.0.1 |
| mozilla | nss | 3.2 |
| gnu | gnutls | 1.2.6 |
| gnu | gnutls | 1.3.5 |
| gnu | gnutls | 2.3.10 |
| gnu | gnutls | 2.3.11 |
| mozilla | nss | 3.3.1 |
| gnu | gnutls | 1.3.1 |
| gnu | gnutls | 1.0.24 |
| gnu | gnutls | 1.1.19 |
| gnu | gnutls | 1.4.2 |
| gnu | gnutls | 1.0.23 |
| gnu | gnutls | 1.5.2 |
| gnu | gnutls | 1.7.9 |
| gnu | gnutls | 2.2.5 |
| mozilla | nss | * |
| gnu | gnutls | 1.2.8 |
| gnu | gnutls | 2.0.0 |
| gnu | gnutls | 2.6.2 |
| gnu | gnutls | 1.7.7 |
| mozilla | nss | 3.4.3 |
| gnu | gnutls | 2.1.8 |
| mozilla | nss | 3.5 |
| gnu | gnutls | 2.0.3 |
| gnu | gnutls | 2.3.4 |
| gnu | gnutls | 1.5.3 |
| gnu | gnutls | 1.0.20 |
| mozilla | nss | 3.10 |
| gnu | gnutls | 2.7.4 |
| gnu | gnutls | 2.1.4 |
| gnu | gnutls | 2.4.1 |
| gnu | gnutls | 2.2.3 |
| gnu | gnutls | 2.2.1 |
| gnu | gnutls | 1.1.14 |
| mozilla | nss | 3.3 |
| gnu | gnutls | 1.7.8 |
| openssl | openssl | 0.9.8k |
| mozilla | nss | 3.9 |
| gnu | gnutls | 1.1.17 |
| gnu | gnutls | 2.1.0 |
| gnu | gnutls | 2.3.9 |
| gnu | gnutls | 2.1.5 |
| mozilla | nss | 3.7.3 |
| gnu | gnutls | 1.4.3 |
| gnu | gnutls | 1.0.25 |
| mozilla | nss | 3.4.1 |
| mozilla | nss | 3.11.2 |
| gnu | gnutls | 2.2.2 |
| mozilla | nss | 3.9.5 |
| gnu | gnutls | 1.7.19 |
| gnu | gnutls | 2.3.6 |
| gnu | gnutls | 2.1.7 |
| mozilla | nss | 3.0 |
| mozilla | nss | 3.7.7 |
| gnu | gnutls | 1.6.3 |
| mozilla | nss | 3.8 |
| mozilla | nss | 3.3.2 |
| mozilla | nss | 3.7 |
| gnu | gnutls | 1.7.15 |
| mozilla | nss | 3.7.1 |
| mozilla | nss | 3.7.2 |
| gnu | gnutls | 1.0.18 |
| gnu | gnutls | 1.7.10 |
| gnu | gnutls | 2.3.5 |
| gnu | gnutls | 1.7.1 |
| gnu | gnutls | 1.0.22 |
| gnu | gnutls | 1.2.5 |
| gnu | gnutls | 1.2.2 |
| gnu | gnutls | 1.3.0 |
| mozilla | network_security_services | * |
| gnu | gnutls | 1.2.3 |
| gnu | gnutls | 1.3.3 |
| mozilla | nss | 3.6 |
| gnu | gnutls | 1.1.21 |
| gnu | gnutls | 2.4.2 |
| gnu | gnutls | 2.3.0 |
| gnu | gnutls | 1.3.2 |
| gnu | gnutls | 1.5.1 |
| openssl | openssl | 0.9.8a |
| gnu | gnutls | 1.0.19 |
| gnu | gnutls | 1.2.11 |
| openssl | openssl | 0.9.8c |
| openssl | openssl | 0.9.8f |
| mozilla | nss | 3.7.5 |
| gnu | gnutls | 1.2.9 |
| openssl | openssl | 0.9.8e |
| gnu | gnutls | 1.4.1 |
| openssl | openssl | 0.9.8d |
| openssl | openssl | 0.9.8g |
| gnu | gnutls | 1.1.22 |
| gnu | gnutls | 1.4.4 |
| gnu | gnutls | 2.1.1 |
| gnu | gnutls | 2.2.0 |
| openssl | openssl | 0.9.8h |
| mozilla | nss | 3.2.1 |
| gnu | gnutls | 1.2.0 |
| gnu | gnutls | 1.7.12 |
| gnu | gnutls | 1.1.16 |
| gnu | gnutls | 1.0.16 |
| gnu | gnutls | 1.5.0 |
| gnu | gnutls | 2.3.1 |
| openssl | openssl | 0.9.8i |
| gnu | gnutls | 1.1.20 |
| mozilla | nss | 3.6.1 |
| gnu | gnutls | 1.0.21 |
| gnu | gnutls | 1.7.14 |
| mozilla | firefox | * |
| gnu | gnutls | 1.2.7 |
| mozilla | nss | 3.11.4 |
| gnu | gnutls | 1.7.4 |
| gnu | gnutls | 1.6.2 |
| gnu | gnutls | 1.1.18 |
| gnu | gnutls | 1.6.1 |
| gnu | gnutls | 1.2.4 |
| gnu | gnutls | 1.4.5 |
| gnu | gnutls | 1.6.0 |
| gnu | gnutls | 1.2.10 |
| gnu | gnutls | 2.2.4 |
| openssl | openssl | 0.9.8b |
| gnu | gnutls | 1.1.23 |
| gnu | gnutls | 1.2.8.1a1 |
| gnu | gnutls | 2.3.8 |
| gnu | gnutls | * |
| gnu | gnutls | 2.6.1 |
| mozilla | nss | 3.4.2 |
| mozilla | nss | 3.12 |
| openssl | openssl | * |
| gnu | gnutls | 1.7.5 |
| openssl | openssl | 0.9.8 |
| gnu | gnutls | 2.0.4 |
| gnu | gnutls | 2.3.2 |
| gnu | gnutls | 1.7.18 |
The JavaScript engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) nsDOMClassInfo.cpp, (2) JS_HashTableRawLookup, and (3) MirrorWrappedNativeParent and js_LockGCThingRT.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1 pre; SeaMonkey 1.1.17; and Mozilla 1.7.x and earlier do not properly block data: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header that contains JavaScript sequences in a data:text/html URI or (2) entering a data:text/html URI with JavaScript sequences when specifying the content of a Refresh header. NOTE: in some product versions, the JavaScript executes outside of the context of the HTTP site.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | * |
| mozilla | firefox | * |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.7 |
Mozilla Firefox 3.6a1, 3.5.3, 3.5.2, and earlier 3.5.x versions, and 3.0.14 and earlier 2.x and 3.x versions, on Linux uses a predictable /tmp pathname for files selected from the Downloads window, which allows local users to replace an arbitrary downloaded file by placing a file in a /tmp location before the download occurs, related to the Download Manager component. NOTE: some of these details are obtained from third party information.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
The mail component in Mozilla SeaMonkey before 1.1.19 does not properly restrict execution of scriptable plugin content, which allows user-assisted remote attackers to obtain sensitive information via crafted content in an IFRAME element in an HTML e-mail message, as demonstrated by a Flash object that sends arbitrary local files during a reply or forward operation.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 1.1.17 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
Bugzilla 3.3.1 through 3.4.4, 3.5.1, and 3.5.2 does not allow group restrictions to be preserved throughout the process of moving a bug to a different product category, which allows remote attackers to obtain sensitive information via a request for a bug in opportunistic circumstances.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 3.5.1 |
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.3.2 |
| mozilla | bugzilla | 3.3.3 |
| mozilla | bugzilla | 3.3.1 |
| mozilla | bugzilla | 3.4 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 3.5.2 |
| mozilla | bugzilla | 3.3.4 |
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-295,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 6.0 |
| canonical | ubuntu_linux | 10.04 |
| debian | debian_linux | 4.0 |
| canonical | ubuntu_linux | 8.04 |
| debian | debian_linux | 5.0 |
| apache | http_server | * |
| canonical | ubuntu_linux | 8.10 |
| gnu | gnutls | * |
| canonical | ubuntu_linux | 9.04 |
| fedoraproject | fedora | 11 |
| canonical | ubuntu_linux | 9.10 |
| openssl | openssl | * |
| canonical | ubuntu_linux | 10.10 |
| debian | debian_linux | 7.0 |
| fedoraproject | fedora | 14 |
| f5 | nginx | * |
| debian | debian_linux | 8.0 |
| mozilla | nss | * |
| openssl | openssl | 1.0 |
| fedoraproject | fedora | 12 |
| fedoraproject | fedora | 13 |
Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly restrict read access to object properties in showModalDialog, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via crafted dialogArguments values.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Bugzilla before 3.0.11, 3.2.x before 3.2.6, 3.4.x before 3.4.5, and 3.5.x before 3.5.3 does not block access to files and directories that are used by custom installations, which allows remote attackers to obtain sensitive information via requests for (1) CVS/, (2) contrib/, (3) docs/en/xml/, (4) t/, or (5) old-params.txt.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.0.0 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.0.7 |
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 2.0 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 2.16.11 |
| mozilla | bugzilla | 2.2 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 2.18.8 |
| mozilla | bugzilla | 2.18.9 |
| mozilla | bugzilla | 3.0.9 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 3.4 |
| mozilla | bugzilla | * |
| mozilla | bugzilla | 3.5.2 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 3.0.1 |
| mozilla | bugzilla | 2.18.6+ |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 3.0.4 |
| mozilla | bugzilla | 3.2.1 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 3.5.1 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 3.0.5 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.18.5 |
| mozilla | bugzilla | 2.20.5 |
| mozilla | bugzilla | 2.22.2 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 3.0.3 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 3.5 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 3.0.6 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.18.6 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 3.0.2 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 3.0.8 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 2.20.7 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 2.18.7 |
| mozilla | bugzilla | 2.18.4 |
| mozilla | bugzilla | 2.20.6 |
Mozilla Necko, as used in Thunderbird 3.0.1, SeaMonkey, and other applications, performs DNS prefetching even when the app type is APP_TYPE_MAIL or APP_TYPE_EDITOR, which makes it easier for remote attackers to determine the network location of the application's user by logging DNS requests, as demonstrated by DNS requests triggered by reading text/plain e-mail messages in Thunderbird.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | * |
| mozilla | thunderbird | 3.0.1 |
Mozilla Necko, as used in Firefox, SeaMonkey, and other applications, performs DNS prefetching of domain names contained in links within local HTML documents, which makes it easier for remote attackers to determine the network location of the application's user by logging DNS requests. NOTE: the vendor disputes the significance of this issue, stating "I don't think we necessarily need to worry about that case."
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
Mozilla Firefox before 3.6 Beta 3 does not properly handle overlong UTF-8 encoding, which makes it easier for remote attackers to bypass cross-site scripting (XSS) protection mechanisms via a crafted string, a different vulnerability than CVE-2010-1210.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 3.6 |
The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsBlockFrame::StealFrame function in layout/generic/nsBlockFrame.cpp, and unspecified other vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 8.04 |
| mozilla | firefox | * |
| debian | debian_linux | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 8.10 |
| canonical | ubuntu_linux | 9.04 |
| canonical | ubuntu_linux | 9.10 |
The Web Worker functionality in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly handle array data types for posted messages, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.5.7 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 3.0.11 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
The nsAuthSSPI::Unwrap function in extensions/auth/nsAuthSSPI.cpp in Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 on Windows Vista, Windows Server 2008 R2, and Windows 7 allows remote SMTP, IMAP, and POP servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via crafted data in a session that uses SSPI.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 0.3 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | seamonkey | 1.0 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | seamonkey | 1.1 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly support the application/octet-stream content type as a protection mechanism against execution of web script in certain circumstances involving SVG and the EMBED element, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via an embedded SVG document.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.5.7 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 3.0.11 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted message, related to message indexing.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 0.3 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | seamonkey | 1.0 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | seamonkey | 1.1 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 2.0 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
Use-after-free vulnerability in the imgContainer::InternalAddFrameHelper function in src/imgContainer.cpp in libpr0n in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a multipart/x-mixed-replace animation in which the frames have different bits-per-pixel (bpp) values.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6 |
The TraceRecorder::traverseScopeChain function in js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via vectors involving certain indirect calls to the JavaScript eval function.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6 |
The gfxTextRun::SanitizeGlyphRuns function in gfx/thebes/src/gfxFont.cpp in the browser engine in Mozilla Firefox 3.6 before 3.6.2 on Mac OS X, when the Core Text API is used, does not properly perform certain deletions, which allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via an HTML document containing invisible Unicode characters, as demonstrated by the U+FEFF, U+FFF9, U+FFFA, and U+FFFB characters.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6 |
The browser engine in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via vectors related to (1) layout/generic/nsBlockFrame.cpp and (2) the _evaluate function in modules/plugin/base/src/nsNPAPIPlugin.cpp.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.5.7 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 3.5.3 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | seamonkey | 1.1 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | firefox | 3.0.13 |
| mozilla | thunderbird | 2.0.0.19 |
The nsDocument::MaybePreLoadImage function in content/base/src/nsDocument.cpp in the image-preloading implementation in Mozilla Firefox 3.6 before 3.6.2 does not apply scheme restrictions and policy restrictions to the image's URL, which might allow remote attackers to cause a denial of service (application crash or hang) or hijack the functionality of the browser's add-ons via a crafted SRC attribute of an IMG element, as demonstrated by remote command execution through an ssh: URL in a configuration that supports gnome-vfs with a nonstandard network.gnomevfs.supported-protocols setting.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.1 |
| mozilla | firefox | 3.6 |
The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes the case of certain strings in a stylesheet before adding this stylesheet to the XUL cache, which might allow remote attackers to modify the browser's font and other CSS attributes, and potentially disrupt rendering of a web page, by forcing the browser to perform this erroneous stylesheet caching.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.5.7 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 3.5.3 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | seamonkey | 1.1 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | firefox | 3.0.13 |
| mozilla | thunderbird | 2.0.0.19 |
Mozilla Firefox 3.6 before 3.6.2 does not offer plugins the expected window.location protection mechanism, which might allow remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via vectors that are specific to each affected plugin.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6 |
Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allow remote attackers to perform cross-origin keystroke capture, and possibly conduct cross-site scripting (XSS) attacks, by using the addEventListener and setTimeout functions in conjunction with a wrapped object. NOTE: this vulnerability exists because of an incomplete fix for CVE-2007-3736.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.5.7 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 3.5.3 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | seamonkey | 1.1 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | firefox | 3.0.13 |
| mozilla | thunderbird | 2.0.0.19 |
toolkit/components/passwordmgr/src/nsLoginManagerPrompter.js in the asynchronous Authorization Prompt implementation in Mozilla Firefox 3.6 before 3.6.2 does not properly handle concurrent authorization requests from multiple web sites, which might allow remote web servers to spoof an authorization dialog and capture credentials by demanding HTTP authentication in opportunistic circumstances.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 0.1 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 0.10.1 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 1.5.2 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | firefox | 0.6.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 0.9.1 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 0.1 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 0.10.1 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 1.5.2 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | firefox | 0.6.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 0.9.1 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Use-after-free vulnerability in the nsTreeSelection implementation in Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.9, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors that trigger a call to the handler for the select event for XUL tree items.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 0.1 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 0.10.1 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 1.5.2 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | firefox | 0.6.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 0.9.1 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 do not properly manage reference counts for option elements in a XUL tree optgroup, which might allow remote attackers to execute arbitrary code via unspecified vectors that trigger access to deleted elements, related to a "dangling pointer vulnerability."
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 0.1 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 0.10.1 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 1.5.2 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | firefox | 0.6.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 0.9.1 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, frees the contents of the window.navigator.plugins array while a reference to an array element is still active, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to a "dangling pointer vulnerability."
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 0.1 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 0.10.1 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 1.5.2 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 1.5.7 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, does not prevent applets from interpreting mouse clicks as drag-and-drop actions, which allows remote attackers to execute arbitrary JavaScript with Chrome privileges by loading a chrome: URL and then loading a javascript: URL.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 0.1 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 0.10.1 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 1.5.2 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 1.5.7 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects, which allows remote attackers to execute arbitrary JavaScript via a crafted HTTP response.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 0.1 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 0.10.1 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 1.5.2 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | firefox | 0.6.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 0.9.1 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6 and 3.7, when use_suexec is enabled, uses world-readable permissions for the localconfig files, which allows local users to read sensitive configuration fields, as demonstrated by the database password field and the site_wide_secret field.
CVSS 2.0
Severity: LOW
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.5.3 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 3.5.1 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 3.5.2 |
Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, executes a mail application in situations where an IMG element has a SRC attribute that is a redirect to a mailto: URL, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many images.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 0.1 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 0.10.1 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 1.5.2 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 1.5.7 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
The XMLDocument::load function in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 does not perform the expected nsIContentPolicy checks during loading of content by XML documents, which allows attackers to bypass intended access restrictions via crafted content.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 0.1 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 0.10.1 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 1.5.2 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | firefox | 0.6.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 0.9.1 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Use-after-free vulnerability in the nsCycleCollector::MarkRoots function in Mozilla Firefox 3.5.x before 3.5.10 and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a crafted HTML document, related to an improper frame construction process for menus.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 3.5.7 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.9 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
Mozilla Firefox, possibly before 3.6, allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets[0].href property value, related to an IFRAME element.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 permit cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers to obtain sensitive information via a crafted document.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.5.7 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 3.1 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 3.6.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.6.4 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
Integer overflow in the decompression functionality in the Web Open Fonts Format (WOFF) decoder in Mozilla Firefox 3.6 before 3.6.2 and 3.7 before 3.7 alpha 3 allows remote attackers to execute arbitrary code via a crafted WOFF file that triggers a buffer overflow, as demonstrated by the vd_ff module in VulnDisco 9.0.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.1 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.7 |
Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes of DOM nodes that are moved from one document to another, which allows remote attackers to conduct use-after-free attacks and execute arbitrary code via unspecified vectors involving improper interaction with garbage collection, as demonstrated by Nils during a Pwn2Own competition at CanSecWest 2010.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.1 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.6.2 |
Unspecified vulnerability in Mozilla Firefox 3.5.x through 3.5.8 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly have unknown other impact via vectors that might involve compressed data, a different vulnerability than CVE-2010-1028.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 3.5.1 |
The JavaScript implementation in Mozilla Firefox 3.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via certain calls to the focus method.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.5.7 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 3.6.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 3.0.11 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 2.0a1 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a heap-based buffer overflow.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, does not properly handle situations in which both "Content-Disposition: attachment" and "Content-Type: multipart" are present in HTTP headers, which allows remote attackers to conduct cross-site scripting (XSS) attacks via an uploaded HTML document.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 3.5.7 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.9 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to execute arbitrary code via vectors involving multiple plugin instances.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 3.5.7 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.9 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.10, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
The JavaScript engine in Mozilla Firefox 3.6.x before 3.6.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger an assertion failure in jstracer.cpp.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 3.6.2 |
Search.pm in Bugzilla 2.17.1 through 3.2.6, 3.3.1 through 3.4.6, 3.5.1 through 3.6, and 3.7 allows remote attackers to obtain potentially sensitive time-tracking information via a crafted search URL, related to a "boolean chart search."
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.5.1 |
| mozilla | bugzilla | 3.0.7 |
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.0.5 |
| mozilla | bugzilla | 3.0.10 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 3.0 |
| mozilla | bugzilla | 3.5.3 |
| mozilla | bugzilla | 3.0.3 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 3.1.3 |
| mozilla | bugzilla | 3.3.3 |
| mozilla | bugzilla | 3.0.6 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 3.0.11 |
| mozilla | bugzilla | 3.1.1 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 3.1.4 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 3.0.9 |
| mozilla | bugzilla | 3.3.1 |
| mozilla | bugzilla | 3.4 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 3.5.2 |
| mozilla | bugzilla | 3.0.2 |
| mozilla | bugzilla | 3.3.4 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 3.0.8 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 3.0.1 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 3.1.2 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 3.0.4 |
| mozilla | bugzilla | 3.2.1 |
Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| canonical | ubuntu_linux | 8.04 |
| canonical | ubuntu_linux | 6.06 |
| debian | debian_linux | 5.0 |
| apple | safari | * |
| apple | mac_os_x_server | * |
| opensuse | opensuse | 11.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| vmware | workstation | * |
| opensuse | opensuse | 11.1 |
| vmware | player | * |
| apple | mac_os_x | * |
| suse | linux_enterprise_server | 11 |
| fedoraproject | fedora | 13 |
| suse | linux_enterprise_server | 9 |
| chrome | * | |
| libpng | libpng | * |
| apple | iphone_os | * |
| canonical | ubuntu_linux | 9.04 |
| canonical | ubuntu_linux | 9.10 |
| apple | itunes | * |
| suse | linux_enterprise_server | 10 |
| fedoraproject | fedora | 12 |
The startDocumentLoad function in browser/base/content/browser.js in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, does not properly implement the Same Origin Policy in certain circumstances related to the about:blank document and a document that is currently loading, which allows (1) remote web servers to conduct spoofing attacks via vectors involving a 204 (aka No Content) status code, and allows (2) remote attackers to conduct spoofing attacks via vectors involving a window.stop call.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.5.7 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 3.6.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.6.4 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 do not properly implement read restrictions for CANVAS elements, which allows remote attackers to obtain sensitive cross-origin information via vectors involving reference retention and node deletion.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 3.6.4 |
Use-after-free vulnerability in the attribute-cloning functionality in the DOM implementation in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via vectors related to deletion of an event attribute node with a nonzero reference count.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
Use-after-free vulnerability in the NodeIterator implementation in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via a crafted NodeFilter that detaches DOM nodes, related to the NodeIterator interface and a javascript callback.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.5.7 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 3.6.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.6.4 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
intl/uconv/util/nsUnicodeDecodeHelper.cpp in Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 inserts a U+FFFD sequence into text in certain circumstances involving undefined positions, which might make it easier for remote attackers to conduct cross-site scripting (XSS) attacks via crafted 8-bit text.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 2.0.0.15 |
| mozilla | firefox | 3.5.7 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.6.1 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 0.1 |
| mozilla | thunderbird | 0.1 |
| mozilla | thunderbird | 2.0.0.13 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 0.3 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 1.5.2 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | firefox | 3.0.19 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 3.2 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 3.6.2 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.1 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | firefox | 0.6.1 |
| mozilla | thunderbird | 2.0.0.20 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 0.9.1 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 2.0.0.21 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.5.7 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 3.1 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 3.6.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.6.4 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) propagation of deep aborts in the TraceRecorder::record_JSOP_BINDNAME function, (2) depth handling in the TraceRecorder::record_JSOP_GETELEM function, and (3) tracing of out-of-range arguments in the TraceRecorder::record_JSOP_ARGSUB function.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.1 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 3.6.2 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.6.6 |
The importScripts Web Worker method in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not verify that content is valid JavaScript code, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted HTML document.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.5.7 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 3.1 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 3.6.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.6 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.6.4 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via plugin content with many parameter elements.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.5.7 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 3.6.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.6.4 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 do not properly implement access to a content object through a SafeJSObjectWrapper (aka SJOW) wrapper, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging "access to an object from the chrome scope."
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.1 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 3.6.2 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.6.6 |
The nsIScriptableUnescapeHTML.parseFragment method in the ParanoidFragmentSink protection mechanism in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 does not properly sanitize HTML in a chrome document, which makes it easier for remote attackers to execute arbitrary JavaScript with chrome privileges via a javascript: URI in input to an extension, as demonstrated by a javascript:alert sequence in (1) the HREF attribute of an A element or (2) the ACTION attribute of a FORM element.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service (memory consumption and application crash) via JavaScript code that creates multiple arrays containing elements with long string values, and then appends long strings to the content of a P element, related to the gfxWindowsFontGroup::MakeTextRun function in xul.dll, a different vulnerability than CVE-2009-1571.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.3 |
Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service (memory consumption, out-of-bounds read, and application crash) via JavaScript code that appends long strings to the content of a P element, and performs certain other string concatenation and substring operations, related to the DoubleWideCharMappedString class in USP10.dll and the gfxWindowsFontGroup::GetUnderlineOffset function in xul.dll, a different vulnerability than CVE-2009-1571.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.3 |
Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via JavaScript code that performs certain string concatenation and substring operations, a different vulnerability than CVE-2009-1571.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.3 |
Mozilla Firefox 3.6.x, 3.5.x, 3.0.19, and earlier, and SeaMonkey, executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many IFRAME elements.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 3.6.1 |
| mozilla | seamonkey | * |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox 3.0.19, 3.5.x, and 3.6.x allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid (1) news:// or (2) nntp:// URIs.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 3.0.19 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 3.5.9 |
Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6.1 and 3.7 through 3.7.1, when use_suexec is enabled, uses world-readable permissions within (1) .bzr/ and (2) data/webdot/, which allows local users to obtain potentially sensitive data by reading files in these directories, a different vulnerability than CVE-2010-0180.
CVSS 2.0
Severity: LOW
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.5.3 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 3.5.1 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 3.5.2 |
The nsDocShell::OnRedirectStateChange function in docshell/base/nsDocShell.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to spoof the SSL security status of a document via vectors involving multiple requests, a redirect, and the history.back and history.forward JavaScript functions.
CVSS 2.0
Severity: LOW
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.5.7 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 3.6.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.6.4 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
Integer overflow in an array class in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code by placing many Cascading Style Sheets (CSS) values in an array, related to references to external font resources and an inconsistency between 16-bit and 32-bit integers.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.5.7 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 3.1 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 3.6.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.6.4 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code via a large selection attribute in a XUL tree element, which triggers a use-after-free.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-190,CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| opensuse | opensuse | 11.2 |
| suse | linux_enterprise_software_development_kit | 11 |
| mozilla | firefox | * |
| opensuse | opensuse | 11.3 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| opensuse | opensuse | 11.1 |
| mozilla | thunderbird | 3.1 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppress a script's URL in certain circumstances involving a redirect and an error message, which allows remote attackers to obtain sensitive information about script parameters via a crafted HTML document, related to the window.onerror handler.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.5.7 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 3.1 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 3.6.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.6.4 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted HTML document, related to the DATA and SRC attributes of an OBJECT element. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-1214.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.7 |
Search.pm in Bugzilla 2.19.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 allows remote attackers to determine the group memberships of arbitrary users via vectors involving the Search interface, boolean charts, and group-based pronouns.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.0.0 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.0.7 |
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.1.0 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.23.4 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 2.2 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 3.1.3 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 3.0.11 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 2.23 |
| mozilla | bugzilla | 3.3.2 |
| mozilla | bugzilla | 3.0.9 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 2.21.1 |
| mozilla | bugzilla | 3.5.2 |
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 3.0.1 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 3.1.2 |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 3.0.4 |
| mozilla | bugzilla | 3.5.1 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 3.0.5 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 3.0.10 |
| mozilla | bugzilla | 2.20.5 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 3.0 |
| mozilla | bugzilla | 3.5.3 |
| mozilla | bugzilla | 3.0.3 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 3.3.3 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 3.0.6 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 3.1.1 |
| mozilla | bugzilla | 2.9 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 2.23.1 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 2.23.3 |
| mozilla | bugzilla | 2.23.2 |
| mozilla | bugzilla | 3.3.1 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 3.0.2 |
| mozilla | bugzilla | 3.3.4 |
| mozilla | bugzilla | 3.0.8 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 2.20.7 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 2.20.6 |
| mozilla | bugzilla | 2.21.2 |
The sudo feature in Bugzilla 2.22rc1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 does not properly send impersonation notifications, which makes it easier for remote authenticated users to impersonate other users without discovery.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.0.0 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.0.7 |
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.1.0 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 2.23.4 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 3.1.3 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 3.0.11 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 2.23 |
| mozilla | bugzilla | 3.3.2 |
| mozilla | bugzilla | 3.0.9 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 3.5.2 |
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 3.0.1 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 3.1.2 |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 3.0.4 |
| mozilla | bugzilla | 3.5.1 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 3.0.5 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 3.0.10 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 3.0 |
| mozilla | bugzilla | 3.5.3 |
| mozilla | bugzilla | 3.0.3 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 3.3.3 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 3.0.6 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 3.1.1 |
| mozilla | bugzilla | 2.9 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 2.23.1 |
| mozilla | bugzilla | 2.23.3 |
| mozilla | bugzilla | 2.23.2 |
| mozilla | bugzilla | 3.3.1 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 3.0.2 |
| mozilla | bugzilla | 3.3.4 |
| mozilla | bugzilla | 3.0.8 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 3.2.6 |
Bugzilla 2.17.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 generates different error messages depending on whether a product exists, which makes it easier for remote attackers to guess product names via unspecified use of the (1) Reports or (2) Duplicates page.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.0.0 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.0.7 |
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.1.0 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.23.4 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 2.2 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 3.1.3 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 3.0.11 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 2.18.8 |
| mozilla | bugzilla | 2.23 |
| mozilla | bugzilla | 2.18.9 |
| mozilla | bugzilla | 3.3.2 |
| mozilla | bugzilla | 3.0.9 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 2.21.1 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 3.5.2 |
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 3.0.1 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 2.18.6+ |
| mozilla | bugzilla | 3.1.2 |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 2.17.2 |
| mozilla | bugzilla | 3.0.4 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 3.5.1 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 3.0.5 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 3.0.10 |
| mozilla | bugzilla | 2.18.5 |
| mozilla | bugzilla | 2.20.5 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 3.0 |
| mozilla | bugzilla | 3.5.3 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 3.0.3 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 3.3.3 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 3.0.6 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 3.1.1 |
| mozilla | bugzilla | 2.9 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 2.23.1 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 2.23.3 |
| mozilla | bugzilla | 2.23.2 |
| mozilla | bugzilla | 3.3.1 |
| mozilla | bugzilla | 2.18.6 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 3.0.2 |
| mozilla | bugzilla | 3.3.4 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 3.0.8 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.20.7 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 2.18.7 |
| mozilla | bugzilla | 2.18.4 |
| mozilla | bugzilla | 2.20.6 |
| mozilla | bugzilla | 2.21.2 |
Bugzilla 2.23.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2, when PostgreSQL is used, does not properly handle large integers in (1) bug and (2) attachment phrases, which allows remote authenticated users to cause a denial of service (bug invisibility) via a crafted comment.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.0.0 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.0.7 |
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.1.0 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 2.23.4 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 3.1.3 |
| mozilla | bugzilla | 3.0.11 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 3.3.2 |
| mozilla | bugzilla | 3.0.9 |
| mozilla | bugzilla | 3.5.2 |
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 3.0.1 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 3.1.2 |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 3.0.4 |
| mozilla | bugzilla | 3.5.1 |
| mozilla | bugzilla | 3.0.5 |
| mozilla | bugzilla | 3.0.10 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 3.0 |
| mozilla | bugzilla | 3.5.3 |
| mozilla | bugzilla | 3.0.3 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 3.3.3 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 3.0.6 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 3.1.1 |
| mozilla | bugzilla | 2.9 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 2.23.1 |
| mozilla | bugzilla | 2.23.3 |
| mozilla | bugzilla | 2.23.2 |
| mozilla | bugzilla | 3.3.1 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 3.0.2 |
| mozilla | bugzilla | 3.3.4 |
| mozilla | bugzilla | 3.0.8 |
| mozilla | bugzilla | 3.2.6 |
Use-after-free vulnerability in the nsTreeSelection function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via vectors involving a XUL tree selection, related to a "dangling pointer vulnerability." NOTE: this issue exists because of an incomplete fix for CVE-2010-2753.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) implementation in Mozilla Firefox 3.6.x before 3.6.9 and Thunderbird 3.1.x before 3.1.3 does not properly restrict objects at the end of scope chains, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via vectors related to a chrome privileged object and a chain ending in an outer object.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 3.6.2 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 3.1.2 |
The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) implementation in Mozilla Firefox before 3.5.12, Thunderbird before 3.0.7, and SeaMonkey before 2.0.7 does not properly restrict scripted functions, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted function.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 1.5.2 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict read access to the statusText property of XMLHttpRequest objects, which allows remote attackers to discover the existence of intranet web servers via cross-origin requests.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
Integer overflow in the FRAMESET element implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a large number of values in the cols (aka columns) attribute, leading to a heap-based buffer overflow.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
The normalizeDocument function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle the removal of DOM nodes during normalization, which might allow remote attackers to execute arbitrary code via vectors involving access to a deleted object.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
The navigator.plugins implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle destruction of the DOM plugin array, which might allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via crafted access to the navigator object, related to a "dangling pointer vulnerability."
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict use of the type attribute of an OBJECT element to set a document's charset, which allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms via UTF-7 encoding.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allows user-assisted remote attackers to inject arbitrary web script or HTML via a selection that is added to a document in which the designMode property is enabled.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 on Mac OS X allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted font in a data: URL.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 0.1 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 0.10 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 0.7 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 0.2 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
Untrusted search path vulnerability in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 on Windows XP allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .htm, .html, .jtx, .mfp, or .eml file.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
Heap-based buffer overflow in the nsTextFrameUtils::TransformText function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a bidirectional text run.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
The nsTreeContentView function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle node removal in XUL trees, which allows remote attackers to execute arbitrary code via vectors involving access to deleted memory, related to a "dangling pointer vulnerability."
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict the role of property changes in triggering XUL tree removal, which allows remote attackers to cause a denial of service (deleted memory access and application crash) or possibly execute arbitrary code by setting unspecified properties.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.10 through 3.5.11, 3.6.4 through 3.6.8, and 4.0 Beta1 uses a random number generator that is seeded only once per document object, which makes it easier for remote attackers to track a user, or trick a user into acting upon a spoofed pop-up message, by calculating the seed value, related to a "temporary footprint" and an "in-session phishing attack." NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-5913.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.6 |
CRLF injection vulnerability in Bugzilla before 3.2.9, 3.4.x before 3.4.9, 3.6.x before 3.6.3, and 4.0.x before 4.0rc1, when Server Push is enabled in a web browser, allows remote attackers to inject arbitrary HTTP headers and content, and conduct HTTP response splitting attacks, via a crafted URL.
CVSS 2.0
Severity: LOW
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 2.0 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.23.4 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 2.16.11 |
| mozilla | bugzilla | 2.2 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 3.6.0 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 2.18.8 |
| mozilla | bugzilla | 2.23 |
| mozilla | bugzilla | 2.18.9 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 2.21.1 |
| mozilla | bugzilla | * |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 2.18.6+ |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 2.17.2 |
| mozilla | bugzilla | 3.2.1 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.16_rc2 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 3.4.8 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.18.5 |
| mozilla | bugzilla | 2.20.5 |
| mozilla | bugzilla | 2.22.2 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 2.9 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 2.23.1 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 2.23.3 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.23.2 |
| mozilla | bugzilla | 2.18.6 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.20.7 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 4.0 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 2.18.7 |
| mozilla | bugzilla | 2.18.4 |
| mozilla | bugzilla | 2.20.6 |
| mozilla | bugzilla | 2.21.2 |
The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly set the minimum key length for Diffie-Hellman Ephemeral (DHE) mode, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.14, Thunderbird before 3.0.9, and SeaMonkey before 2.0.9 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | thunderbird | 2.0 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 3.5.12 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | thunderbird | 0.6 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.11 and Thunderbird 3.1.x before 3.1.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.6 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | firefox | 3.6.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | firefox | 3.6.6 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | thunderbird | 2.0 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 3.6.8 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 3.6.9 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
Multiple cross-site scripting (XSS) vulnerabilities in the Gopher parser in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, and SeaMonkey before 2.0.9, allow remote attackers to inject arbitrary web script or HTML via a crafted name of a (1) file or (2) directory on a Gopher server.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 do not properly handle certain modal calls made by javascript: URLs in circumstances related to opening a new window and performing cross-domain navigation, which allows remote attackers to bypass the Same Origin Policy via a crafted HTML document.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
Stack-based buffer overflow in the text-rendering functionality in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a long argument to the document.write method.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
Use-after-free vulnerability in the nsBarProp function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code by accessing the locationbar property of a closed window.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
Untrusted search path vulnerability in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
The LookupGetterOrSetter function in js3250.dll in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly support window.__lookupGetter__ function calls that lack arguments, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference and application crash) via vectors involving a "dangling pointer" and the JS_ValueToId function.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
The js_InitRandom function in the JavaScript implementation in Mozilla Firefox 3.5.10 through 3.5.11, 3.6.4 through 3.6.8, and 4.0 Beta1 uses a context pointer in conjunction with its successor pointer for seeding of a random number generator, which makes it easier for remote attackers to guess the seed value via a brute-force attack, a different vulnerability than CVE-2010-3171.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.6 |
The js_InitRandom function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, uses the current time for seeding of a random number generator, which makes it easier for remote attackers to guess the seed value via a brute-force attack, a different vulnerability than CVE-2008-5913.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.5.7 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.9 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
The Old Charts implementation in Bugzilla 2.12 through 3.2.8, 3.4.8, 3.6.2, 3.7.3, and 4.1 creates graph files with predictable names in graphs/, which allows remote attackers to obtain sensitive information via a modified URL.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.23.4 |
| mozilla | bugzilla | 2.16.11 |
| mozilla | bugzilla | 2.2 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 2.18.8 |
| mozilla | bugzilla | 2.23 |
| mozilla | bugzilla | 2.18.9 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 2.21.1 |
| mozilla | bugzilla | 3.7.3 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 2.18.6+ |
| mozilla | bugzilla | 3.2.8 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 2.17.2 |
| mozilla | bugzilla | 3.2.1 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.16_rc2 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 3.4.8 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.18.5 |
| mozilla | bugzilla | 2.20.5 |
| mozilla | bugzilla | 2.22.2 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 4.1 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 2.9 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 2.23.1 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 2.23.3 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.23.2 |
| mozilla | bugzilla | 2.18.6 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.20.7 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 2.18.7 |
| mozilla | bugzilla | 2.18.4 |
| mozilla | bugzilla | 2.20.6 |
| mozilla | bugzilla | 2.21.2 |
Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | firefox | 3.5.13 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | firefox | 3.5.4 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 3.6.9 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
Use-after-free vulnerability in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via vectors involving a change to an nsDOMAttribute node.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Integer overflow in the NewIdArray function in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via a JavaScript array with many elements.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate downloadable fonts before use within an operating system's font implementation, which allows remote attackers to execute arbitrary code via vectors related to @font-face Cascading Style Sheets (CSS) rules.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
The line-breaking implementation in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 on Windows does not properly handle long strings, which allows remote attackers to execute arbitrary code via a crafted document.write call that triggers a buffer over-read.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.6.1 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 0.1 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 0.10 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 0.7 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 0.2 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | firefox | 0.9.2 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
Multiple cross-site scripting (XSS) vulnerabilities in the rendering engine in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allow remote attackers to inject arbitrary web script or HTML via (1) x-mac-arabic, (2) x-mac-farsi, or (3) x-mac-hebrew characters that may be converted to angle brackets during rendering.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 0.1 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 0.10.1 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 1.8 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle injection of an ISINDEX element into an about:blank page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via vectors related to redirection to a chrome: URI.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 0.1 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 0.10.1 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 1.8 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly calculate index values for certain child content in a XUL tree, which allows remote attackers to execute arbitrary code via vectors involving a DIV element within a treechildren element.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 0.1 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 0.10.1 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 1.8 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects, which allows remote attackers to execute arbitrary JavaScript via a crafted HTTP response. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-0179.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 0.1 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 0.10.1 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 1.8 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
The NS_SecurityCompareURIs function in netwerk/base/public/nsNetUtil.h in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle (1) about:neterror and (2) about:certerror pages, which allows remote attackers to spoof the location bar via a crafted web site.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 0.1 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 0.10.1 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 1.8 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle certain redirections involving data: URLs and Java LiveConnect scripts, which allows remote attackers to start processes, read arbitrary local files, and establish network connections via vectors involving a refresh value in the http-equiv attribute of a META element, which causes the wrong security principal to be used.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 0.1 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 0.10.1 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 1.8 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
Unspecified vulnerability in Mozilla Firefox 3.6.x before 3.6.13 and Thunderbird 3.1.x before 3.1.7 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.6 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | firefox | 3.6.1 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 3.6.9 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.6.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | firefox | 3.6.6 |
Unspecified vulnerability in Mozilla Firefox 3.5.x before 3.5.16, Thunderbird before 3.0.11, and SeaMonkey before 2.0.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 2.0.0.15 |
| mozilla | firefox | 3.5.7 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | thunderbird | 2.0.0.13 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | thunderbird | 2.0 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | firefox | 3.5.15 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 2.0.0.20 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | thunderbird | 0.6 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
The WebSockets implementation in Mozilla Firefox 4 through 4.0 Beta 7 does not properly perform proxy upgrade negotiation, which has unspecified impact and remote attack vectors, related to an "inherent problem" with the WebSocket specification.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 4.0 |
Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 does not properly handle whitespace preceding a (1) javascript: or (2) data: URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the URL (aka bug_file_loc) field.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 2.23.4 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 2.2 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 2.18.9 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 2.21.1 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 3.2.8 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 3.2.1 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.18.5 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 2.9 |
| mozilla | bugzilla | 2.23.1 |
| mozilla | bugzilla | 2.23.3 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.23.2 |
| mozilla | bugzilla | 2.18.6 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.20.7 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 2.18.4 |
| mozilla | bugzilla | 2.20.6 |
| mozilla | bugzilla | 2.21.2 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 2.0 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.16.11 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 3.6.0 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 2.18.8 |
| mozilla | bugzilla | 2.23 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | * |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 2.18.6+ |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 2.17.2 |
| mozilla | bugzilla | 2.16_rc2 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 3.4.8 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.20.5 |
| mozilla | bugzilla | 2.22.2 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 3.4.9 |
| mozilla | bugzilla | 4.0 |
| mozilla | bugzilla | 2.18.7 |
Bugzilla 2.14 through 2.22.7; 3.0.x, 3.1.x, and 3.2.x before 3.2.10; 3.4.x before 3.4.10; 3.6.x before 3.6.4; and 4.0.x before 4.0rc2 does not properly generate random values for cookies and tokens, which allows remote attackers to obtain access to arbitrary accounts via unspecified vectors, related to an insufficient number of calls to the srand function.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.0.0 |
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 3.2.9 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 3.1.3 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 3.0.11 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 3.0.9 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 2.21.1 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 3.0.1 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 3.2.8 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 3.0.4 |
| mozilla | bugzilla | 3.2.1 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 3.0.5 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 3.0.10 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.18.5 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 3.0 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 3.0.3 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 2.18.6 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 3.0.2 |
| mozilla | bugzilla | 3.0.8 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.20.7 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 2.18.4 |
| mozilla | bugzilla | 2.20.6 |
| mozilla | bugzilla | 2.21.2 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.0.7 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.1.0 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.16.11 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 3.6.0 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 3.1.4 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 3.4 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 2.18.6+ |
| mozilla | bugzilla | 3.1.2 |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 3.4.8 |
| mozilla | bugzilla | 2.20.5 |
| mozilla | bugzilla | 2.22.2 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 3.0.6 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 3.1.1 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 3.4.9 |
| mozilla | bugzilla | 4.0 |
Cross-site scripting (XSS) vulnerability in Bugzilla 3.7.1, 3.7.2, 3.7.3, and 4.0rc1 allows remote attackers to inject arbitrary web script or HTML via the real name field of a user account, related to the AutoComplete widget in YUI.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 4.0 |
| mozilla | bugzilla | 3.7.3 |
Cross-site scripting (XSS) vulnerability in the duplicate-detection functionality in Bugzilla 3.7.1, 3.7.2, 3.7.3, and 4.0rc1 allows remote attackers to inject arbitrary web script or HTML via the summary field, related to the DataTable widget in YUI.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 4.0 |
| mozilla | bugzilla | 3.7.3 |
CRLF injection vulnerability in chart.cgi in Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the query string, a different vulnerability than CVE-2010-2761 and CVE-2010-4411.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 2.23.4 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 2.2 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 2.18.9 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 2.21.1 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 3.2.8 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 3.2.1 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.18.5 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 2.9 |
| mozilla | bugzilla | 2.23.1 |
| mozilla | bugzilla | 2.23.3 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.23.2 |
| mozilla | bugzilla | 2.18.6 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.20.7 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 2.18.4 |
| mozilla | bugzilla | 2.20.6 |
| mozilla | bugzilla | 2.21.2 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 2.0 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.16.11 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 3.6.0 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 2.18.8 |
| mozilla | bugzilla | 2.23 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | * |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 2.18.6+ |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 2.17.2 |
| mozilla | bugzilla | 2.16_rc2 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 3.4.8 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.20.5 |
| mozilla | bugzilla | 2.22.2 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 3.4.9 |
| mozilla | bugzilla | 4.0 |
| mozilla | bugzilla | 2.18.7 |
The layout engine in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 executes different code for visited and unvisited links during the processing of Cascading Style Sheets (CSS) token sequences, which makes it easier for remote attackers to obtain sensitive information about visited web pages via a timing attack.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.6.1 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 3.0.1 |
| mozilla | thunderbird | 3.1.14 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | thunderbird | 3.1.13 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 2.0a1 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 3.6.18 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 3.6.16 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 3.6.20 |
| mozilla | thunderbird | 3.1.12 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | thunderbird | 3.1.15 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | firefox | 3.6.19 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | firefox | 3.6.15 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Multiple cross-site request forgery (CSRF) vulnerabilities in Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 allow remote attackers to hijack the authentication of arbitrary users for requests related to (1) adding a saved search in buglist.cgi, (2) voting in votes.cgi, (3) sanity checking in sanitycheck.cgi, (4) creating or editing a chart in chart.cgi, (5) column changing in colchange.cgi, and (6) adding, deleting, or approving a quip in quips.cgi.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 2.23.4 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 2.2 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 2.18.9 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 2.21.1 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 3.2.8 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 3.2.1 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.18.5 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 2.9 |
| mozilla | bugzilla | 2.23.1 |
| mozilla | bugzilla | 2.23.3 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.23.2 |
| mozilla | bugzilla | 2.18.6 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.20.7 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 2.18.4 |
| mozilla | bugzilla | 2.20.6 |
| mozilla | bugzilla | 2.21.2 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 2.0 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.16.11 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 3.6.0 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 2.18.8 |
| mozilla | bugzilla | 2.23 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | * |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 2.18.6+ |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 2.17.2 |
| mozilla | bugzilla | 2.16_rc2 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 3.4.8 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.20.5 |
| mozilla | bugzilla | 2.22.2 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 3.4.9 |
| mozilla | bugzilla | 4.0 |
| mozilla | bugzilla | 2.18.7 |
Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 creates a clickable link for a (1) javascript: or (2) data: URI in the URL (aka bug_file_loc) field, which allows remote attackers to conduct cross-site scripting (XSS) attacks against logged-out users via a crafted URI.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 2.23.4 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 2.2 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 2.18.9 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 2.21.1 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 3.2.8 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 3.2.1 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.18.5 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 2.9 |
| mozilla | bugzilla | 2.23.1 |
| mozilla | bugzilla | 2.23.3 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.23.2 |
| mozilla | bugzilla | 2.18.6 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.20.7 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 2.18.4 |
| mozilla | bugzilla | 2.20.6 |
| mozilla | bugzilla | 2.21.2 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 2.0 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.16.11 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 3.6.0 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 2.18.8 |
| mozilla | bugzilla | 2.23 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | * |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 2.18.6+ |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 2.17.2 |
| mozilla | bugzilla | 2.16_rc2 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 3.4.8 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.20.5 |
| mozilla | bugzilla | 2.22.2 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 3.4.9 |
| mozilla | bugzilla | 4.0 |
| mozilla | bugzilla | 2.18.7 |
Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, does not properly handle certain recursive eval calls, which makes it easier for remote attackers to force a user to respond positively to a dialog question, as demonstrated by a question about granting privileges.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
Buffer overflow in the JavaScript engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via vectors involving non-local JavaScript variables, aka an "upvarMap" issue.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Use-after-free vulnerability in the JSON.stringify method in js3250.dll in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via unspecified vectors related to the js_HasOwnProperty function and garbage collection.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Buffer overflow in the JavaScript engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via vectors involving exception timing and a large number of string values, aka an "atom map" issue.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Use-after-free vulnerability in the Web Workers implementation in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to execute arbitrary code via vectors related to a JavaScript Worker and garbage collection.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Buffer overflow in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a long string that triggers construction of a long text run.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Cross-site request forgery (CSRF) vulnerability in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to hijack the authentication of arbitrary users for requests that were initiated by a plugin and received a 307 redirect to a page on a different web site.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Buffer overflow in Mozilla Firefox 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 3.6.13 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | thunderbird | 2.0 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 3.6 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 3.6.9 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.14 and Thunderbird 3.1.x before 3.1.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.6 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 3.6.9 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.6.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | firefox | 3.6.6 |
The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does not verify that memory reallocations succeed, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via crafted OpenType font data that triggers use of an incorrect index.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| gnome | pango | 1.28.3 |
Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mChannel.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.6.15 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mObserverList.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.6.15 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly implement autocompletion for forms, which allows remote attackers to read form history entries via a Java applet that spoofs interaction with the autocomplete controls.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.6.15 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0070.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 3.5.16 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.5.18 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.5.17 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 3.6.13 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 2.0 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | firefox | 3.5.15 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 3.6.16 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 3.6.15 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 3.6.9 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0069.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 3.5.16 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.5.18 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.5.17 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 3.6.13 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 2.0 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | firefox | 3.5.15 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 3.6.16 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 3.6.15 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 3.6.9 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
Directory traversal vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 on Windows allows remote attackers to determine the existence of arbitrary files, and possibly load resources, via vectors involving a resource: URL.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 3.5.16 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.15 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0074, CVE-2011-0075, CVE-2011-0077, and CVE-2011-0078.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 3.5.16 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.5.18 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.5.17 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 3.6.13 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 2.0 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | firefox | 3.5.15 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 3.6.16 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 3.6.15 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 3.6.9 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly use nsTreeRange data structures, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "dangling pointer."
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.6.15 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0075, CVE-2011-0077, and CVE-2011-0078.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 3.5.16 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.5.18 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.5.17 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 3.6.13 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 2.0 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | firefox | 3.5.15 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 3.6.16 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 3.6.15 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 3.6.9 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0077, and CVE-2011-0078.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 3.5.16 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.5.18 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.5.17 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 3.6.13 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 2.0 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | firefox | 3.5.15 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 3.6.16 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 3.6.15 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 3.6.9 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
Unspecified vulnerability in the Java Embedding Plugin (JEP) in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, on Mac OS X allows remote attackers to bypass intended access restrictions via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.6.15 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0075, and CVE-2011-0078.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 3.5.16 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.5.18 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.5.17 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 3.6.13 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 2.0 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | firefox | 3.5.15 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 3.6.16 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 3.6.15 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 3.6.9 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0075, and CVE-2011-0077.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 3.5.16 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.5.18 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.5.17 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 3.6.13 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 2.0 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | firefox | 3.5.15 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 3.6.16 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 3.6.15 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 3.6.9 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x before 4.0.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to gfx/layers/d3d10/ReadbackManagerD3D10.cpp and unknown other vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 4.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 3.5.16 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.5.18 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.5.17 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 3.6.13 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 2.0 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | firefox | 3.5.15 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 3.6.16 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 3.6.15 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 3.6.9 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.17 and 4.x before 4.0.1, and Thunderbird 3.1.x before 3.1.10, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.6.16 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 3.6.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.15 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 3.6.9 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | firefox | 3.6.12 |
| mozilla | thunderbird | 3.1.9 |
The X.509 certificate validation functionality in Mozilla Firefox 4.0.x through 4.0.1 does not properly implement single-session security exceptions, which might make it easier for user-assisted remote attackers to spoof an SSL server via an untrusted certificate that triggers potentially unwanted local caching of documents from that server.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 4.0 |
Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a user-supplied callback.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 3.5.16 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 3.5.19 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.15 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox before 3.6.20, and 4.x through 5; Thunderbird 3.x before 3.1.12 and other versions before 6; SeaMonkey 2.x before 2.3; and possibly other products does not properly handle SVG text, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "dangling pointer."
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 3.5.16 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.5.18 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 3.5.19 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 3.6.18 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | thunderbird | 3.1.8 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | firefox | 1.5.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Use-after-free vulnerability in the nsXULCommandDispatcher function in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via a crafted XUL document that dequeues the current command updater.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 3.5.16 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 3.5.19 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.15 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak."
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| chrome | * |
The Program::getActiveUniformMaxLength function in libGLESv2/Program.cpp in libGLESv2.dll in the WebGLES library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox 4.x before 4.0.1 on Windows and in the GPU process in Google Chrome before 10.0.648.205 on Windows, allows remote attackers to execute arbitrary code via unspecified vectors, related to an "off-by-three" error.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| chrome | * | |
| mozilla | firefox | 4.0 |
The txXPathNodeUtils::getXSLTId function in txMozillaXPathTreeWalker.cpp and txStandaloneXPathTreeWalker.cpp in Mozilla Firefox before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1, and SeaMonkey before 2.0.14, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.6.15 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 do not distinguish between cookies for two domain names that differ only in a trailing dot, which allows remote web servers to bypass the Same Origin Policy via Set-Cookie headers.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 3.5.16 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 3.5.19 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.15 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
Use-after-free vulnerability in the nsSVGPointList::AppendElement function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a user-supplied callback.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 3.5.16 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 3.5.19 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.15 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2365.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | thunderbird | 0.1 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 0.3 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 3.6.13 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | thunderbird | 2.0 |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | firefox | 3.6.12 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 3.6.16 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 3.6.2 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 3.6.15 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 3.6.9 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.21 |
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2364.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | thunderbird | 0.1 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 0.3 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 3.6.13 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | thunderbird | 2.0 |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | firefox | 3.6.12 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 3.6.16 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 3.6.2 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 3.6.15 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 3.6.9 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.21 |
Mozilla Gecko before 5.0, as used in Firefox before 5.0 and Thunderbird before 5.0, does not block use of a cross-domain image as a WebGL texture, which allows remote attackers to obtain approximate copies of arbitrary images via a timing attack involving a crafted WebGL fragment shader.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | gecko | 1.7 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 0.1 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 0.3 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | gecko | 1.8 |
| mozilla | gecko | 1.9.2 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | gecko | 1.8.1 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 0.10 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | firefox | 0.7 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | gecko | * |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | gecko | 1.9 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | gecko | 1.9.1 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | firefox | 0.9.2 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | firefox | 3.0.13 |
The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not properly restrict read operations, which allows remote attackers to obtain sensitive information from GPU memory associated with an arbitrary process, or cause a denial of service (application crash), via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 4.0 |
The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not properly restrict write operations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 4.0 |
Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x through 4.0.1 allows remote attackers to inject arbitrary web script or HTML via an SVG element containing an HTML-encoded entity.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 4.0 |
Mozilla Firefox before 5.0 does not properly enforce the whitelist for the xpinstall functionality, which allows remote attackers to trigger an installation dialog for a (1) add-on or (2) theme via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.5.18 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Integer overflow in the Array.reduceRight method in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via vectors involving a long JavaScript Array object.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 3.5.16 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 3.5.19 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent the starting of a download in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site.
CVSS 2.0
Severity: LOW
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | thunderbird | 2.0.0.15 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | firefox | 6.0 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 2.0_8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | thunderbird | 2.0_.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | thunderbird | 2.0.0.13 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 3.6.13 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 5.0 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 2.0a1 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 3.6.18 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 3.6.16 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 3.6.20 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 2.0_.6 |
| mozilla | thunderbird | 2.0_.9 |
| mozilla | seamonkey | 1.0.99 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 3.6 |
| mozilla | thunderbird | 2.0_.13 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | thunderbird | 2.0_.14 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 3.6.21 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | firefox | 3.6.19 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 2.0_.12 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | * |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 2.0.0.20 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 2.0_.4 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 3.6.9 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
Use-after-free vulnerability in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14, when JavaScript is disabled, allows remote attackers to execute arbitrary code via a crafted XUL document.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 3.5.16 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 3.5.19 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, and Thunderbird before 3.1.11, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | firefox | 3.5.16 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.5.18 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 0.3 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.6.13 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | firefox | 3.5.15 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 3.6.2 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 5.0 and Thunderbird through 3.1.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | firefox | 3.5.16 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.5.18 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 0.3 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.6.13 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | firefox | 3.5.15 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 3.6.2 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and Thunderbird before 3.1.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | firefox | 3.5.16 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.5.18 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 0.3 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.6.13 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | firefox | 3.5.15 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 3.6.2 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a multipart/x-mixed-replace image.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 3.5.16 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 3.5.19 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
The appendChild function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, SeaMonkey 2.x, and possibly other products does not properly handle DOM objects, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to dereferencing of a "dangling pointer."
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 3.5.16 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.5.18 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 3.5.19 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 3.6.18 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.6.15 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | firefox | 1.5.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3, when Internet Explorer before 9 or Safari before 5.0.6 is used for Raw Unified mode, allows remote attackers to inject arbitrary web script or HTML via a crafted patch, related to content sniffing.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.0.0 |
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 3.2.9 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 3.0.11 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 4.1.1 |
| mozilla | bugzilla | 3.0.9 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 2.21.1 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 3.4.10 |
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 3.0.1 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 3.2.8 |
| mozilla | bugzilla | 4.1.2 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 3.0.4 |
| mozilla | bugzilla | 3.2.1 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 3.0.5 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 3.0.10 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.18.5 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 3.5.3 |
| mozilla | bugzilla | 3.0.3 |
| mozilla | bugzilla | 3.5 |
| mozilla | bugzilla | 3.3.3 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 4.1 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 2.9 |
| mozilla | bugzilla | 3.4.11 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 3.0.2 |
| mozilla | bugzilla | 3.0.8 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 3.6.4 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 2.18.4 |
| mozilla | bugzilla | 2.21.2 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.0.7 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.16.11 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 3.3.2 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 3.4 |
| mozilla | bugzilla | 3.7.3 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 3.5.2 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 3.2.10 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 3.5.1 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 3.4.8 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.22.2 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 3.6.5 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 3.0.6 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 4.0.1 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 3.3.1 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 3.3.4 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 3.4.9 |
| mozilla | bugzilla | 4.0 |
Bugzilla 2.23.3 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 allows remote attackers to determine the existence of private group names via a crafted parameter during (1) bug creation or (2) bug editing.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.0.0 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.0.7 |
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.1.0 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 3.2.9 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 3.1.3 |
| mozilla | bugzilla | 3.6.0 |
| mozilla | bugzilla | 3.0.11 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 3.1.4 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 2.23 |
| mozilla | bugzilla | 3.3.2 |
| mozilla | bugzilla | 4.1.1 |
| mozilla | bugzilla | 3.0.9 |
| mozilla | bugzilla | 3.4 |
| mozilla | bugzilla | 3.7.3 |
| mozilla | bugzilla | 3.5.2 |
| mozilla | bugzilla | 3.4.10 |
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 3.0.1 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 3.1.2 |
| mozilla | bugzilla | 3.2.8 |
| mozilla | bugzilla | 4.1.2 |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 3.0.4 |
| mozilla | bugzilla | 3.2.1 |
| mozilla | bugzilla | 3.2.10 |
| mozilla | bugzilla | 3.5.1 |
| mozilla | bugzilla | 3.0.5 |
| mozilla | bugzilla | 3.4.8 |
| mozilla | bugzilla | 3.0.10 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 3.6.5 |
| mozilla | bugzilla | 3.0 |
| mozilla | bugzilla | 3.5.3 |
| mozilla | bugzilla | 3.0.3 |
| mozilla | bugzilla | 3.5 |
| mozilla | bugzilla | 3.3.3 |
| mozilla | bugzilla | 3.0.6 |
| mozilla | bugzilla | 4.1 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 3.1.1 |
| mozilla | bugzilla | 3.4.11 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 2.23.1 |
| mozilla | bugzilla | 4.0.1 |
| mozilla | bugzilla | 2.23.3 |
| mozilla | bugzilla | 2.23.2 |
| mozilla | bugzilla | 3.3.1 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 3.0.2 |
| mozilla | bugzilla | 3.3.4 |
| mozilla | bugzilla | 3.0.8 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 3.6.4 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 3.4.9 |
| mozilla | bugzilla | 4.0 |
CRLF injection vulnerability in Bugzilla 2.17.1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 allows remote attackers to inject arbitrary e-mail headers via an attachment description in a flagmail notification.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.0.0 |
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 3.3 |
| mozilla | bugzilla | 3.2.9 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 3.1.3 |
| mozilla | bugzilla | 3.0.11 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 4.1.1 |
| mozilla | bugzilla | 3.0.9 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 2.21.1 |
| mozilla | bugzilla | 3.4.10 |
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 3.0.1 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 3.2.8 |
| mozilla | bugzilla | 4.1.2 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 3.0.4 |
| mozilla | bugzilla | 3.2.1 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 3.0.5 |
| mozilla | bugzilla | 3.0.10 |
| mozilla | bugzilla | 2.18.5 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 3.0 |
| mozilla | bugzilla | 3.5.3 |
| mozilla | bugzilla | 3.0.3 |
| mozilla | bugzilla | 3.5 |
| mozilla | bugzilla | 3.3.3 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 4.1 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 3.4.11 |
| mozilla | bugzilla | 2.18.6 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 3.0.2 |
| mozilla | bugzilla | 3.0.8 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.20.7 |
| mozilla | bugzilla | 3.6.4 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 2.18.4 |
| mozilla | bugzilla | 2.20.6 |
| mozilla | bugzilla | 2.21.2 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.0.7 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.1.0 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 3.6.0 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 3.1.4 |
| mozilla | bugzilla | 3.3.2 |
| mozilla | bugzilla | 3.4 |
| mozilla | bugzilla | 3.7.3 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 3.5.2 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 3.1.2 |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 3.2.10 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 3.5.1 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 3.4.8 |
| mozilla | bugzilla | 2.20.5 |
| mozilla | bugzilla | 2.22.2 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 3.6.5 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 3.0.6 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 3.1.1 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 4.0.1 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 3.3.1 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 3.3.4 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 3.4.9 |
| mozilla | bugzilla | 4.0 |
The WebGL implementation in Mozilla Firefox 4.x allows remote attackers to obtain screenshots of the windows of arbitrary desktop applications via vectors involving an SVG filter, an IFRAME element, and uninitialized data in graphics memory.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 4.0 |
CRLF injection vulnerability in the nsCookieService::SetCookieStringInternal function in netwerk/cookie/nsCookieService.cpp in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, and Thunderbird before 3.1.11, allows remote attackers to bypass intended access restrictions via a string containing a \n (newline) character, which is not properly handled in a JavaScript "document.cookie =" expression, a different vulnerability than CVE-2011-2374.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | firefox | 3.5.16 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.5.18 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 0.3 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.6.13 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | firefox | 3.5.15 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 3.6.2 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Cross-site scripting (XSS) vulnerability in Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, and 3.4.x before 3.4.12 allows remote attackers to inject arbitrary web script or HTML via vectors involving a BUGLIST cookie.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.0.0 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.0.7 |
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.1.0 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 2.16.11 |
| mozilla | bugzilla | 3.3 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 3.2.9 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 3.1.3 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 3.0.11 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 3.1.4 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 3.3.2 |
| mozilla | bugzilla | 3.0.9 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 3.4 |
| mozilla | bugzilla | 2.21.1 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 3.4.10 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 3.0.1 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 3.1.2 |
| mozilla | bugzilla | 3.2.8 |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 3.0.4 |
| mozilla | bugzilla | 3.2.1 |
| mozilla | bugzilla | 3.2.10 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 3.0.5 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 3.4.8 |
| mozilla | bugzilla | 3.0.10 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.18.5 |
| mozilla | bugzilla | 2.20.5 |
| mozilla | bugzilla | 2.22.2 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 3.0 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 3.0.3 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 3.3.3 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 3.0.6 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 3.1.1 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 3.4.11 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 3.3.1 |
| mozilla | bugzilla | 2.18.6 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 3.0.2 |
| mozilla | bugzilla | 3.3.4 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 3.0.8 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.20.7 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 3.4.9 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 2.18.4 |
| mozilla | bugzilla | 2.20.6 |
| mozilla | bugzilla | 2.21.2 |
Bugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain sensitive information by reading these files. NOTE: this issue exists because of a regression in 3.6.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 4.0.1 |
| mozilla | bugzilla | 4.1.1 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 3.6.5 |
| mozilla | bugzilla | 3.7.3 |
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 3.6.0 |
| mozilla | bugzilla | 3.6.4 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 4.1 |
| mozilla | bugzilla | 4.0 |
| mozilla | bugzilla | 4.1.2 |
Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 does not prevent changes to the confirmation e-mail address (aka old_email field) for e-mail change notifications, which makes it easier for remote attackers to perform arbitrary address changes by leveraging an unattended workstation.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.0.0 |
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 3.3 |
| mozilla | bugzilla | 3.2.9 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 3.1.3 |
| mozilla | bugzilla | 3.0.11 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 4.1.1 |
| mozilla | bugzilla | 3.0.9 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 2.21.1 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 3.4.10 |
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 3.0.1 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 3.2.8 |
| mozilla | bugzilla | 4.1.2 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 3.0.4 |
| mozilla | bugzilla | 3.2.1 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 3.0.5 |
| mozilla | bugzilla | 3.0.10 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.18.5 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 3.0 |
| mozilla | bugzilla | 3.5.3 |
| mozilla | bugzilla | 3.0.3 |
| mozilla | bugzilla | 3.5 |
| mozilla | bugzilla | 3.3.3 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 4.1 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 3.4.11 |
| mozilla | bugzilla | 2.18.6 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 3.0.2 |
| mozilla | bugzilla | 3.0.8 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.20.7 |
| mozilla | bugzilla | 3.6.4 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 2.18.4 |
| mozilla | bugzilla | 2.20.6 |
| mozilla | bugzilla | 2.21.2 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.0.7 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.1.0 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.16.11 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 3.6.0 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 3.1.4 |
| mozilla | bugzilla | 3.3.2 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 3.4 |
| mozilla | bugzilla | 3.7.3 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 3.5.2 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 3.1.2 |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 3.2.10 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 3.5.1 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 3.4.8 |
| mozilla | bugzilla | 2.20.5 |
| mozilla | bugzilla | 2.22.2 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 3.6.5 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 3.0.6 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 3.1.1 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 4.0.1 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 3.3.1 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 3.3.4 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 3.4.9 |
| mozilla | bugzilla | 4.0 |
Bugzilla 4.1.x before 4.1.3 generates different responses for certain assignee queries depending on whether the group name is valid, which allows remote attackers to determine the existence of private group names via a custom search. NOTE: this vulnerability exists because of a CVE-2010-2756 regression.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 4.1.1 |
| mozilla | bugzilla | 4.1 |
| mozilla | bugzilla | 4.1.2 |
Untrusted search path vulnerability in the ThinkPadSensor::Startup function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, allows local users to gain privileges by leveraging write access in an unspecified directory to place a Trojan horse DLL that is loaded into the running Firefox process.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 3.5.16 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.5.18 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | thunderbird | 3.1.8 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
The event-management implementation in Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly select the context for script to run in, which allows remote attackers to bypass the Same Origin Policy or execute arbitrary JavaScript code with chrome privileges via a crafted web site.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-16,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 3.5.16 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.5.18 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 3.5.19 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 3.6.18 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.6.15 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | thunderbird | 3.1.8 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | firefox | 1.5.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 3.5.16 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.5.19 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.15 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | firefox | 3.5.14 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 3.0.14 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products does not properly handle the RegExp.input property, which allows remote attackers to bypass the Same Origin Policy and read data from a different domain via a crafted web site, possibly related to a use-after-free.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | thunderbird | 2.0.0.15 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 3.5.16 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 2.0.0.13 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.5.19 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.15 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 2.4.1 |
| mozilla | firefox | 3.0.8 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | firefox | 3.5.14 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.6 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | seamonkey | 2.2 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | seamonkey | 2.4 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 3.0.14 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 2.0.0.20 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly handle the dropping of a tab element, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by establishing a content area and registering for drop events.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | seamonkey | 2.5 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 3.5.16 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 3.5.18 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.6 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 1.0 |
| mozilla | seamonkey | 2.2 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | seamonkey | 2.4 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 3.5.19 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 3.6.18 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | firefox | 3.6.16 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.6.15 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | thunderbird | 3.1.8 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | firefox | 1.5.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 2.4.1 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | thunderbird | 0.1 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 0.3 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 5.0 |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | seamonkey | 2.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products, when the Direct2D (aka D2D) API is used on Windows, allows remote attackers to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data into a canvas.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 5.0 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | seamonkey | 2.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
Heap-based buffer overflow in Almost Native Graphics Layer Engine (ANGLE), as used in the WebGL implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products might allow remote attackers to execute arbitrary code via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 5.0 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | seamonkey | 2.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
Buffer overflow in an unspecified string class in the WebGL shader implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long source-code block for a shader.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.1 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 2.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.0.8 |
The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products does not properly implement WebGL, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | thunderbird | 0.1 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 0.3 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 5.0 |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | seamonkey | 2.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
The implementation of Content Security Policy (CSP) violation reports in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other products does not remove proxy-authorization credentials from the listed request headers, which allows attackers to obtain sensitive information by reading a report, related to incorrect host resolution that occurs with certain redirects.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-255,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products does not properly implement JavaScript, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | thunderbird | 0.1 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 0.3 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 5.0 |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | seamonkey | 2.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
The Ogg reader in the browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | thunderbird | 0.1 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 0.3 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 5.0 |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | seamonkey | 2.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
The implementation of digital signatures for JAR files in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other products does not prevent calls from unsigned JavaScript code to signed code, which allows remote attackers to bypass the Same Origin Policy and gain privileges via a crafted web site, a different vulnerability than CVE-2008-2801.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 2.0.8 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | thunderbird | 2.0.0.15 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | firefox | 6.0 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 2.0_8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | thunderbird | 2.0_.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | thunderbird | 2.0.0.13 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 3.6.13 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 5.0 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 2.0a1 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 3.6.18 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 3.6.16 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 3.6.20 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 2.0_.6 |
| mozilla | thunderbird | 2.0_.9 |
| mozilla | seamonkey | 1.0.99 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 3.6 |
| mozilla | thunderbird | 2.0_.13 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | thunderbird | 2.0_.14 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 3.6.21 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | firefox | 3.6.19 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 2.0_.12 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | * |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 2.0.0.20 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 2.0_.4 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 3.6.9 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
Unspecified vulnerability in the plugin API in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 3.6.6 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | thunderbird | 2.0.0.15 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | firefox | 6.0 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 2.0_8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | thunderbird | 2.0_.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | thunderbird | 2.0.0.13 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | thunderbird | 2.0 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 2.0a1 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 2.0_.6 |
| mozilla | thunderbird | 2.0_.9 |
| mozilla | seamonkey | 1.0.99 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | thunderbird | 2.0_.13 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | thunderbird | 2.0_.14 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 2.0_.12 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 2.0.0.20 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 2.0_.4 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | seamonkey | 2.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
Integer underflow in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via JavaScript code containing a large RegExp expression.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 3.6.6 |
Mozilla Firefox before 3.6.23 and 4.x through 5, Thunderbird before 6.0, and SeaMonkey before 2.3 do not properly handle "location" as the name of a frame, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, a different vulnerability than CVE-2010-0170.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | thunderbird | 2.0.0.15 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 2.0_8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | thunderbird | 2.0_.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | thunderbird | 2.0.0.13 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 3.6.13 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 5.0 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 2.0a1 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 3.6.18 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 3.6.16 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 3.6.20 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 2.0_.6 |
| mozilla | thunderbird | 2.0_.9 |
| mozilla | seamonkey | 1.0.99 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 3.6 |
| mozilla | thunderbird | 2.0_.13 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | thunderbird | 2.0_.14 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 3.6.21 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | firefox | 3.6.19 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 2.0_.12 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | * |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 2.0.0.20 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 2.0_.4 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 3.6.9 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not properly handle HTTP responses that contain multiple Location, Content-Length, or Content-Disposition headers, which makes it easier for remote attackers to conduct HTTP response splitting attacks via crafted header values.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | thunderbird | 2.0.0.15 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | firefox | 6.0 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 2.0_8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | thunderbird | 2.0_.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | thunderbird | 2.0.0.13 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 3.6.13 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 5.0 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 2.0a1 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 3.6.18 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 3.6.16 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 3.6.20 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 2.0_.6 |
| mozilla | thunderbird | 2.0_.9 |
| mozilla | seamonkey | 1.0.99 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 3.6 |
| mozilla | thunderbird | 2.0_.13 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | thunderbird | 2.0_.14 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 3.6.21 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | firefox | 3.6.19 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 2.0_.12 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | * |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 2.0.0.20 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 2.0_.4 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 3.6.9 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent manual add-on installation in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that triggers an unspecified internal error.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | thunderbird | 2.0.0.15 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | firefox | 6.0 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 2.0_8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | thunderbird | 2.0_.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | thunderbird | 2.0.0.13 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 5.0 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 2.0a1 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 2.0_.6 |
| mozilla | thunderbird | 2.0_.9 |
| mozilla | seamonkey | 1.0.99 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | thunderbird | 2.0_.13 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | thunderbird | 2.0_.14 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 2.0_.12 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 2.0.0.20 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 2.0_.4 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | seamonkey | 2.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox before 7.0 and SeaMonkey before 2.4, does not validate the return value of a GrowAtomTable function call, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger a memory-allocation error and a resulting buffer overflow.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
Mozilla Firefox before 7.0 and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unspecified WebGL test case that triggers a memory-allocation error and a resulting out-of-bounds write operation.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
The JSSubScriptLoader in Mozilla Firefox 4.x through 6 and SeaMonkey before 2.4 does not properly handle XPCNativeWrappers during calls to the loadSubScript method in an add-on, which makes it easier for remote attackers to gain privileges via a crafted web site that leverages certain unwrapping behavior.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | seamonkey | 1.0.99 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 2.0a1 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
Use-after-free vulnerability in Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OGG headers in a .ogg file.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | thunderbird | 2.0.0.15 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | firefox | 6.0 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 2.0_8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | thunderbird | 2.0_.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | thunderbird | 2.0.0.13 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 5.0 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 2.0a1 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 2.0_.6 |
| mozilla | thunderbird | 2.0_.9 |
| mozilla | seamonkey | 1.0.99 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | thunderbird | 2.0_.13 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | thunderbird | 2.0_.14 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 2.0_.12 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 2.0.0.20 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 2.0_.4 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | seamonkey | 2.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted OpenType file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-682,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| chrome | * | |
| mozilla | thunderbird_esr | * |
The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| chrome | * | |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
YARR, as used in Mozilla Firefox before 7.0, Thunderbird before 7.0, and SeaMonkey before 2.4, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted JavaScript.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | thunderbird | 2.0.0.15 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 2.0_8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | thunderbird | 2.0_.5 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | thunderbird | 2.0.0.13 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 3.6.13 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 5.0 |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 2.0a1 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 3.6.18 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 3.6.16 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 3.6.20 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 2.0_.6 |
| mozilla | thunderbird | 2.0_.9 |
| mozilla | seamonkey | 1.0.99 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 3.6 |
| mozilla | thunderbird | 2.0_.13 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | thunderbird | 2.0_.14 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 3.6.21 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | firefox | 3.6.19 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 2.0_.12 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | * |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 2.0.0.20 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 2.0_.4 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 3.6.9 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-326,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 6.0 |
| canonical | ubuntu_linux | 10.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| debian | debian_linux | 5.0 |
| chrome | - | |
| haxx | curl | * |
| siemens | simatic_rf68xr_firmware | * |
| canonical | ubuntu_linux | 11.04 |
| opera | opera_browser | - |
| redhat | enterprise_linux_eus | 6.2 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_server_aus | 6.2 |
| redhat | enterprise_linux_workstation | 5.0 |
| canonical | ubuntu_linux | 10.10 |
| microsoft | internet_explorer | - |
| redhat | enterprise_linux_desktop | 5.0 |
| canonical | ubuntu_linux | 11.10 |
| siemens | simatic_rf615r_firmware | * |
| redhat | enterprise_linux_workstation | 6.0 |
| microsoft | windows | - |
| mozilla | firefox | - |
| redhat | enterprise_linux_server | 6.0 |
The JSSubScriptLoader in Mozilla Firefox before 3.6.24 and Thunderbird before 3.1.6 does not properly handle XPCNativeWrappers during calls to the loadSubScript method in an add-on, which makes it easier for remote attackers to gain privileges via a crafted web site that leverages certain unwrapping behavior, a related issue to CVE-2011-3004.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | thunderbird | 2.0.0.15 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 0.1 |
| mozilla | thunderbird | 0.1 |
| mozilla | thunderbird | 2.0.0.13 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 0.3 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 0.10 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | firefox | 0.7 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | firefox | 0.9.2 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 2.0.0.20 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | firefox | 3.0.13 |
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 allows remote attackers to inject arbitrary web script or HTML via crafted text with Shift JIS encoding.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | thunderbird | 2.0.0.15 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 0.1 |
| mozilla | thunderbird | 0.1 |
| mozilla | thunderbird | 2.0.0.13 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 0.3 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 0.10 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | firefox | 0.7 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | thunderbird | 6.0 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | firefox | 5.0.1 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 7.0 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | firefox | 0.9.2 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 2.0.0.20 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox 7.0 and Thunderbird 7.0, when the Direct2D (aka D2D) API is used on Windows in conjunction with the Azure graphics back-end, allow remote attackers to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data into a canvas. NOTE: this issue exists because of a CVE-2011-2986 regression.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 7.0 |
| mozilla | firefox | 7.0 |
Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that contain many functions, which allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted file that is accessed by debugging APIs, as demonstrated by Firebug.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | thunderbird | 2.0.0.15 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 0.1 |
| mozilla | thunderbird | 0.1 |
| mozilla | thunderbird | 2.0.0.13 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 0.3 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 0.10 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | firefox | 0.7 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | thunderbird | 6.0 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | firefox | 5.0.1 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 7.0 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | firefox | 0.9.2 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 2.0.0.20 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 7.0 and Thunderbird 7.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 7.0 |
| mozilla | firefox | 7.0 |
The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly allocate memory, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | thunderbird | 2.0.0.15 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 0.1 |
| mozilla | thunderbird | 3.1.14 |
| mozilla | thunderbird | 0.1 |
| mozilla | thunderbird | 2.0.0.13 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 0.3 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 0.10 |
| mozilla | thunderbird | 3.1.13 |
| mozilla | firefox | 3.6.24 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | firefox | 0.7 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | thunderbird | 6.0 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | thunderbird | 3.1.15 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | firefox | 5.0.1 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 7.0 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | thunderbird | 3.1.12 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | firefox | 0.9.2 |
| mozilla | thunderbird | 3.1.16 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 2.0.0.20 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox before 8.0 and Thunderbird before 8.0 on Mac OS X do not properly interact with the GPU memory behavior of a certain driver for Intel integrated GPUs, which allows remote attackers to bypass the Same Origin Policy and read image data via vectors related to WebGL textures.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.6.1 |
| mozilla | firefox | 0.1 |
| mozilla | thunderbird | 3.1.14 |
| mozilla | thunderbird | 0.1 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 0.3 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 0.10 |
| mozilla | thunderbird | 3.1.13 |
| mozilla | firefox | 3.6.24 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 0.6 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | firefox | 0.7 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 3.6.16 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | thunderbird | 6.0 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | thunderbird | 3.1.15 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 3.6.22 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | firefox | 5.0.1 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | thunderbird | 7.0 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 5.0 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 3.6.18 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | thunderbird | 3.1.12 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | firefox | 0.9.2 |
| mozilla | thunderbird | 3.1.16 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly handle links from SVG mpath elements to non-SVG elements, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | thunderbird | 2.0.0.15 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 0.1 |
| mozilla | thunderbird | 3.1.14 |
| mozilla | thunderbird | 0.1 |
| mozilla | thunderbird | 2.0.0.13 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 0.3 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 0.10 |
| mozilla | thunderbird | 3.1.13 |
| mozilla | firefox | 3.6.24 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | firefox | 0.7 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | thunderbird | 6.0 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | thunderbird | 3.1.15 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | firefox | 5.0.1 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 7.0 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | thunderbird | 3.1.12 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | firefox | 0.9.2 |
| mozilla | thunderbird | 3.1.16 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 2.0.0.20 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox 4.x through 7.0 and Thunderbird 5.0 through 7.0 perform access control without checking for use of the NoWaiverWrapper wrapper, which allows remote attackers to gain privileges via a crafted web site.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 5.0 |
| mozilla | thunderbird | 7.0 |
| mozilla | thunderbird | 6.0 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 6.0.2 |
| mozilla | thunderbird | 6.0.2 |
Multiple cross-site scripting (XSS) vulnerabilities in Bugzilla 2.x and 3.x before 3.4.13, 3.5.x and 3.6.x before 3.6.7, 3.7.x and 4.0.x before 4.0.3, and 4.1.x through 4.1.3, when debug mode is used, allow remote attackers to inject arbitrary web script or HTML via vectors involving a (1) tabular report, (2) graphical report, or (3) new chart.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.0.0 |
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 2.23.4 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 2.2 |
| mozilla | bugzilla | 3.3 |
| mozilla | bugzilla | 3.2.9 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 3.1.3 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 3.0.11 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 2.18.9 |
| mozilla | bugzilla | 4.1.1 |
| mozilla | bugzilla | 3.0.9 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 2.21.1 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 3.4.10 |
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 3.0.1 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 3.2.8 |
| mozilla | bugzilla | 4.1.2 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 3.0.4 |
| mozilla | bugzilla | 3.2.1 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 3.0.5 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 3.0.10 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.18.5 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 3.0 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 3.5.3 |
| mozilla | bugzilla | 3.0.3 |
| mozilla | bugzilla | 3.5 |
| mozilla | bugzilla | 3.3.3 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 4.1 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 2.9 |
| mozilla | bugzilla | 3.4.11 |
| mozilla | bugzilla | 2.23.1 |
| mozilla | bugzilla | 2.23.3 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.23.2 |
| mozilla | bugzilla | 2.18.6 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 3.0.2 |
| mozilla | bugzilla | 3.0.8 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.20.7 |
| mozilla | bugzilla | 3.6.4 |
| mozilla | bugzilla | 3.4.12 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 3.6.7 |
| mozilla | bugzilla | 2.18.4 |
| mozilla | bugzilla | 2.20.6 |
| mozilla | bugzilla | 2.21.2 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.0.7 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.1.0 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 2.0 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.16.11 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 3.6.0 |
| mozilla | bugzilla | 3.6.6 |
| mozilla | bugzilla | 4.1.3 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 3.1.4 |
| mozilla | bugzilla | 2.18.8 |
| mozilla | bugzilla | 2.23 |
| mozilla | bugzilla | 4.0.2 |
| mozilla | bugzilla | 3.3.2 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 3.4 |
| mozilla | bugzilla | 3.7.3 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 3.5.2 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 2.18.6+ |
| mozilla | bugzilla | 3.1.2 |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 2.17.2 |
| mozilla | bugzilla | 3.2.10 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 3.5.1 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 3.4.8 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.20.5 |
| mozilla | bugzilla | 2.22.2 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 3.6.5 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 3.0.6 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 3.1.1 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 4.0.1 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 3.3.1 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 3.3.4 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 3.4.9 |
| mozilla | bugzilla | 4.0 |
| mozilla | bugzilla | 2.18.7 |
The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and SeaMonkey 2.5 does not properly interact with DOMAttrModified event handlers, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via vectors involving removal of SVG elements.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 8.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | thunderbird | 8.0 |
Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access to removed nsDOMAttribute child nodes.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| suse | linux_enterprise_software_development_kit | 11 |
| mozilla | firefox | * |
| suse | linux_enterprise_software_development_kit | 10 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
| opensuse | opensuse | 11.4 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger a compartment mismatch associated with the nsDOMMessageEvent::GetData function, and unknown other vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 8.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | seamonkey | 1.0.99 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 7.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 2.0a1 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 1.1.9 |
YARR, as used in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted JavaScript.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 8.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | seamonkey | 1.0.99 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 7.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 2.0a1 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 1.1.9 |
Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to capture keystrokes entered on a web page, even when JavaScript is disabled, by using SVG animation accessKey events within that web page.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 5.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.2 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 7.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
| mozilla | seamonkey | 1.1.9 |
Mozilla Firefox before 9.0, Thunderbird before 9.0, and SeaMonkey before 2.6 on Mac OS X do not properly handle certain DOM frame deletions by plugins, which allows remote attackers to cause a denial of service (incorrect pointer dereference and application crash) or possibly have unspecified other impact via a crafted web site.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | thunderbird | 2.0.0.15 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 0.1 |
| mozilla | thunderbird | 3.1.14 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | thunderbird | 2.0.0.13 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 0.10 |
| mozilla | thunderbird | 3.1.13 |
| mozilla | firefox | 3.6.24 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 2.0a1 |
| mozilla | firefox | 0.7 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | thunderbird | 6.0 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | thunderbird | 3.1.15 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | firefox | 3.6.22 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | firefox | 5.0.1 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 7.0 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 0.10.1 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 3.1.12 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | seamonkey | 1.0.99 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | firefox | 0.9.2 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 3.1.16 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 2.0.0.20 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | firefox | 0.4 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an Ogg VIDEO element that is not properly handled after scaling.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 8.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | seamonkey | 1.0.99 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 7.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 2.0a1 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 1.1.9 |
Mozilla Firefox before 3.6.25 and Thunderbird before 3.1.17 on Mac OS X do not consider .jar files to be executable files, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted file. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-2372 on Mac OS X.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | thunderbird | 1.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | thunderbird | 2.0.0.15 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 0.1 |
| mozilla | thunderbird | 3.1.14 |
| mozilla | thunderbird | 0.1 |
| mozilla | thunderbird | 2.0.0.13 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 0.3 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | firefox | 0.10 |
| mozilla | thunderbird | 3.1.13 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | firefox | 0.7 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | thunderbird | 3.1.15 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | thunderbird | 3.1.12 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | firefox | 0.9.2 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 2.0.0.20 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | firefox | 3.0.13 |
The User.offer_account_by_email WebService method in Bugzilla 2.x and 3.x before 3.4.13, 3.5.x and 3.6.x before 3.6.7, 3.7.x and 4.0.x before 4.0.3, and 4.1.x through 4.1.3, when createemailregexp is not empty, does not properly handle user_can_create_account settings, which allows remote attackers to create user accounts by leveraging a token contained in an e-mail message.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.0.0 |
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 2.23.4 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 2.2 |
| mozilla | bugzilla | 3.3 |
| mozilla | bugzilla | 3.2.9 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 3.1.3 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 3.0.11 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 2.18.9 |
| mozilla | bugzilla | 4.1.1 |
| mozilla | bugzilla | 3.0.9 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 2.21.1 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 3.4.10 |
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 3.0.1 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 3.2.8 |
| mozilla | bugzilla | 4.1.2 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 3.0.4 |
| mozilla | bugzilla | 3.2.1 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 3.0.5 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 3.0.10 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.18.5 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 3.0 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 3.5.3 |
| mozilla | bugzilla | 3.0.3 |
| mozilla | bugzilla | 3.5 |
| mozilla | bugzilla | 3.3.3 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 4.1 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 2.9 |
| mozilla | bugzilla | 3.4.11 |
| mozilla | bugzilla | 2.23.1 |
| mozilla | bugzilla | 2.23.3 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.23.2 |
| mozilla | bugzilla | 2.18.6 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 3.0.2 |
| mozilla | bugzilla | 3.0.8 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.20.7 |
| mozilla | bugzilla | 3.6.4 |
| mozilla | bugzilla | 3.4.12 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 3.6.7 |
| mozilla | bugzilla | 2.18.4 |
| mozilla | bugzilla | 2.20.6 |
| mozilla | bugzilla | 2.21.2 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.0.7 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.1.0 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 2.0 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.16.11 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 3.6.0 |
| mozilla | bugzilla | 3.6.6 |
| mozilla | bugzilla | 4.1.3 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 3.1.4 |
| mozilla | bugzilla | 2.18.8 |
| mozilla | bugzilla | 2.23 |
| mozilla | bugzilla | 4.0.2 |
| mozilla | bugzilla | 3.3.2 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 3.4 |
| mozilla | bugzilla | 3.7.3 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 3.5.2 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 2.18.6+ |
| mozilla | bugzilla | 3.1.2 |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 2.17.2 |
| mozilla | bugzilla | 3.2.10 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 3.5.1 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 3.4.8 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.20.5 |
| mozilla | bugzilla | 2.22.2 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 3.6.5 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 3.0.6 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 3.1.1 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 4.0.1 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 3.3.1 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 3.3.4 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 3.4.9 |
| mozilla | bugzilla | 4.0 |
| mozilla | bugzilla | 2.18.7 |
Cross-site request forgery (CSRF) vulnerability in post_bug.cgi in Bugzilla 2.x, 3.x, and 4.x before 4.2rc1 allows remote attackers to hijack the authentication of arbitrary users for requests that create bug reports.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.0.0 |
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 2.23.4 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 2.2 |
| mozilla | bugzilla | 3.3 |
| mozilla | bugzilla | 3.2.9 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 3.1.3 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 3.0.11 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 2.18.9 |
| mozilla | bugzilla | 4.1.1 |
| mozilla | bugzilla | 3.0.9 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 2.21.1 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 3.4.10 |
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 3.0.1 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 3.2.8 |
| mozilla | bugzilla | 4.1.2 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 3.0.4 |
| mozilla | bugzilla | 3.2.1 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 3.0.5 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 3.0.10 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.18.5 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 3.0 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 3.5.3 |
| mozilla | bugzilla | 3.0.3 |
| mozilla | bugzilla | 3.5 |
| mozilla | bugzilla | 3.3.3 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 4.1 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 2.9 |
| mozilla | bugzilla | 3.4.11 |
| mozilla | bugzilla | 2.23.1 |
| mozilla | bugzilla | 2.23.3 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.23.2 |
| mozilla | bugzilla | 2.18.6 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 3.0.2 |
| mozilla | bugzilla | 3.0.8 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.20.7 |
| mozilla | bugzilla | 3.6.4 |
| mozilla | bugzilla | 3.4.12 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 3.6.7 |
| mozilla | bugzilla | 2.18.4 |
| mozilla | bugzilla | 2.20.6 |
| mozilla | bugzilla | 2.21.2 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.0.7 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.1.0 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 2.0 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.16.11 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 3.6.0 |
| mozilla | bugzilla | 3.6.6 |
| mozilla | bugzilla | 4.1.3 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 3.1.4 |
| mozilla | bugzilla | 2.18.8 |
| mozilla | bugzilla | 2.23 |
| mozilla | bugzilla | 4.0.2 |
| mozilla | bugzilla | 3.3.2 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 3.4 |
| mozilla | bugzilla | 3.7.3 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 3.5.2 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 2.18.6+ |
| mozilla | bugzilla | 3.1.2 |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 2.17.2 |
| mozilla | bugzilla | 3.2.10 |
| mozilla | bugzilla | 2.16_rc2 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 3.5.1 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 3.4.8 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.20.5 |
| mozilla | bugzilla | 2.22.2 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 3.6.5 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 3.0.6 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 3.1.1 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 4.0.1 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 3.3.1 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 3.3.4 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 3.4.9 |
| mozilla | bugzilla | 4.0 |
| mozilla | bugzilla | 2.18.7 |
Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 2.x, 3.x, and 4.x before 4.2rc1 allows remote attackers to hijack the authentication of arbitrary users for requests that upload attachments.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.0.0 |
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 2.23.4 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 2.2 |
| mozilla | bugzilla | 3.3 |
| mozilla | bugzilla | 3.2.9 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 3.1.3 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 3.0.11 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 2.18.9 |
| mozilla | bugzilla | 4.1.1 |
| mozilla | bugzilla | 3.0.9 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 2.21.1 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 3.4.10 |
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 3.0.1 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 3.2.8 |
| mozilla | bugzilla | 4.1.2 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 3.0.4 |
| mozilla | bugzilla | 3.2.1 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 3.0.5 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 3.0.10 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.18.5 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 3.0 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 3.5.3 |
| mozilla | bugzilla | 3.0.3 |
| mozilla | bugzilla | 3.5 |
| mozilla | bugzilla | 3.3.3 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 4.1 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 2.9 |
| mozilla | bugzilla | 3.4.11 |
| mozilla | bugzilla | 2.23.1 |
| mozilla | bugzilla | 2.23.3 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.23.2 |
| mozilla | bugzilla | 2.18.6 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 3.0.2 |
| mozilla | bugzilla | 3.0.8 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.20.7 |
| mozilla | bugzilla | 3.6.4 |
| mozilla | bugzilla | 3.4.12 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 3.6.7 |
| mozilla | bugzilla | 2.18.4 |
| mozilla | bugzilla | 2.20.6 |
| mozilla | bugzilla | 2.21.2 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.0.7 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.1.0 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 2.0 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.16.11 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 3.6.0 |
| mozilla | bugzilla | 3.6.6 |
| mozilla | bugzilla | 4.1.3 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 3.1.4 |
| mozilla | bugzilla | 2.18.8 |
| mozilla | bugzilla | 2.23 |
| mozilla | bugzilla | 4.0.2 |
| mozilla | bugzilla | 3.3.2 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 3.4 |
| mozilla | bugzilla | 3.7.3 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 3.5.2 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 2.18.6+ |
| mozilla | bugzilla | 3.1.2 |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 2.17.2 |
| mozilla | bugzilla | 3.2.10 |
| mozilla | bugzilla | 2.16_rc2 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 3.5.1 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 3.4.8 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.20.5 |
| mozilla | bugzilla | 2.22.2 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 3.6.5 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 3.0.6 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 3.1.1 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 4.0.1 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 3.3.1 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 3.3.4 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 3.4.9 |
| mozilla | bugzilla | 4.0 |
| mozilla | bugzilla | 2.18.7 |
Mozilla Firefox before 3.6.26 and 4.x through 6.0, Thunderbird before 3.1.18 and 5.0 through 6.0, and SeaMonkey before 2.4 do not properly enforce the IPv6 literal address syntax, which allows remote attackers to obtain sensitive information by making XMLHttpRequest calls through a proxy and reading the error messages.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | thunderbird | 2.0.0.15 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 0.1 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | thunderbird | 0.1 |
| mozilla | thunderbird | 2.0.0.13 |
| mozilla | firefox | 3.5.1 |
| mozilla | thunderbird | 0.3 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | thunderbird | 0.7.3 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 3.6.24 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 0.7 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | thunderbird | 0.5 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 0.8 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | thunderbird | 0.6 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 0.4 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 3.0.6 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | firefox | 3.6.22 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | firefox | 5.0.1 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | seamonkey | 2.2 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | seamonkey | 2.4 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 0.9 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 0.10.1 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | thunderbird | 3.0 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 1.0.2 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | firefox | 0.9.2 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | seamonkey | 2. |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird | 2.0.0.20 |
| mozilla | thunderbird | 0.2 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | firefox | 0.9 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | firefox | 0.4 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 3.0.13 |
Use-after-free vulnerability in the nsHTMLSelectElement function in nsHTMLSelectElement.cpp in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allows remote attackers to execute arbitrary code via vectors involving removal of the parent node of an element.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 8.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | seamonkey | 1.0.99 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 2.0a1pre |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 7.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 2.0a1 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 1.1.9 |
Mozilla Firefox before 7.0 and SeaMonkey before 2.4 do not properly restrict availability of motion data events, which makes it easier for remote attackers to read keystrokes by leveraging JavaScript code running in a background tab.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
Mozilla Firefox 8.0.1 and earlier does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the browser cache via crafted JavaScript code.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 8.0 |
Mozilla Network Security Services (NSS) 3.x, with certain settings of the SSL_ENABLE_RENEGOTIATION option, does not properly restrict client-initiated renegotiation within the SSL and TLS protocols, which might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection, a different vulnerability than CVE-2011-1473. NOTE: it can also be argued that it is the responsibility of server deployments, not a security library, to prevent or limit renegotiation when it is inappropriate within a specific environment
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | network_security_services | 3.4.2 |
| mozilla | network_security_services | 3.3 |
| mozilla | network_security_services | 3.9 |
| mozilla | network_security_services | 3.4.1 |
| mozilla | network_security_services | 3.7.7 |
| mozilla | network_security_services | 3.7.1 |
| mozilla | network_security_services | 3.2 |
| mozilla | network_security_services | 3.11.5 |
| mozilla | network_security_services | 3.2.1 |
| mozilla | network_security_services | 3.5 |
| mozilla | network_security_services | 3.11.3 |
| mozilla | network_security_services | 3.3.2 |
| mozilla | network_security_services | 3.11.2 |
| mozilla | network_security_services | 3.7.2 |
| mozilla | network_security_services | 3.11.4 |
| mozilla | network_security_services | 3.7.5 |
| mozilla | network_security_services | 3.7 |
| mozilla | network_security_services | 3.6.1 |
| mozilla | network_security_services | 3.8 |
| mozilla | network_security_services | 3.4 |
| mozilla | network_security_services | 3.6 |
| mozilla | network_security_services | 3.3.1 |
| mozilla | network_security_services | 3.7.3 |
Cross-site request forgery (CSRF) vulnerability in jsonrpc.cgi in Bugzilla 3.5.x and 3.6.x before 3.6.8, 3.7.x and 4.0.x before 4.0.4, and 4.1.x and 4.2.x before 4.2rc2 allows remote attackers to hijack the authentication of arbitrary users for requests that use the JSON-RPC API.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.5.1 |
| mozilla | bugzilla | 4.0.3 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 3.6.5 |
| mozilla | bugzilla | 3.5.3 |
| mozilla | bugzilla | 3.5 |
| mozilla | bugzilla | 3.6.0 |
| mozilla | bugzilla | 3.6.6 |
| mozilla | bugzilla | 4.1 |
| mozilla | bugzilla | 4.1.3 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 4.0.1 |
| mozilla | bugzilla | 4.0.2 |
| mozilla | bugzilla | 4.1.1 |
| mozilla | bugzilla | 4.2 |
| mozilla | bugzilla | 3.7.3 |
| mozilla | bugzilla | 3.5.2 |
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 3.6.4 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 4.0 |
| mozilla | bugzilla | 4.1.2 |
| mozilla | bugzilla | 3.6.7 |
The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a denial of service (application crash) via a zero-length item, as demonstrated by (1) a zero-length basic constraint or (2) a zero-length field in an OCSP response.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | network_security_services | 3.12.2 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | network_security_services | 3.12 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 10.0.2 |
| mozilla | network_security_services | 3.7 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | network_security_services | 3.9 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | network_security_services | 3.7.5 |
| mozilla | seamonkey | 2.2 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | network_security_services | 3.7.7 |
| mozilla | network_security_services | 3.7.1 |
| mozilla | firefox | 7.0.1 |
| mozilla | network_security_services | 3.11.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | network_security_services | 3.6.1 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | network_security_services | 3.7.3 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | network_security_services | 3.12.1 |
| mozilla | seamonkey | 2.7 |
| mozilla | network_security_services | 3.11.4 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | network_security_services | 3.3.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | network_security_services | 3.4.2 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | network_security_services | 3.2 |
| mozilla | network_security_services | 3.11.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | network_security_services | * |
| mozilla | seamonkey | 1.0.8 |
| mozilla | network_security_services | 3.11.2 |
| mozilla | firefox | 9.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | thunderbird | 12.0 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | network_security_services | 3.2.1 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | network_security_services | 3.3.2 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | network_security_services | 3.8 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | network_security_services | 3.5 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | network_security_services | 3.7.2 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | network_security_services | 3.4 |
| mozilla | network_security_services | 3.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | network_security_services | 3.3 |
| mozilla | network_security_services | 3.4.1 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| debian | debian_linux | 5.0 |
| opensuse | opensuse | 11.4 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 8.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.2 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 2. |
| mozilla | seamonkey | 1.1.14 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
| mozilla | seamonkey | 1.1.9 |
Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 6.0 |
| canonical | ubuntu_linux | 10.04 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| debian | debian_linux | 5.0 |
| canonical | ubuntu_linux | 11.04 |
| opensuse | opensuse | 11.4 |
| canonical | ubuntu_linux | 10.10 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to bypass the HTML5 frame-navigation policy and replace arbitrary sub-frames by creating a form submission target with a sub-frame's name attribute.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 8.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.2 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
| mozilla | seamonkey | 1.1.9 |
Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to inject arbitrary web script or HTML via a (1) web page or (2) Firefox extension, related to improper enforcement of XPConnect security restrictions for frame scripts that call untrusted objects.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 8.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.2 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
| mozilla | seamonkey | 1.1.9 |
Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize data for image/vnd.microsoft.icon images, which allows remote attackers to obtain potentially sensitive information by reading a PNG image that was created through conversion from an ICO image.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 8.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.2 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 2. |
| mozilla | seamonkey | 1.1.14 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
| mozilla | seamonkey | 1.1.9 |
Bugzilla 2.x and 3.x before 3.4.14, 3.5.x and 3.6.x before 3.6.8, 3.7.x and 4.0.x before 4.0.4, and 4.1.x and 4.2.x before 4.2rc2 does not reject non-ASCII characters in e-mail addresses of new user accounts, which makes it easier for remote authenticated users to spoof other user accounts by choosing a similar e-mail address.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.0.0 |
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 2.23.4 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 2.2 |
| mozilla | bugzilla | 3.3 |
| mozilla | bugzilla | 3.2.9 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 3.1.3 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 3.0.11 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 2.18.9 |
| mozilla | bugzilla | 4.1.1 |
| mozilla | bugzilla | 3.0.9 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 2.21.1 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 3.4.10 |
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 3.0.1 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 3.2.8 |
| mozilla | bugzilla | 4.1.2 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 3.0.4 |
| mozilla | bugzilla | 3.2.1 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 3.0.5 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 4.0.3 |
| mozilla | bugzilla | 3.0.10 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.18.5 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 3.0 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 3.5.3 |
| mozilla | bugzilla | 3.0.3 |
| mozilla | bugzilla | 3.5 |
| mozilla | bugzilla | 3.3.3 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 4.1 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 2.9 |
| mozilla | bugzilla | 3.4.11 |
| mozilla | bugzilla | 3.4.13 |
| mozilla | bugzilla | 2.23.1 |
| mozilla | bugzilla | 2.23.3 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.23.2 |
| mozilla | bugzilla | 2.18.6 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 3.0.2 |
| mozilla | bugzilla | 3.0.8 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.20.7 |
| mozilla | bugzilla | 3.6.4 |
| mozilla | bugzilla | 3.4.12 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 3.6.7 |
| mozilla | bugzilla | 2.18.4 |
| mozilla | bugzilla | 2.20.6 |
| mozilla | bugzilla | 2.21.2 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.0.7 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.1.0 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 2.0 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.16.11 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 3.6.0 |
| mozilla | bugzilla | 3.6.6 |
| mozilla | bugzilla | 4.1.3 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 3.1.4 |
| mozilla | bugzilla | 2.18.8 |
| mozilla | bugzilla | 2.23 |
| mozilla | bugzilla | 4.0.2 |
| mozilla | bugzilla | 3.3.2 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 3.4 |
| mozilla | bugzilla | 3.7.3 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 3.5.2 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 2.18.6+ |
| mozilla | bugzilla | 3.1.2 |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 2.17.2 |
| mozilla | bugzilla | 3.2.10 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 3.5.1 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 3.4.8 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.20.5 |
| mozilla | bugzilla | 2.22.2 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 3.6.5 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 3.0.6 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 3.1.1 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 4.0.1 |
| mozilla | bugzilla | 4.2 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 3.3.1 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 3.3.4 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 3.4.9 |
| mozilla | bugzilla | 4.0 |
| mozilla | bugzilla | 2.18.7 |
Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed XSLT stylesheet that is embedded in a document.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| debian | debian_linux | 5.0 |
| opensuse | opensuse | 11.4 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
Mozilla Firefox 4.x through 9.0 and SeaMonkey before 2.7 on Linux and Mac OS X set weak permissions for Firefox Recovery Key.html, which might allow local users to read a Firefox Sync key via standard filesystem operations.
CVSS 2.0
Severity: LOW
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 8.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | firefox | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.2 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
| mozilla | seamonkey | 1.1.9 |
CRLF injection vulnerability in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote web servers to bypass intended Content Security Policy (CSP) restrictions and possibly conduct cross-site scripting (XSS) attacks via crafted HTTP headers.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox_esr | 10.1 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox_esr | 10.2 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.2 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 7.0.1 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
| mozilla | seamonkey | 1.1.9 |
Use-after-free vulnerability in Mozilla Firefox 10.x before 10.0.1, Thunderbird 10.x before 10.0.1, and SeaMonkey 2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger failure of an nsXBLDocumentInfo::ReadPrototypeBindings function call, related to the cycle collector's access to a hash table containing a stale XBL binding.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 10.0 |
| mozilla | thunderbird | 10.0 |
| mozilla | seamonkey | 2.7 |
Cross-site request forgery (CSRF) vulnerability in xmlrpc.cgi in Bugzilla 4.0.2 through 4.0.4 and 4.1.1 through 4.2rc2, when mod_perl is used, allows remote attackers to hijack the authentication of arbitrary users for requests that modify the product's installation via the XML-RPC API.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 4.0.2 |
| mozilla | bugzilla | 4.1.1 |
| mozilla | bugzilla | 4.2 |
| mozilla | bugzilla | 4.0.3 |
| mozilla | bugzilla | 4.0.4 |
| mozilla | bugzilla | 4.1.2 |
| mozilla | bugzilla | 4.1.3 |
Use-after-free vulnerability in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 on 32-bit Windows 7 platforms allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving use of the file-open dialog in a child window, related to the IUnknown_QueryService function in the Windows shlwapi.dll library.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox_esr | 10.1 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox_esr | 10.2 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.2 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 7.0.1 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
| mozilla | seamonkey | 1.1.9 |
Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict drag-and-drop operations on javascript: URLs, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web page, related to a "DragAndDropJacking" issue.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 7.0.1 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | firefox_esr | 10.1 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox_esr | 10.2 |
| mozilla | firefox | * |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 7.0 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | thunderbird | 6.0 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | firefox | 6.0.2 |
The SVG Filters implementation in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 might allow remote attackers to obtain sensitive information from process memory via vectors that trigger an out-of-bounds read.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | firefox | 10.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 10.0.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | seamonkey | 2.3 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | seamonkey | - |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.2 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | seamonkey | 2.7 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 2.4.1 |
| mozilla | seamonkey | 1.1.9 |
Use-after-free vulnerability in the nsSMILTimeValueSpec::ConvertBetweenTimeContainer function in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 might allow remote attackers to execute arbitrary code via an SVG animation.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | firefox | 10.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 10.0.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | seamonkey | 2.3 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | seamonkey | - |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.2 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | seamonkey | 2.7 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 2.4.1 |
| mozilla | seamonkey | 1.1.9 |
Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict setting the home page through the dragging of a URL to the home button, which allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a javascript: URL that is later interpreted in the about:sessionrestore context.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | firefox | 10.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 10.0.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | seamonkey | 2.3 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | seamonkey | - |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.2 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | seamonkey | 2.7 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 2.4.1 |
| mozilla | seamonkey | 1.1.9 |
The Cascading Style Sheets (CSS) implementation in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via dynamic modification of a keyframe followed by access to the cssText of the keyframe.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox_esr | 10.1 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox_esr | 10.2 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.2 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 7.0.1 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
| mozilla | seamonkey | 1.1.9 |
Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict write access to the window.fullScreen object, which allows remote attackers to spoof the user interface via a crafted web page.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox_esr | 10.1 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox_esr | 10.2 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.2 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 7.0.1 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
| mozilla | seamonkey | 1.1.9 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | firefox | 10.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 10.0.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | seamonkey | 2.3 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | seamonkey | - |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.2 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | seamonkey | 2.7 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 2.4.1 |
| mozilla | seamonkey | 1.1.9 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox_esr | 10.1 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox_esr | 10.2 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.2 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 7.0.1 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
| mozilla | seamonkey | 1.1.9 |
The nsWindow implementation in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 does not check the validity of an instance after event dispatching, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, as demonstrated by Mobile Firefox on Android.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | firefox | 10.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 10.0.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | seamonkey | 2.3 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | seamonkey | - |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.2 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | seamonkey | 2.7 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 2.4.1 |
| mozilla | seamonkey | 1.1.9 |
Use-after-free vulnerability in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote attackers to execute arbitrary code via vectors involving an empty argument to the array.join function in conjunction with the triggering of garbage collection.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | firefox | 10.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 10.0.2 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | seamonkey | 2.3 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | seamonkey | - |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.2 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | seamonkey | 2.7 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 2.4.1 |
| mozilla | seamonkey | 1.1.9 |
Bugzilla 3.5.x and 3.6.x before 3.6.9, 3.7.x and 4.0.x before 4.0.6, and 4.1.x and 4.2.x before 4.2.1, when the inbound_proxies option is enabled, does not properly validate the X-Forwarded-For HTTP header, which allows remote attackers to bypass the lockout policy via a series of authentication requests with (1) different IP address strings in this header or (2) a long string in this header.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.5.1 |
| mozilla | bugzilla | 4.0.3 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 3.6.5 |
| mozilla | bugzilla | 3.5.3 |
| mozilla | bugzilla | 3.6.0 |
| mozilla | bugzilla | 3.6.6 |
| mozilla | bugzilla | 4.1.3 |
| mozilla | bugzilla | 3.6.8 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 4.0.1 |
| mozilla | bugzilla | 4.0.2 |
| mozilla | bugzilla | 4.1.1 |
| mozilla | bugzilla | 4.2 |
| mozilla | bugzilla | 3.7.3 |
| mozilla | bugzilla | 3.5.2 |
| mozilla | bugzilla | 4.0.5 |
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 3.6.4 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 4.0.4 |
| mozilla | bugzilla | 4.1.2 |
| mozilla | bugzilla | 3.6.7 |
template/en/default/list/list.js.tmpl in Bugzilla 2.x and 3.x before 3.6.9, 3.7.x and 4.0.x before 4.0.6, and 4.1.x and 4.2.x before 4.2.1 does not properly handle multiple logins, which allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive bug information via a crafted web page.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.0.0 |
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 2.23.4 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 2.2 |
| mozilla | bugzilla | 3.3 |
| mozilla | bugzilla | 3.2.9 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 3.1.3 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 3.0.11 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 3.6.8 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 2.18.9 |
| mozilla | bugzilla | 4.1.1 |
| mozilla | bugzilla | 3.0.9 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 2.21.1 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 3.4.10 |
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 3.0.1 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 3.2.8 |
| mozilla | bugzilla | 4.1.2 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 3.0.4 |
| mozilla | bugzilla | 3.2.1 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 3.0.5 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 4.0.3 |
| mozilla | bugzilla | 3.0.10 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.18.5 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 3.0 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 3.5.3 |
| mozilla | bugzilla | 3.0.3 |
| mozilla | bugzilla | 3.5 |
| mozilla | bugzilla | 3.3.3 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 2.9 |
| mozilla | bugzilla | 3.4.11 |
| mozilla | bugzilla | 3.4.13 |
| mozilla | bugzilla | 2.23.1 |
| mozilla | bugzilla | 2.23.3 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.23.2 |
| mozilla | bugzilla | 2.18.6 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 3.0.2 |
| mozilla | bugzilla | 3.0.8 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.20.7 |
| mozilla | bugzilla | 3.6.4 |
| mozilla | bugzilla | 3.4.12 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 3.6.7 |
| mozilla | bugzilla | 2.18.4 |
| mozilla | bugzilla | 2.20.6 |
| mozilla | bugzilla | 2.21.2 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.0.7 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.1.0 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 2.0 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.16.11 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 3.6.0 |
| mozilla | bugzilla | 3.6.6 |
| mozilla | bugzilla | 4.1.3 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 3.1.4 |
| mozilla | bugzilla | 2.18.8 |
| mozilla | bugzilla | 2.23 |
| mozilla | bugzilla | 4.0.2 |
| mozilla | bugzilla | 3.3.2 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 3.4 |
| mozilla | bugzilla | 3.7.3 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 3.5.2 |
| mozilla | bugzilla | 4.0.5 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 4.0.4 |
| mozilla | bugzilla | 2.18.6+ |
| mozilla | bugzilla | 3.1.2 |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 2.17.2 |
| mozilla | bugzilla | 3.2.10 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 3.5.1 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 3.4.8 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.20.5 |
| mozilla | bugzilla | 2.22.2 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 3.6.5 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 3.0.6 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 3.1.1 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 4.0.1 |
| mozilla | bugzilla | 4.2 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 3.3.1 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 3.3.4 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 3.4.9 |
| mozilla | bugzilla | 2.18.7 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 10.0.2 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | thunderbird | 10.0 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 7.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | seamonkey | 2.7 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
The browser engine in Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (assertion failure and memory corruption) or possibly execute arbitrary code via vectors related to jsval.h and the js::array_shift function.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 5.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 10.0.2 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | thunderbird | 10.0 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 7.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | seamonkey | 2.7 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
Use-after-free vulnerability in the mozilla::dom::indexedDB::IDBKeyRange::cycleCollection::Trace function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to execute arbitrary code via vectors related to crafted IndexedDB data.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 10.0.2 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 7.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | seamonkey | 2.7 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
Heap-based buffer overflow in the nsSVGFEDiffuseLightingElement::LightPixel function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (invalid gfxImageSurface free operation) or possibly execute arbitrary code by leveraging the use of "different number systems."
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 10.0.2 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 7.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | seamonkey | 2.7 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via a multibyte character set.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 10.0.2 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | thunderbird | 10.0 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 7.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | seamonkey | 2.7 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
The cairo-dwrite implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9, when certain Windows Vista and Windows 7 configurations are used, does not properly restrict font-rendering attempts, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 10.0.2 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | seamonkey | 2.2 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 7.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | seamonkey | 2.7 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
The WebGLBuffer::FindMaxUshortElement function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 calls the FindMaxElementInSubArray function with incorrect template arguments, which allows remote attackers to obtain sensitive information from video memory via a crafted WebGL.drawElements call.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 10.0.2 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | thunderbird | 10.0 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 7.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | seamonkey | 2.7 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
Cross-site scripting (XSS) vulnerability in the docshell implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via vectors related to short-circuited page loads, aka "Universal XSS (UXSS)."
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 10.0.2 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | thunderbird | 10.0 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 7.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | seamonkey | 2.7 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 do not properly construct the Origin and Sec-WebSocket-Origin HTTP headers, which might allow remote attackers to bypass an IPv6 literal ACL via a cross-site (1) XMLHttpRequest or (2) WebSocket operation involving a nonstandard port number and an IPv6 address that contains certain zero fields.
CVSS 2.0
Severity: LOW
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 5.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 10.0.2 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | thunderbird | 10.0 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 7.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | seamonkey | 2.7 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to inject arbitrary web script or HTML via the (1) ISO-2022-KR or (2) ISO-2022-CN character set.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 10.0.2 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | thunderbird | 10.0 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 7.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | seamonkey | 2.7 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_OBJECT casts, which might allow remote attackers to execute arbitrary code via a crafted web page.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 10.0.2 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | thunderbird | 10.0 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 7.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | seamonkey | 2.7 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to spoof the address bar via an https URL for invalid (1) RSS or (2) Atom XML content.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 10.0.2 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | thunderbird | 10.0 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 7.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | seamonkey | 2.7 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a BDF font.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| freetype | freetype | 2.1.6 |
| freetype | freetype | 2.4.7 |
| freetype | freetype | 2.3.8 |
| freetype | freetype | 1.3.1 |
| freetype | freetype | 2.1.9 |
| freetype | freetype | 2.0.7 |
| freetype | freetype | 2.0.9 |
| freetype | freetype | 2.3.3 |
| freetype | freetype | 2.4.0 |
| freetype | freetype | 2.3.5 |
| mozilla | firefox_mobile | 4.0 |
| freetype | freetype | 2.1.7 |
| freetype | freetype | 2.1.8 |
| mozilla | firefox_mobile | 6.0.1 |
| mozilla | firefox_mobile | * |
| freetype | freetype | 2.4.6 |
| mozilla | firefox_mobile | 6.0 |
| mozilla | firefox_mobile | 10.0.1 |
| freetype | freetype | 2.0.1 |
| mozilla | firefox_mobile | 6.0.2 |
| freetype | freetype | 2.3.0 |
| freetype | freetype | * |
| freetype | freetype | 2.2.0 |
| freetype | freetype | 2.3.6 |
| freetype | freetype | 2.2.1 |
| mozilla | firefox_mobile | 5.0 |
| mozilla | firefox_mobile | 8.0 |
| freetype | freetype | 2.3.4 |
| freetype | freetype | 2.3.10 |
| freetype | freetype | 2.1.3 |
| freetype | freetype | 2.4.1 |
| freetype | freetype | 2.4.2 |
| freetype | freetype | 2.3.12 |
| mozilla | firefox_mobile | 9.0 |
| freetype | freetype | 2.4.3 |
| freetype | freetype | 2.0.6 |
| freetype | freetype | 2.1.10 |
| freetype | freetype | 2.0.8 |
| freetype | freetype | 2.1.4 |
| freetype | freetype | 2.0.3 |
| freetype | freetype | 2.4.5 |
| mozilla | firefox_mobile | 7.0 |
| freetype | freetype | 2.3.1 |
| freetype | freetype | 2.1.5 |
| freetype | freetype | 2.1 |
| freetype | freetype | 2.3.7 |
| freetype | freetype | 2.0.5 |
| mozilla | firefox_mobile | 10.0 |
| freetype | freetype | 2.3.2 |
| mozilla | firefox_mobile | 1.0 |
| freetype | freetype | 2.0.0 |
| mozilla | firefox_mobile | 10.0.2 |
| freetype | freetype | 2.0.2 |
| freetype | freetype | 2.3.11 |
| freetype | freetype | 2.3.9 |
| freetype | freetype | 2.0.4 |
| freetype | freetype | 2.4.4 |
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| freetype | freetype | 2.1.6 |
| freetype | freetype | 2.4.7 |
| freetype | freetype | 2.3.8 |
| freetype | freetype | 1.3.1 |
| freetype | freetype | 2.1.9 |
| freetype | freetype | 2.0.7 |
| freetype | freetype | 2.0.9 |
| freetype | freetype | 2.3.3 |
| freetype | freetype | 2.4.0 |
| freetype | freetype | 2.3.5 |
| mozilla | firefox_mobile | 4.0 |
| freetype | freetype | 2.1.7 |
| freetype | freetype | 2.1.8 |
| mozilla | firefox_mobile | 6.0.1 |
| mozilla | firefox_mobile | * |
| freetype | freetype | 2.4.6 |
| mozilla | firefox_mobile | 6.0 |
| mozilla | firefox_mobile | 10.0.1 |
| freetype | freetype | 2.0.1 |
| mozilla | firefox_mobile | 6.0.2 |
| freetype | freetype | 2.3.0 |
| freetype | freetype | * |
| freetype | freetype | 2.2.0 |
| freetype | freetype | 2.3.6 |
| freetype | freetype | 2.2.1 |
| mozilla | firefox_mobile | 5.0 |
| mozilla | firefox_mobile | 8.0 |
| freetype | freetype | 2.3.4 |
| freetype | freetype | 2.3.10 |
| freetype | freetype | 2.1.3 |
| freetype | freetype | 2.4.1 |
| freetype | freetype | 2.4.2 |
| freetype | freetype | 2.3.12 |
| mozilla | firefox_mobile | 9.0 |
| freetype | freetype | 2.4.3 |
| freetype | freetype | 2.0.6 |
| freetype | freetype | 2.1.10 |
| freetype | freetype | 2.0.8 |
| freetype | freetype | 2.1.4 |
| freetype | freetype | 2.0.3 |
| freetype | freetype | 2.4.5 |
| mozilla | firefox_mobile | 7.0 |
| freetype | freetype | 2.3.1 |
| freetype | freetype | 2.1.5 |
| freetype | freetype | 2.1 |
| freetype | freetype | 2.3.7 |
| freetype | freetype | 2.0.5 |
| mozilla | firefox_mobile | 10.0 |
| freetype | freetype | 2.3.2 |
| mozilla | firefox_mobile | 1.0 |
| freetype | freetype | 2.0.0 |
| mozilla | firefox_mobile | 10.0.2 |
| freetype | freetype | 2.0.2 |
| freetype | freetype | 2.3.11 |
| freetype | freetype | 2.3.9 |
| freetype | freetype | 2.0.4 |
| freetype | freetype | 2.4.4 |
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and memory corruption) or possibly execute arbitrary code via a crafted TrueType font.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| freetype | freetype | 2.1.6 |
| freetype | freetype | 2.4.7 |
| freetype | freetype | 2.3.8 |
| freetype | freetype | 1.3.1 |
| freetype | freetype | 2.1.9 |
| freetype | freetype | 2.0.7 |
| freetype | freetype | 2.0.9 |
| freetype | freetype | 2.3.3 |
| freetype | freetype | 2.4.0 |
| freetype | freetype | 2.3.5 |
| mozilla | firefox_mobile | 4.0 |
| freetype | freetype | 2.1.7 |
| freetype | freetype | 2.1.8 |
| mozilla | firefox_mobile | 6.0.1 |
| mozilla | firefox_mobile | * |
| freetype | freetype | 2.4.6 |
| mozilla | firefox_mobile | 6.0 |
| mozilla | firefox_mobile | 10.0.1 |
| freetype | freetype | 2.0.1 |
| mozilla | firefox_mobile | 6.0.2 |
| freetype | freetype | 2.3.0 |
| freetype | freetype | * |
| freetype | freetype | 2.2.0 |
| freetype | freetype | 2.3.6 |
| freetype | freetype | 2.2.1 |
| mozilla | firefox_mobile | 5.0 |
| mozilla | firefox_mobile | 8.0 |
| freetype | freetype | 2.3.4 |
| freetype | freetype | 2.3.10 |
| freetype | freetype | 2.1.3 |
| freetype | freetype | 2.4.1 |
| freetype | freetype | 2.4.2 |
| freetype | freetype | 2.3.12 |
| mozilla | firefox_mobile | 9.0 |
| freetype | freetype | 2.4.3 |
| freetype | freetype | 2.0.6 |
| freetype | freetype | 2.1.10 |
| freetype | freetype | 2.0.8 |
| freetype | freetype | 2.1.4 |
| freetype | freetype | 2.0.3 |
| freetype | freetype | 2.4.5 |
| mozilla | firefox_mobile | 7.0 |
| freetype | freetype | 2.3.1 |
| freetype | freetype | 2.1.5 |
| freetype | freetype | 2.1 |
| freetype | freetype | 2.3.7 |
| freetype | freetype | 2.0.5 |
| mozilla | firefox_mobile | 10.0 |
| freetype | freetype | 2.3.2 |
| mozilla | firefox_mobile | 1.0 |
| freetype | freetype | 2.0.0 |
| mozilla | firefox_mobile | 10.0.2 |
| freetype | freetype | 2.0.2 |
| freetype | freetype | 2.3.11 |
| freetype | freetype | 2.3.9 |
| freetype | freetype | 2.0.4 |
| freetype | freetype | 2.4.4 |
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted SFNT string in a Type 42 font.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| freetype | freetype | 2.1.6 |
| freetype | freetype | 2.4.7 |
| freetype | freetype | 2.3.8 |
| freetype | freetype | 1.3.1 |
| freetype | freetype | 2.1.9 |
| freetype | freetype | 2.0.7 |
| freetype | freetype | 2.0.9 |
| freetype | freetype | 2.3.3 |
| freetype | freetype | 2.4.0 |
| freetype | freetype | 2.3.5 |
| mozilla | firefox_mobile | 4.0 |
| freetype | freetype | 2.1.7 |
| freetype | freetype | 2.1.8 |
| mozilla | firefox_mobile | 6.0.1 |
| mozilla | firefox_mobile | * |
| freetype | freetype | 2.4.6 |
| mozilla | firefox_mobile | 6.0 |
| mozilla | firefox_mobile | 10.0.1 |
| freetype | freetype | 2.0.1 |
| mozilla | firefox_mobile | 6.0.2 |
| freetype | freetype | 2.3.0 |
| freetype | freetype | * |
| freetype | freetype | 2.2.0 |
| freetype | freetype | 2.3.6 |
| freetype | freetype | 2.2.1 |
| mozilla | firefox_mobile | 5.0 |
| mozilla | firefox_mobile | 8.0 |
| freetype | freetype | 2.3.4 |
| freetype | freetype | 2.3.10 |
| freetype | freetype | 2.1.3 |
| freetype | freetype | 2.4.1 |
| freetype | freetype | 2.4.2 |
| freetype | freetype | 2.3.12 |
| mozilla | firefox_mobile | 9.0 |
| freetype | freetype | 2.4.3 |
| freetype | freetype | 2.0.6 |
| freetype | freetype | 2.1.10 |
| freetype | freetype | 2.0.8 |
| freetype | freetype | 2.1.4 |
| freetype | freetype | 2.0.3 |
| freetype | freetype | 2.4.5 |
| mozilla | firefox_mobile | 7.0 |
| freetype | freetype | 2.3.1 |
| freetype | freetype | 2.1.5 |
| freetype | freetype | 2.1 |
| freetype | freetype | 2.3.7 |
| freetype | freetype | 2.0.5 |
| mozilla | firefox_mobile | 10.0 |
| freetype | freetype | 2.3.2 |
| mozilla | firefox_mobile | 1.0 |
| freetype | freetype | 2.0.0 |
| mozilla | firefox_mobile | 10.0.2 |
| freetype | freetype | 2.0.2 |
| freetype | freetype | 2.3.11 |
| freetype | freetype | 2.3.9 |
| freetype | freetype | 2.0.4 |
| freetype | freetype | 2.4.4 |
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a PCF font.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| freetype | freetype | 2.1.6 |
| freetype | freetype | 2.4.7 |
| freetype | freetype | 2.3.8 |
| freetype | freetype | 1.3.1 |
| freetype | freetype | 2.1.9 |
| freetype | freetype | 2.0.7 |
| freetype | freetype | 2.0.9 |
| freetype | freetype | 2.3.3 |
| freetype | freetype | 2.4.0 |
| freetype | freetype | 2.3.5 |
| mozilla | firefox_mobile | 4.0 |
| freetype | freetype | 2.1.7 |
| freetype | freetype | 2.1.8 |
| mozilla | firefox_mobile | 6.0.1 |
| mozilla | firefox_mobile | * |
| freetype | freetype | 2.4.6 |
| mozilla | firefox_mobile | 6.0 |
| mozilla | firefox_mobile | 10.0.1 |
| freetype | freetype | 2.0.1 |
| mozilla | firefox_mobile | 6.0.2 |
| freetype | freetype | 2.3.0 |
| freetype | freetype | * |
| freetype | freetype | 2.2.0 |
| freetype | freetype | 2.3.6 |
| freetype | freetype | 2.2.1 |
| mozilla | firefox_mobile | 5.0 |
| mozilla | firefox_mobile | 8.0 |
| freetype | freetype | 2.3.4 |
| freetype | freetype | 2.3.10 |
| freetype | freetype | 2.1.3 |
| freetype | freetype | 2.4.1 |
| freetype | freetype | 2.4.2 |
| freetype | freetype | 2.3.12 |
| mozilla | firefox_mobile | 9.0 |
| freetype | freetype | 2.4.3 |
| freetype | freetype | 2.0.6 |
| freetype | freetype | 2.1.10 |
| freetype | freetype | 2.0.8 |
| freetype | freetype | 2.1.4 |
| freetype | freetype | 2.0.3 |
| freetype | freetype | 2.4.5 |
| mozilla | firefox_mobile | 7.0 |
| freetype | freetype | 2.3.1 |
| freetype | freetype | 2.1.5 |
| freetype | freetype | 2.1 |
| freetype | freetype | 2.3.7 |
| freetype | freetype | 2.0.5 |
| mozilla | firefox_mobile | 10.0 |
| freetype | freetype | 2.3.2 |
| mozilla | firefox_mobile | 1.0 |
| freetype | freetype | 2.0.0 |
| mozilla | firefox_mobile | 10.0.2 |
| freetype | freetype | 2.0.2 |
| freetype | freetype | 2.3.11 |
| freetype | freetype | 2.3.9 |
| freetype | freetype | 2.0.4 |
| freetype | freetype | 2.4.4 |
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, on 64-bit platforms allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors related to the cell table of a font.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| freetype | freetype | 2.1.6 |
| freetype | freetype | 2.4.7 |
| freetype | freetype | 2.3.8 |
| freetype | freetype | 1.3.1 |
| freetype | freetype | 2.1.9 |
| freetype | freetype | 2.0.7 |
| freetype | freetype | 2.0.9 |
| freetype | freetype | 2.3.3 |
| freetype | freetype | 2.4.0 |
| freetype | freetype | 2.3.5 |
| mozilla | firefox_mobile | 4.0 |
| freetype | freetype | 2.1.7 |
| freetype | freetype | 2.1.8 |
| mozilla | firefox_mobile | 6.0.1 |
| mozilla | firefox_mobile | * |
| freetype | freetype | 2.4.6 |
| mozilla | firefox_mobile | 6.0 |
| mozilla | firefox_mobile | 10.0.1 |
| freetype | freetype | 2.0.1 |
| mozilla | firefox_mobile | 6.0.2 |
| freetype | freetype | 2.3.0 |
| freetype | freetype | * |
| freetype | freetype | 2.2.0 |
| freetype | freetype | 2.3.6 |
| freetype | freetype | 2.2.1 |
| mozilla | firefox_mobile | 5.0 |
| mozilla | firefox_mobile | 8.0 |
| freetype | freetype | 2.3.4 |
| freetype | freetype | 2.3.10 |
| freetype | freetype | 2.1.3 |
| freetype | freetype | 2.4.1 |
| freetype | freetype | 2.4.2 |
| freetype | freetype | 2.3.12 |
| mozilla | firefox_mobile | 9.0 |
| freetype | freetype | 2.4.3 |
| freetype | freetype | 2.0.6 |
| freetype | freetype | 2.1.10 |
| freetype | freetype | 2.0.8 |
| freetype | freetype | 2.1.4 |
| freetype | freetype | 2.0.3 |
| freetype | freetype | 2.4.5 |
| mozilla | firefox_mobile | 7.0 |
| freetype | freetype | 2.3.1 |
| freetype | freetype | 2.1.5 |
| freetype | freetype | 2.1 |
| freetype | freetype | 2.3.7 |
| freetype | freetype | 2.0.5 |
| mozilla | firefox_mobile | 10.0 |
| freetype | freetype | 2.3.2 |
| mozilla | firefox_mobile | 1.0 |
| freetype | freetype | 2.0.0 |
| mozilla | firefox_mobile | 10.0.2 |
| freetype | freetype | 2.0.2 |
| freetype | freetype | 2.3.11 |
| freetype | freetype | 2.3.9 |
| freetype | freetype | 2.0.4 |
| freetype | freetype | 2.4.4 |
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted dictionary data in a Type 1 font.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| freetype | freetype | 2.1.6 |
| freetype | freetype | 2.4.7 |
| freetype | freetype | 2.3.8 |
| freetype | freetype | 1.3.1 |
| freetype | freetype | 2.1.9 |
| freetype | freetype | 2.0.7 |
| freetype | freetype | 2.0.9 |
| freetype | freetype | 2.3.3 |
| freetype | freetype | 2.4.0 |
| freetype | freetype | 2.3.5 |
| mozilla | firefox_mobile | 4.0 |
| freetype | freetype | 2.1.7 |
| freetype | freetype | 2.1.8 |
| mozilla | firefox_mobile | 6.0.1 |
| mozilla | firefox_mobile | * |
| freetype | freetype | 2.4.6 |
| mozilla | firefox_mobile | 6.0 |
| mozilla | firefox_mobile | 10.0.1 |
| freetype | freetype | 2.0.1 |
| mozilla | firefox_mobile | 6.0.2 |
| freetype | freetype | 2.3.0 |
| freetype | freetype | * |
| freetype | freetype | 2.2.0 |
| freetype | freetype | 2.3.6 |
| freetype | freetype | 2.2.1 |
| mozilla | firefox_mobile | 5.0 |
| mozilla | firefox_mobile | 8.0 |
| freetype | freetype | 2.3.4 |
| freetype | freetype | 2.3.10 |
| freetype | freetype | 2.1.3 |
| freetype | freetype | 2.4.1 |
| freetype | freetype | 2.4.2 |
| freetype | freetype | 2.3.12 |
| mozilla | firefox_mobile | 9.0 |
| freetype | freetype | 2.4.3 |
| freetype | freetype | 2.0.6 |
| freetype | freetype | 2.1.10 |
| freetype | freetype | 2.0.8 |
| freetype | freetype | 2.1.4 |
| freetype | freetype | 2.0.3 |
| freetype | freetype | 2.4.5 |
| mozilla | firefox_mobile | 7.0 |
| freetype | freetype | 2.3.1 |
| freetype | freetype | 2.1.5 |
| freetype | freetype | 2.1 |
| freetype | freetype | 2.3.7 |
| freetype | freetype | 2.0.5 |
| mozilla | firefox_mobile | 10.0 |
| freetype | freetype | 2.3.2 |
| mozilla | firefox_mobile | 1.0 |
| freetype | freetype | 2.0.0 |
| mozilla | firefox_mobile | 10.0.2 |
| freetype | freetype | 2.0.2 |
| freetype | freetype | 2.3.11 |
| freetype | freetype | 2.3.9 |
| freetype | freetype | 2.0.4 |
| freetype | freetype | 2.4.4 |
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| freetype | freetype | 2.1.6 |
| freetype | freetype | 2.4.7 |
| freetype | freetype | 2.3.8 |
| freetype | freetype | 1.3.1 |
| freetype | freetype | 2.1.9 |
| freetype | freetype | 2.0.7 |
| freetype | freetype | 2.0.9 |
| freetype | freetype | 2.3.3 |
| freetype | freetype | 2.4.0 |
| freetype | freetype | 2.3.5 |
| mozilla | firefox_mobile | 4.0 |
| freetype | freetype | 2.1.7 |
| freetype | freetype | 2.1.8 |
| mozilla | firefox_mobile | 6.0.1 |
| mozilla | firefox_mobile | * |
| freetype | freetype | 2.4.6 |
| mozilla | firefox_mobile | 6.0 |
| mozilla | firefox_mobile | 10.0.1 |
| freetype | freetype | 2.0.1 |
| mozilla | firefox_mobile | 6.0.2 |
| freetype | freetype | 2.3.0 |
| freetype | freetype | * |
| freetype | freetype | 2.2.0 |
| freetype | freetype | 2.3.6 |
| freetype | freetype | 2.2.1 |
| mozilla | firefox_mobile | 5.0 |
| mozilla | firefox_mobile | 8.0 |
| freetype | freetype | 2.3.4 |
| freetype | freetype | 2.3.10 |
| freetype | freetype | 2.1.3 |
| freetype | freetype | 2.4.1 |
| freetype | freetype | 2.4.2 |
| freetype | freetype | 2.3.12 |
| mozilla | firefox_mobile | 9.0 |
| freetype | freetype | 2.4.3 |
| freetype | freetype | 2.0.6 |
| freetype | freetype | 2.1.10 |
| freetype | freetype | 2.0.8 |
| freetype | freetype | 2.1.4 |
| freetype | freetype | 2.0.3 |
| freetype | freetype | 2.4.5 |
| mozilla | firefox_mobile | 7.0 |
| freetype | freetype | 2.3.1 |
| freetype | freetype | 2.1.5 |
| freetype | freetype | 2.1 |
| freetype | freetype | 2.3.7 |
| freetype | freetype | 2.0.5 |
| mozilla | firefox_mobile | 10.0 |
| freetype | freetype | 2.3.2 |
| mozilla | firefox_mobile | 1.0 |
| freetype | freetype | 2.0.0 |
| mozilla | firefox_mobile | 10.0.2 |
| freetype | freetype | 2.0.2 |
| freetype | freetype | 2.3.11 |
| freetype | freetype | 2.3.9 |
| freetype | freetype | 2.0.4 |
| freetype | freetype | 2.4.4 |
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted private-dictionary data in a Type 1 font.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| freetype | freetype | 2.1.6 |
| freetype | freetype | 2.4.7 |
| freetype | freetype | 2.3.8 |
| freetype | freetype | 1.3.1 |
| freetype | freetype | 2.1.9 |
| freetype | freetype | 2.0.7 |
| freetype | freetype | 2.0.9 |
| freetype | freetype | 2.3.3 |
| freetype | freetype | 2.4.0 |
| freetype | freetype | 2.3.5 |
| mozilla | firefox_mobile | 4.0 |
| freetype | freetype | 2.1.7 |
| freetype | freetype | 2.1.8 |
| mozilla | firefox_mobile | 6.0.1 |
| mozilla | firefox_mobile | * |
| freetype | freetype | 2.4.6 |
| mozilla | firefox_mobile | 6.0 |
| mozilla | firefox_mobile | 10.0.1 |
| freetype | freetype | 2.0.1 |
| mozilla | firefox_mobile | 6.0.2 |
| freetype | freetype | 2.3.0 |
| freetype | freetype | * |
| freetype | freetype | 2.2.0 |
| freetype | freetype | 2.3.6 |
| freetype | freetype | 2.2.1 |
| mozilla | firefox_mobile | 5.0 |
| mozilla | firefox_mobile | 8.0 |
| freetype | freetype | 2.3.4 |
| freetype | freetype | 2.3.10 |
| freetype | freetype | 2.1.3 |
| freetype | freetype | 2.4.1 |
| freetype | freetype | 2.4.2 |
| freetype | freetype | 2.3.12 |
| mozilla | firefox_mobile | 9.0 |
| freetype | freetype | 2.4.3 |
| freetype | freetype | 2.0.6 |
| freetype | freetype | 2.1.10 |
| freetype | freetype | 2.0.8 |
| freetype | freetype | 2.1.4 |
| freetype | freetype | 2.0.3 |
| freetype | freetype | 2.4.5 |
| mozilla | firefox_mobile | 7.0 |
| freetype | freetype | 2.3.1 |
| freetype | freetype | 2.1.5 |
| freetype | freetype | 2.1 |
| freetype | freetype | 2.3.7 |
| freetype | freetype | 2.0.5 |
| mozilla | firefox_mobile | 10.0 |
| freetype | freetype | 2.3.2 |
| mozilla | firefox_mobile | 1.0 |
| freetype | freetype | 2.0.0 |
| mozilla | firefox_mobile | 10.0.2 |
| freetype | freetype | 2.0.2 |
| freetype | freetype | 2.3.11 |
| freetype | freetype | 2.3.9 |
| freetype | freetype | 2.0.4 |
| freetype | freetype | 2.4.4 |
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the NPUSHB and NPUSHW instructions in a TrueType font.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| freetype | freetype | 2.1.6 |
| freetype | freetype | 2.4.7 |
| freetype | freetype | 2.3.8 |
| freetype | freetype | 1.3.1 |
| freetype | freetype | 2.1.9 |
| freetype | freetype | 2.0.7 |
| freetype | freetype | 2.0.9 |
| freetype | freetype | 2.3.3 |
| freetype | freetype | 2.4.0 |
| freetype | freetype | 2.3.5 |
| mozilla | firefox_mobile | 4.0 |
| freetype | freetype | 2.1.7 |
| freetype | freetype | 2.1.8 |
| mozilla | firefox_mobile | 6.0.1 |
| mozilla | firefox_mobile | * |
| freetype | freetype | 2.4.6 |
| mozilla | firefox_mobile | 6.0 |
| mozilla | firefox_mobile | 10.0.1 |
| freetype | freetype | 2.0.1 |
| mozilla | firefox_mobile | 6.0.2 |
| freetype | freetype | 2.3.0 |
| freetype | freetype | * |
| freetype | freetype | 2.2.0 |
| freetype | freetype | 2.3.6 |
| freetype | freetype | 2.2.1 |
| mozilla | firefox_mobile | 5.0 |
| mozilla | firefox_mobile | 8.0 |
| freetype | freetype | 2.3.4 |
| freetype | freetype | 2.3.10 |
| freetype | freetype | 2.1.3 |
| freetype | freetype | 2.4.1 |
| freetype | freetype | 2.4.2 |
| freetype | freetype | 2.3.12 |
| mozilla | firefox_mobile | 9.0 |
| freetype | freetype | 2.4.3 |
| freetype | freetype | 2.0.6 |
| freetype | freetype | 2.1.10 |
| freetype | freetype | 2.0.8 |
| freetype | freetype | 2.1.4 |
| freetype | freetype | 2.0.3 |
| freetype | freetype | 2.4.5 |
| mozilla | firefox_mobile | 7.0 |
| freetype | freetype | 2.3.1 |
| freetype | freetype | 2.1.5 |
| freetype | freetype | 2.1 |
| freetype | freetype | 2.3.7 |
| freetype | freetype | 2.0.5 |
| mozilla | firefox_mobile | 10.0 |
| freetype | freetype | 2.3.2 |
| mozilla | firefox_mobile | 1.0 |
| freetype | freetype | 2.0.0 |
| mozilla | firefox_mobile | 10.0.2 |
| freetype | freetype | 2.0.2 |
| freetype | freetype | 2.3.11 |
| freetype | freetype | 2.3.9 |
| freetype | freetype | 2.0.4 |
| freetype | freetype | 2.4.4 |
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font that lacks an ENCODING field.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| freetype | freetype | 2.1.6 |
| freetype | freetype | 2.4.7 |
| freetype | freetype | 2.3.8 |
| freetype | freetype | 1.3.1 |
| freetype | freetype | 2.1.9 |
| freetype | freetype | 2.0.7 |
| freetype | freetype | 2.0.9 |
| freetype | freetype | 2.3.3 |
| freetype | freetype | 2.4.0 |
| freetype | freetype | 2.3.5 |
| mozilla | firefox_mobile | 4.0 |
| freetype | freetype | 2.1.7 |
| freetype | freetype | 2.1.8 |
| mozilla | firefox_mobile | 6.0.1 |
| mozilla | firefox_mobile | * |
| freetype | freetype | 2.4.6 |
| mozilla | firefox_mobile | 6.0 |
| mozilla | firefox_mobile | 10.0.1 |
| freetype | freetype | 2.0.1 |
| mozilla | firefox_mobile | 6.0.2 |
| freetype | freetype | 2.3.0 |
| freetype | freetype | * |
| freetype | freetype | 2.2.0 |
| freetype | freetype | 2.3.6 |
| freetype | freetype | 2.2.1 |
| mozilla | firefox_mobile | 5.0 |
| mozilla | firefox_mobile | 8.0 |
| freetype | freetype | 2.3.4 |
| freetype | freetype | 2.3.10 |
| freetype | freetype | 2.1.3 |
| freetype | freetype | 2.4.1 |
| freetype | freetype | 2.4.2 |
| freetype | freetype | 2.3.12 |
| mozilla | firefox_mobile | 9.0 |
| freetype | freetype | 2.4.3 |
| freetype | freetype | 2.0.6 |
| freetype | freetype | 2.1.10 |
| freetype | freetype | 2.0.8 |
| freetype | freetype | 2.1.4 |
| freetype | freetype | 2.0.3 |
| freetype | freetype | 2.4.5 |
| mozilla | firefox_mobile | 7.0 |
| freetype | freetype | 2.3.1 |
| freetype | freetype | 2.1.5 |
| freetype | freetype | 2.1 |
| freetype | freetype | 2.3.7 |
| freetype | freetype | 2.0.5 |
| mozilla | firefox_mobile | 10.0 |
| freetype | freetype | 2.3.2 |
| mozilla | firefox_mobile | 1.0 |
| freetype | freetype | 2.0.0 |
| mozilla | firefox_mobile | 10.0.2 |
| freetype | freetype | 2.0.2 |
| freetype | freetype | 2.3.11 |
| freetype | freetype | 2.3.9 |
| freetype | freetype | 2.0.4 |
| freetype | freetype | 2.4.4 |
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted header in a BDF font.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| freetype | freetype | 2.1.6 |
| freetype | freetype | 2.4.7 |
| freetype | freetype | 2.3.8 |
| freetype | freetype | 1.3.1 |
| freetype | freetype | 2.1.9 |
| freetype | freetype | 2.0.7 |
| freetype | freetype | 2.0.9 |
| freetype | freetype | 2.3.3 |
| freetype | freetype | 2.4.0 |
| freetype | freetype | 2.3.5 |
| mozilla | firefox_mobile | 4.0 |
| freetype | freetype | 2.1.7 |
| freetype | freetype | 2.1.8 |
| mozilla | firefox_mobile | 6.0.1 |
| mozilla | firefox_mobile | * |
| freetype | freetype | 2.4.6 |
| mozilla | firefox_mobile | 6.0 |
| mozilla | firefox_mobile | 10.0.1 |
| freetype | freetype | 2.0.1 |
| mozilla | firefox_mobile | 6.0.2 |
| freetype | freetype | 2.3.0 |
| freetype | freetype | * |
| freetype | freetype | 2.2.0 |
| freetype | freetype | 2.3.6 |
| freetype | freetype | 2.2.1 |
| mozilla | firefox_mobile | 5.0 |
| mozilla | firefox_mobile | 8.0 |
| freetype | freetype | 2.3.4 |
| freetype | freetype | 2.3.10 |
| freetype | freetype | 2.1.3 |
| freetype | freetype | 2.4.1 |
| freetype | freetype | 2.4.2 |
| freetype | freetype | 2.3.12 |
| mozilla | firefox_mobile | 9.0 |
| freetype | freetype | 2.4.3 |
| freetype | freetype | 2.0.6 |
| freetype | freetype | 2.1.10 |
| freetype | freetype | 2.0.8 |
| freetype | freetype | 2.1.4 |
| freetype | freetype | 2.0.3 |
| freetype | freetype | 2.4.5 |
| mozilla | firefox_mobile | 7.0 |
| freetype | freetype | 2.3.1 |
| freetype | freetype | 2.1.5 |
| freetype | freetype | 2.1 |
| freetype | freetype | 2.3.7 |
| freetype | freetype | 2.0.5 |
| mozilla | firefox_mobile | 10.0 |
| freetype | freetype | 2.3.2 |
| mozilla | firefox_mobile | 1.0 |
| freetype | freetype | 2.0.0 |
| mozilla | firefox_mobile | 10.0.2 |
| freetype | freetype | 2.0.2 |
| freetype | freetype | 2.3.11 |
| freetype | freetype | 2.3.9 |
| freetype | freetype | 2.0.4 |
| freetype | freetype | 2.4.4 |
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the MIRP instruction in a TrueType font.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| freetype | freetype | 2.1.6 |
| freetype | freetype | 2.4.7 |
| freetype | freetype | 2.3.8 |
| freetype | freetype | 1.3.1 |
| freetype | freetype | 2.1.9 |
| freetype | freetype | 2.0.7 |
| freetype | freetype | 2.0.9 |
| freetype | freetype | 2.3.3 |
| freetype | freetype | 2.4.0 |
| freetype | freetype | 2.3.5 |
| mozilla | firefox_mobile | 4.0 |
| freetype | freetype | 2.1.7 |
| freetype | freetype | 2.1.8 |
| mozilla | firefox_mobile | 6.0.1 |
| mozilla | firefox_mobile | * |
| freetype | freetype | 2.4.6 |
| mozilla | firefox_mobile | 6.0 |
| mozilla | firefox_mobile | 10.0.1 |
| freetype | freetype | 2.0.1 |
| mozilla | firefox_mobile | 6.0.2 |
| freetype | freetype | 2.3.0 |
| freetype | freetype | * |
| freetype | freetype | 2.2.0 |
| freetype | freetype | 2.3.6 |
| freetype | freetype | 2.2.1 |
| mozilla | firefox_mobile | 5.0 |
| mozilla | firefox_mobile | 8.0 |
| freetype | freetype | 2.3.4 |
| freetype | freetype | 2.3.10 |
| freetype | freetype | 2.1.3 |
| freetype | freetype | 2.4.1 |
| freetype | freetype | 2.4.2 |
| freetype | freetype | 2.3.12 |
| mozilla | firefox_mobile | 9.0 |
| freetype | freetype | 2.4.3 |
| freetype | freetype | 2.0.6 |
| freetype | freetype | 2.1.10 |
| freetype | freetype | 2.0.8 |
| freetype | freetype | 2.1.4 |
| freetype | freetype | 2.0.3 |
| freetype | freetype | 2.4.5 |
| mozilla | firefox_mobile | 7.0 |
| freetype | freetype | 2.3.1 |
| freetype | freetype | 2.1.5 |
| freetype | freetype | 2.1 |
| freetype | freetype | 2.3.7 |
| freetype | freetype | 2.0.5 |
| mozilla | firefox_mobile | 10.0 |
| freetype | freetype | 2.3.2 |
| mozilla | firefox_mobile | 1.0 |
| freetype | freetype | 2.0.0 |
| mozilla | firefox_mobile | 10.0.2 |
| freetype | freetype | 2.0.2 |
| freetype | freetype | 2.3.11 |
| freetype | freetype | 2.3.9 |
| freetype | freetype | 2.0.4 |
| freetype | freetype | 2.4.4 |
Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation and memory corruption) or possibly execute arbitrary code via crafted glyph data in a BDF font.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| freetype | freetype | 2.1.6 |
| freetype | freetype | 2.4.7 |
| freetype | freetype | 2.3.8 |
| freetype | freetype | 1.3.1 |
| freetype | freetype | 2.1.9 |
| freetype | freetype | 2.0.7 |
| freetype | freetype | 2.0.9 |
| freetype | freetype | 2.3.3 |
| freetype | freetype | 2.4.0 |
| freetype | freetype | 2.3.5 |
| mozilla | firefox_mobile | 4.0 |
| freetype | freetype | 2.1.7 |
| freetype | freetype | 2.1.8 |
| mozilla | firefox_mobile | 6.0.1 |
| mozilla | firefox_mobile | * |
| freetype | freetype | 2.4.6 |
| mozilla | firefox_mobile | 6.0 |
| mozilla | firefox_mobile | 10.0.1 |
| freetype | freetype | 2.0.1 |
| mozilla | firefox_mobile | 6.0.2 |
| freetype | freetype | 2.3.0 |
| freetype | freetype | * |
| freetype | freetype | 2.2.0 |
| freetype | freetype | 2.3.6 |
| freetype | freetype | 2.2.1 |
| mozilla | firefox_mobile | 5.0 |
| mozilla | firefox_mobile | 8.0 |
| freetype | freetype | 2.3.4 |
| freetype | freetype | 2.3.10 |
| freetype | freetype | 2.1.3 |
| freetype | freetype | 2.4.1 |
| freetype | freetype | 2.4.2 |
| freetype | freetype | 2.3.12 |
| mozilla | firefox_mobile | 9.0 |
| freetype | freetype | 2.4.3 |
| freetype | freetype | 2.0.6 |
| freetype | freetype | 2.1.10 |
| freetype | freetype | 2.0.8 |
| freetype | freetype | 2.1.4 |
| freetype | freetype | 2.0.3 |
| freetype | freetype | 2.4.5 |
| mozilla | firefox_mobile | 7.0 |
| freetype | freetype | 2.3.1 |
| freetype | freetype | 2.1.5 |
| freetype | freetype | 2.1 |
| freetype | freetype | 2.3.7 |
| freetype | freetype | 2.0.5 |
| mozilla | firefox_mobile | 10.0 |
| freetype | freetype | 2.3.2 |
| mozilla | firefox_mobile | 1.0 |
| freetype | freetype | 2.0.0 |
| mozilla | firefox_mobile | 10.0.2 |
| freetype | freetype | 2.0.2 |
| freetype | freetype | 2.3.11 |
| freetype | freetype | 2.3.9 |
| freetype | freetype | 2.0.4 |
| freetype | freetype | 2.4.4 |
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted PostScript font object.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| freetype | freetype | 2.1.6 |
| freetype | freetype | 2.4.7 |
| freetype | freetype | 2.3.8 |
| freetype | freetype | 1.3.1 |
| freetype | freetype | 2.1.9 |
| freetype | freetype | 2.0.7 |
| freetype | freetype | 2.0.9 |
| freetype | freetype | 2.3.3 |
| freetype | freetype | 2.4.0 |
| freetype | freetype | 2.3.5 |
| mozilla | firefox_mobile | 4.0 |
| freetype | freetype | 2.1.7 |
| freetype | freetype | 2.1.8 |
| mozilla | firefox_mobile | 6.0.1 |
| mozilla | firefox_mobile | * |
| freetype | freetype | 2.4.6 |
| mozilla | firefox_mobile | 6.0 |
| mozilla | firefox_mobile | 10.0.1 |
| freetype | freetype | 2.0.1 |
| mozilla | firefox_mobile | 6.0.2 |
| freetype | freetype | 2.3.0 |
| freetype | freetype | * |
| freetype | freetype | 2.2.0 |
| freetype | freetype | 2.3.6 |
| freetype | freetype | 2.2.1 |
| mozilla | firefox_mobile | 5.0 |
| mozilla | firefox_mobile | 8.0 |
| freetype | freetype | 2.3.4 |
| freetype | freetype | 2.3.10 |
| freetype | freetype | 2.1.3 |
| freetype | freetype | 2.4.1 |
| freetype | freetype | 2.4.2 |
| freetype | freetype | 2.3.12 |
| mozilla | firefox_mobile | 9.0 |
| freetype | freetype | 2.4.3 |
| freetype | freetype | 2.0.6 |
| freetype | freetype | 2.1.10 |
| freetype | freetype | 2.0.8 |
| freetype | freetype | 2.1.4 |
| freetype | freetype | 2.0.3 |
| freetype | freetype | 2.4.5 |
| mozilla | firefox_mobile | 7.0 |
| freetype | freetype | 2.3.1 |
| freetype | freetype | 2.1.5 |
| freetype | freetype | 2.1 |
| freetype | freetype | 2.3.7 |
| freetype | freetype | 2.0.5 |
| mozilla | firefox_mobile | 10.0 |
| freetype | freetype | 2.3.2 |
| mozilla | firefox_mobile | 1.0 |
| freetype | freetype | 2.0.0 |
| mozilla | firefox_mobile | 10.0.2 |
| freetype | freetype | 2.0.2 |
| freetype | freetype | 2.3.11 |
| freetype | freetype | 2.3.9 |
| freetype | freetype | 2.0.4 |
| freetype | freetype | 2.4.4 |
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted ASCII string in a BDF font.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| freetype | freetype | 2.1.6 |
| freetype | freetype | 2.4.7 |
| freetype | freetype | 2.3.8 |
| freetype | freetype | 1.3.1 |
| freetype | freetype | 2.1.9 |
| freetype | freetype | 2.0.7 |
| freetype | freetype | 2.0.9 |
| freetype | freetype | 2.3.3 |
| freetype | freetype | 2.4.0 |
| freetype | freetype | 2.3.5 |
| mozilla | firefox_mobile | 4.0 |
| freetype | freetype | 2.1.7 |
| freetype | freetype | 2.1.8 |
| mozilla | firefox_mobile | 6.0.1 |
| mozilla | firefox_mobile | * |
| freetype | freetype | 2.4.6 |
| mozilla | firefox_mobile | 6.0 |
| mozilla | firefox_mobile | 10.0.1 |
| freetype | freetype | 2.0.1 |
| mozilla | firefox_mobile | 6.0.2 |
| freetype | freetype | 2.3.0 |
| freetype | freetype | * |
| freetype | freetype | 2.2.0 |
| freetype | freetype | 2.3.6 |
| freetype | freetype | 2.2.1 |
| mozilla | firefox_mobile | 5.0 |
| mozilla | firefox_mobile | 8.0 |
| freetype | freetype | 2.3.4 |
| freetype | freetype | 2.3.10 |
| freetype | freetype | 2.1.3 |
| freetype | freetype | 2.4.1 |
| freetype | freetype | 2.4.2 |
| freetype | freetype | 2.3.12 |
| mozilla | firefox_mobile | 9.0 |
| freetype | freetype | 2.4.3 |
| freetype | freetype | 2.0.6 |
| freetype | freetype | 2.1.10 |
| freetype | freetype | 2.0.8 |
| freetype | freetype | 2.1.4 |
| freetype | freetype | 2.0.3 |
| freetype | freetype | 2.4.5 |
| mozilla | firefox_mobile | 7.0 |
| freetype | freetype | 2.3.1 |
| freetype | freetype | 2.1.5 |
| freetype | freetype | 2.1 |
| freetype | freetype | 2.3.7 |
| freetype | freetype | 2.0.5 |
| mozilla | firefox_mobile | 10.0 |
| freetype | freetype | 2.3.2 |
| mozilla | firefox_mobile | 1.0 |
| freetype | freetype | 2.0.0 |
| mozilla | firefox_mobile | 10.0.2 |
| freetype | freetype | 2.0.2 |
| freetype | freetype | 2.3.11 |
| freetype | freetype | 2.3.9 |
| freetype | freetype | 2.0.4 |
| freetype | freetype | 2.4.4 |
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph-outline data in a font.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| freetype | freetype | 2.1.6 |
| freetype | freetype | 2.4.7 |
| freetype | freetype | 2.3.8 |
| freetype | freetype | 1.3.1 |
| freetype | freetype | 2.1.9 |
| freetype | freetype | 2.0.7 |
| freetype | freetype | 2.0.9 |
| freetype | freetype | 2.3.3 |
| freetype | freetype | 2.4.0 |
| freetype | freetype | 2.3.5 |
| mozilla | firefox_mobile | 4.0 |
| freetype | freetype | 2.1.7 |
| freetype | freetype | 2.1.8 |
| mozilla | firefox_mobile | 6.0.1 |
| mozilla | firefox_mobile | * |
| freetype | freetype | 2.4.6 |
| mozilla | firefox_mobile | 6.0 |
| mozilla | firefox_mobile | 10.0.1 |
| freetype | freetype | 2.0.1 |
| mozilla | firefox_mobile | 6.0.2 |
| freetype | freetype | 2.3.0 |
| freetype | freetype | * |
| freetype | freetype | 2.2.0 |
| freetype | freetype | 2.3.6 |
| freetype | freetype | 2.2.1 |
| mozilla | firefox_mobile | 5.0 |
| mozilla | firefox_mobile | 8.0 |
| freetype | freetype | 2.3.4 |
| freetype | freetype | 2.3.10 |
| freetype | freetype | 2.1.3 |
| freetype | freetype | 2.4.1 |
| freetype | freetype | 2.4.2 |
| freetype | freetype | 2.3.12 |
| mozilla | firefox_mobile | 9.0 |
| freetype | freetype | 2.4.3 |
| freetype | freetype | 2.0.6 |
| freetype | freetype | 2.1.10 |
| freetype | freetype | 2.0.8 |
| freetype | freetype | 2.1.4 |
| freetype | freetype | 2.0.3 |
| freetype | freetype | 2.4.5 |
| mozilla | firefox_mobile | 7.0 |
| freetype | freetype | 2.3.1 |
| freetype | freetype | 2.1.5 |
| freetype | freetype | 2.1 |
| freetype | freetype | 2.3.7 |
| freetype | freetype | 2.0.5 |
| mozilla | firefox_mobile | 10.0 |
| freetype | freetype | 2.3.2 |
| mozilla | firefox_mobile | 1.0 |
| freetype | freetype | 2.0.0 |
| mozilla | firefox_mobile | 10.0.2 |
| freetype | freetype | 2.0.2 |
| freetype | freetype | 2.3.11 |
| freetype | freetype | 2.3.9 |
| freetype | freetype | 2.0.4 |
| freetype | freetype | 2.4.4 |
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted font.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| freetype | freetype | 2.1.6 |
| freetype | freetype | 2.4.7 |
| freetype | freetype | 2.3.8 |
| freetype | freetype | 1.3.1 |
| freetype | freetype | 2.1.9 |
| freetype | freetype | 2.0.7 |
| freetype | freetype | 2.0.9 |
| freetype | freetype | 2.3.3 |
| freetype | freetype | 2.4.0 |
| freetype | freetype | 2.3.5 |
| mozilla | firefox_mobile | 4.0 |
| freetype | freetype | 2.1.7 |
| freetype | freetype | 2.1.8 |
| mozilla | firefox_mobile | 6.0.1 |
| mozilla | firefox_mobile | * |
| freetype | freetype | 2.4.6 |
| mozilla | firefox_mobile | 6.0 |
| mozilla | firefox_mobile | 10.0.1 |
| freetype | freetype | 2.0.1 |
| mozilla | firefox_mobile | 6.0.2 |
| freetype | freetype | 2.3.0 |
| freetype | freetype | * |
| freetype | freetype | 2.2.0 |
| freetype | freetype | 2.3.6 |
| freetype | freetype | 2.2.1 |
| mozilla | firefox_mobile | 5.0 |
| mozilla | firefox_mobile | 8.0 |
| freetype | freetype | 2.3.4 |
| freetype | freetype | 2.3.10 |
| freetype | freetype | 2.1.3 |
| freetype | freetype | 2.4.1 |
| freetype | freetype | 2.4.2 |
| freetype | freetype | 2.3.12 |
| mozilla | firefox_mobile | 9.0 |
| freetype | freetype | 2.4.3 |
| freetype | freetype | 2.0.6 |
| freetype | freetype | 2.1.10 |
| freetype | freetype | 2.0.8 |
| freetype | freetype | 2.1.4 |
| freetype | freetype | 2.0.3 |
| freetype | freetype | 2.4.5 |
| mozilla | firefox_mobile | 7.0 |
| freetype | freetype | 2.3.1 |
| freetype | freetype | 2.1.5 |
| freetype | freetype | 2.1 |
| freetype | freetype | 2.3.7 |
| freetype | freetype | 2.0.5 |
| mozilla | firefox_mobile | 10.0 |
| freetype | freetype | 2.3.2 |
| mozilla | firefox_mobile | 1.0 |
| freetype | freetype | 2.0.0 |
| mozilla | firefox_mobile | 10.0.2 |
| freetype | freetype | 2.0.2 |
| freetype | freetype | 2.3.11 |
| freetype | freetype | 2.3.9 |
| freetype | freetype | 2.0.4 |
| freetype | freetype | 2.4.4 |
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via a crafted TrueType font.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| freetype | freetype | 2.1.6 |
| freetype | freetype | 2.4.7 |
| freetype | freetype | 2.3.8 |
| freetype | freetype | 1.3.1 |
| freetype | freetype | 2.1.9 |
| freetype | freetype | 2.0.7 |
| freetype | freetype | 2.0.9 |
| freetype | freetype | 2.3.3 |
| freetype | freetype | 2.4.0 |
| freetype | freetype | 2.3.5 |
| mozilla | firefox_mobile | 4.0 |
| freetype | freetype | 2.1.7 |
| freetype | freetype | 2.1.8 |
| mozilla | firefox_mobile | 6.0.1 |
| mozilla | firefox_mobile | * |
| freetype | freetype | 2.4.6 |
| mozilla | firefox_mobile | 6.0 |
| mozilla | firefox_mobile | 10.0.1 |
| freetype | freetype | 2.0.1 |
| mozilla | firefox_mobile | 6.0.2 |
| freetype | freetype | 2.3.0 |
| freetype | freetype | * |
| freetype | freetype | 2.2.0 |
| freetype | freetype | 2.3.6 |
| freetype | freetype | 2.2.1 |
| mozilla | firefox_mobile | 5.0 |
| mozilla | firefox_mobile | 8.0 |
| freetype | freetype | 2.3.4 |
| freetype | freetype | 2.3.10 |
| freetype | freetype | 2.1.3 |
| freetype | freetype | 2.4.1 |
| freetype | freetype | 2.4.2 |
| freetype | freetype | 2.3.12 |
| mozilla | firefox_mobile | 9.0 |
| freetype | freetype | 2.4.3 |
| freetype | freetype | 2.0.6 |
| freetype | freetype | 2.1.10 |
| freetype | freetype | 2.0.8 |
| freetype | freetype | 2.1.4 |
| freetype | freetype | 2.0.3 |
| freetype | freetype | 2.4.5 |
| mozilla | firefox_mobile | 7.0 |
| freetype | freetype | 2.3.1 |
| freetype | freetype | 2.1.5 |
| freetype | freetype | 2.1 |
| freetype | freetype | 2.3.7 |
| freetype | freetype | 2.0.5 |
| mozilla | firefox_mobile | 10.0 |
| freetype | freetype | 2.3.2 |
| mozilla | firefox_mobile | 1.0 |
| freetype | freetype | 2.0.0 |
| mozilla | firefox_mobile | 10.0.2 |
| freetype | freetype | 2.0.2 |
| freetype | freetype | 2.3.11 |
| freetype | freetype | 2.3.9 |
| freetype | freetype | 2.0.4 |
| freetype | freetype | 2.4.4 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 10.0.2 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 7.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | seamonkey | 2.7 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | thunderbird | 12.0 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) methodjit/ImmutableSync.cpp, (2) the JSObject::makeDenseArraySlow function in js/src/jsarray.cpp, and unknown other components.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| redhat | storage | 2.0 |
| redhat | enterprise_linux_eus | 6.2 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_server_aus | 6.2 |
| redhat | enterprise_linux_workstation | 5.0 |
| opensuse | opensuse | 11.4 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
| redhat | enterprise_linux_server | 6.0 |
jsinfer.cpp in Mozilla Firefox ESR 10.x before 10.0.5 and Thunderbird ESR 10.x before 10.0.5 does not properly determine data types, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via crafted JavaScript code.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 10.0.4 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | firefox | 10.0.3 |
| mozilla | thunderbird_esr | 10.0.4 |
Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by changing the size of a container of absolutely positioned elements in a column.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 10.0.2 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 7.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | seamonkey | 2.7 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | thunderbird | 12.0 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
Heap-based buffer overflow in the nsHTMLReflowState::CalculateHypotheticalBox function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code by resizing a window displaying absolutely positioned and relatively positioned elements in nested columns.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 10.0.2 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 7.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | seamonkey | 2.7 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | thunderbird | 12.0 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
The Mozilla Updater and Windows Updater Service in Mozilla Firefox 12.0, Thunderbird 12.0, and SeaMonkey 2.9 on Windows allow local users to gain privileges by loading a DLL file in a privileged context.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 12.0 |
| mozilla | thunderbird | 12.0 |
| mozilla | seamonkey | 2.9 |
Untrusted search path vulnerability in Updater.exe in the Windows Updater Service in Mozilla Firefox 12.0, Thunderbird 12.0, and SeaMonkey 2.9 on Windows allows local users to gain privileges via a Trojan horse wsock32.dll file in an application directory.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 12.0 |
| mozilla | thunderbird | 12.0 |
| mozilla | seamonkey | 2.9 |
The Content Security Policy (CSP) implementation in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 does not block inline event handlers, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted HTML document.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 10.0.2 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 7.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | seamonkey | 2.7 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | thunderbird | 12.0 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow local users to obtain sensitive information via an HTML document that loads a shortcut (aka .lnk) file for display within an IFRAME element, as demonstrated by a network share implemented by (1) Microsoft Windows or (2) Samba.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 10.0.2 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 7.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | seamonkey | 2.7 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | thunderbird | 12.0 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
Use-after-free vulnerability in the nsINode::ReplaceOrInsertBefore function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 might allow remote attackers to execute arbitrary code via document changes involving replacement or insertion of a node.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 10.0.2 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 7.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | seamonkey | 2.7 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | thunderbird | 12.0 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code via vectors that trigger a character-set conversion failure.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 10.0.2 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 7.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | seamonkey | 2.7 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | thunderbird | 12.0 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 10.0.2 |
| mozilla | thunderbird | 12.0 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 13.0 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | thunderbird_esr | 10.0.5 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird | 13.0 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 7.0.1 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 10.0.5 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 1.1.9 |
The drag-and-drop implementation in Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 allows remote attackers to spoof the address bar by canceling a page load.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 10.0.5 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 10.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 10.0.4 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 6.0.2 |
Use-after-free vulnerability in the nsSMILTimeValueSpec::IsEventBased function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code by interacting with objects used for SMIL Timing.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 10.0.2 |
| mozilla | thunderbird | 12.0 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 13.0 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | thunderbird_esr | 10.0.5 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird | 13.0 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 7.0.1 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 10.0.5 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 1.1.9 |
The nsTableFrame::InsertFrames function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly perform a cast of a frame variable during processing of mixed row-group and column-group frames, which might allow remote attackers to execute arbitrary code via a crafted web site.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 10.0.2 |
| mozilla | thunderbird | 12.0 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 13.0 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | thunderbird_esr | 10.0.5 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird | 13.0 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 7.0.1 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 10.0.5 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 1.1.9 |
The ElementAnimations::EnsureStyleRuleFor function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (buffer over-read, incorrect pointer dereference, and heap-based buffer overflow) or possibly execute arbitrary code via a crafted web site.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 10.0.2 |
| mozilla | thunderbird | 12.0 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 13.0 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | thunderbird_esr | 10.0.5 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird | 13.0 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 7.0.1 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 10.0.5 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 1.1.9 |
Use-after-free vulnerability in the nsDocument::AdoptNode function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors involving multiple adoptions and empty documents.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 10.0.2 |
| mozilla | thunderbird | 12.0 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 13.0 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | thunderbird_esr | 10.0.5 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird | 13.0 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 7.0.1 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 10.0.5 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 1.1.9 |
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to spoof the address bar via vectors involving history.forward and history.back calls.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 10.0.2 |
| mozilla | thunderbird | 12.0 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 13.0 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | thunderbird_esr | 10.0.5 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird | 13.0 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 7.0.1 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 10.0.5 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 1.1.9 |
An unspecified parser-utility class in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly handle EMBED elements within description elements in RSS feeds, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a feed.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 10.0.2 |
| mozilla | thunderbird | 12.0 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 13.0 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | thunderbird_esr | 10.0.5 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird | 13.0 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 7.0.1 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 10.0.5 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 1.1.9 |
Use-after-free vulnerability in the nsGlobalWindow::PageHidden function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 might allow remote attackers to execute arbitrary code via vectors related to focused content.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 10.0.2 |
| mozilla | thunderbird | 12.0 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 13.0 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | thunderbird_esr | 10.0.5 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird | 13.0 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 7.0.1 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 10.0.5 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 1.1.9 |
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not consider the presence of same-compartment security wrappers (SCSW) during the cross-compartment wrapping of objects, which allows remote attackers to bypass intended XBL access restrictions via crafted content.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 10.0.2 |
| mozilla | thunderbird | 12.0 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 13.0 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | thunderbird_esr | 10.0.5 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird | 13.0 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 7.0.1 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 10.0.5 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 1.1.9 |
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly handle duplicate values in X-Frame-Options headers, which makes it easier for remote attackers to conduct clickjacking attacks via a FRAME element referencing a web site that produces these duplicate values.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 10.0.2 |
| mozilla | thunderbird | 12.0 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 13.0 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | thunderbird_esr | 10.0.5 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird | 13.0 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 7.0.1 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 10.0.5 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 1.1.9 |
Use-after-free vulnerability in the JSDependentString::undepend function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving strings with multiple dependencies.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 10.0.2 |
| mozilla | thunderbird | 12.0 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 13.0 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | thunderbird_esr | 10.0.5 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird | 13.0 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 7.0.1 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 10.0.5 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 1.1.9 |
The Content Security Policy (CSP) functionality in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly restrict the strings placed into the blocked-uri parameter of a violation report, which allows remote web servers to capture OpenID credentials and OAuth 2.0 access tokens by triggering a violation.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 10.0.2 |
| mozilla | thunderbird | 12.0 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 13.0 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | thunderbird_esr | 10.0.5 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird | 13.0 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 7.0.1 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 10.0.5 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 1.1.9 |
The certificate-warning functionality in browser/components/certerror/content/aboutCertError.xhtml in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.10 does not properly handle attempted clickjacking of the about:certerror page, which allows man-in-the-middle attackers to trick users into adding an unintended exception via an IFRAME element.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 10.0.2 |
| mozilla | thunderbird | 12.0 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 13.0 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | thunderbird_esr | 10.0.5 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird | 13.0 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 7.0.1 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 10.0.5 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 1.1.9 |
Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not properly establish the security context of a feed: URL, which allows remote attackers to bypass unspecified cross-site scripting (XSS) protection mechanisms via a feed:javascript: URL.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 10.0.5 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 10.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 10.0.4 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 6.0.2 |
Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not have the same context-menu restrictions for data: URLs as for javascript: URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 10.0.5 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 10.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 10.0.4 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 6.0.2 |
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly implement the JavaScript sandbox utility, which allows remote attackers to execute arbitrary JavaScript code with improper privileges via a javascript: URL.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 10.0.2 |
| mozilla | thunderbird | 12.0 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 13.0 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | thunderbird_esr | 10.0.5 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird | 13.0 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 7.0.1 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | firefox | 10.0.5 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 1.1.9 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 6.0 |
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| redhat | enterprise_linux_server_eus | 6.3 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
Use-after-free vulnerability in the nsHTMLEditor::CollapseAdjacentTextNodes function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 6.0 |
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| redhat | enterprise_linux_server_eus | 6.3 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
Use-after-free vulnerability in the nsObjectLoadingContent::LoadObject function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 6.0 |
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| redhat | enterprise_linux_server_eus | 6.3 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
Use-after-free vulnerability in the gfxTextRun::CanBreakLineBefore function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 6.0 |
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| redhat | enterprise_linux_server_eus | 6.3 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
Use-after-free vulnerability in the PresShell::CompleteMove function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 6.0 |
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| redhat | enterprise_linux_server_eus | 6.3 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
Use-after-free vulnerability in the nsHTMLSelectElement::SubmitNamesValues function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| redhat | enterprise_linux_server_eus | 6.3 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
| redhat | enterprise_linux_server | 6.0 |
The glBufferData function in the WebGL implementation in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 does not properly mitigate an unspecified flaw in an NVIDIA driver, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a related issue to CVE-2011-3101.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 10.0.2 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird | 7.0 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 7.0.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | firefox | 5.0 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 4.0 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | firefox | 10.0.3 |
| mozilla | seamonkey | 2.7 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 9.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | thunderbird | 12.0 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 9.0 |
| mozilla | thunderbird | 9.0 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 4.0.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | thunderbird | 8.0 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | seamonkey | 2.4.1 |
Use-after-free vulnerability in the MediaStreamGraphThreadRunnable::Run function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| redhat | enterprise_linux_server_eus | 6.3 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
| redhat | enterprise_linux_server | 6.0 |
Heap-based buffer overflow in the nsBlockFrame::MarkLineDirty function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| redhat | enterprise_linux_server_eus | 6.3 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
| redhat | enterprise_linux_server | 6.0 |
Use-after-free vulnerability in the nsHTMLEditRules::DeleteNonTableElements function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | thunderbird | 2.0.0.15 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | thunderbird_esr | 10.0.6 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.4.1 |
| mozilla | thunderbird | 3.1.14 |
| mozilla | thunderbird | 2.0.0.13 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 3.1.13 |
| mozilla | firefox | 3.6.24 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 10.0.3 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | 12.0 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 9.0 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | thunderbird | 3.1.15 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 3.6.25 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 2.4.1 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | firefox | 3.6.22 |
| mozilla | seamonkey | 2.6 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | firefox | 5.0.1 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | seamonkey | 2.2 |
| mozilla | firefox | 3.6.13 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird | 13.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 7.0 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | seamonkey | 2.4 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | thunderbird | 3.1.17 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | thunderbird | 3.1.12 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird_esr | 10.0.5 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | thunderbird | 3.1.16 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 2.0.0.20 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | firefox | 10.0.5 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
Use-after-free vulnerability in the nsRangeUpdater::SelAdjDeleteNode function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 6.0 |
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| redhat | enterprise_linux_server_eus | 6.3 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
Use-after-free vulnerability in the mozSpellChecker::SetCurrentDictionary function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| redhat | enterprise_linux_server_eus | 6.3 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
| redhat | enterprise_linux_server | 6.0 |
Use-after-free vulnerability in the RangeData implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| redhat | enterprise_linux_server_eus | 6.3 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
| redhat | enterprise_linux_server | 6.0 |
Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly iterate through the characters in a text run, which allows remote attackers to execute arbitrary code via a crafted document.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | thunderbird | 2.0.0.15 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | thunderbird_esr | 10.0.6 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.4.1 |
| mozilla | thunderbird | 3.1.14 |
| mozilla | thunderbird | 2.0.0.13 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 3.1.13 |
| mozilla | firefox | 3.6.24 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 10.0.3 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | 12.0 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 9.0 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | thunderbird | 3.1.15 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 3.6.25 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 2.4.1 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | firefox | 3.6.22 |
| mozilla | seamonkey | 2.6 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | firefox | 5.0.1 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | seamonkey | 2.2 |
| mozilla | firefox | 3.6.13 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird | 13.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 7.0 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | seamonkey | 2.4 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | thunderbird | 3.1.17 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | thunderbird | 3.1.12 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird_esr | 10.0.5 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | thunderbird | 3.1.16 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 2.0.0.20 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | firefox | 10.0.5 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
Use-after-free vulnerability in the js::gc::MapAllocToTraceKind function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| redhat | enterprise_linux_server_eus | 6.3 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
| redhat | enterprise_linux_server | 6.0 |
Use-after-free vulnerability in the gfxTextRun::GetUserData function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | thunderbird | 2.0.0.15 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | thunderbird_esr | 10.0.6 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.4.1 |
| mozilla | thunderbird | 3.1.14 |
| mozilla | thunderbird | 2.0.0.13 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 3.1.13 |
| mozilla | firefox | 3.6.24 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 10.0.3 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | 12.0 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 9.0 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | thunderbird | 3.1.15 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 3.6.25 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 2.4.1 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | firefox | 3.6.22 |
| mozilla | seamonkey | 2.6 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | firefox | 5.0.1 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | seamonkey | 2.2 |
| mozilla | firefox | 3.6.13 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird | 13.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 7.0 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | seamonkey | 2.4 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | thunderbird | 3.1.17 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | thunderbird | 3.1.12 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird_esr | 10.0.5 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | thunderbird | 3.1.16 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 2.0.0.20 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | firefox | 10.0.5 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a negative height value in a BMP image within a .ICO file, related to (1) improper handling of the transparency bitmask by the nsICODecoder component and (2) improper processing of the alpha channel by the nsBMPDecoder component.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | thunderbird | 2.0.0.15 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | thunderbird_esr | 10.0.6 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.4.1 |
| mozilla | thunderbird | 3.1.14 |
| mozilla | thunderbird | 2.0.0.13 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 3.1.13 |
| mozilla | firefox | 3.6.24 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 10.0.3 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | 12.0 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 9.0 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | thunderbird | 3.1.15 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 3.6.25 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 2.4.1 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | firefox | 3.6.22 |
| mozilla | seamonkey | 2.6 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | firefox | 5.0.1 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | seamonkey | 2.2 |
| mozilla | firefox | 3.6.13 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird | 13.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 7.0 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | seamonkey | 2.4 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | thunderbird | 3.1.17 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | thunderbird | 3.1.12 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird_esr | 10.0.5 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | thunderbird | 3.1.16 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 2.0.0.20 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | firefox | 10.0.5 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
The WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 on Linux, when a large number of sampler uniforms are used, does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a crafted web site.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| opensuse | opensuse | 12.2 |
| suse | linux_enterprise_software_development_kit | 10 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
| redhat | enterprise_linux_server | 6.0 |
Use-after-free vulnerability in the WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via vectors related to deletion of a fragment shader by its accessor.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| redhat | enterprise_linux_server_eus | 6.3 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
| redhat | enterprise_linux_server | 6.0 |
Integer overflow in the nsSVGFEMorphologyElement::Filter function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via a crafted SVG filter that triggers an incorrect sum calculation, leading to a heap-based buffer overflow.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | thunderbird | 2.0.0.15 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | thunderbird_esr | 10.0.6 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.4.1 |
| mozilla | thunderbird | 3.1.14 |
| mozilla | thunderbird | 2.0.0.13 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 3.1.13 |
| mozilla | firefox | 3.6.24 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 10.0.3 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | 12.0 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 9.0 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | thunderbird | 3.1.15 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 3.6.25 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 2.4.1 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | firefox | 3.6.22 |
| mozilla | seamonkey | 2.6 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | firefox | 5.0.1 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | seamonkey | 2.2 |
| mozilla | firefox | 3.6.13 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird | 13.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 7.0 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | seamonkey | 2.4 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | thunderbird | 3.1.17 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | thunderbird | 3.1.12 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird_esr | 10.0.5 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | thunderbird | 3.1.16 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 2.0.0.20 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | firefox | 10.0.5 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
Use-after-free vulnerability in the nsTArray_base::Length function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving movement of a requiredFeatures attribute from one SVG document to another.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | thunderbird | 2.0.0.15 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | thunderbird_esr | 10.0.6 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.4.1 |
| mozilla | thunderbird | 3.1.14 |
| mozilla | thunderbird | 2.0.0.13 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 3.1.13 |
| mozilla | firefox | 3.6.24 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 10.0.3 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | 12.0 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 9.0 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | thunderbird | 3.1.15 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 3.6.25 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 2.4.1 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | firefox | 3.6.22 |
| mozilla | seamonkey | 2.6 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | firefox | 5.0.1 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | seamonkey | 2.2 |
| mozilla | firefox | 3.6.13 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird | 13.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 7.0 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | seamonkey | 2.4 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | thunderbird | 3.1.17 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | thunderbird | 3.1.12 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird_esr | 10.0.5 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | thunderbird | 3.1.16 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 2.0.0.20 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | firefox | 10.0.5 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
The format-number functionality in the XSLT implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based buffer over-read.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 6.0 |
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| redhat | enterprise_linux_server_eus | 6.3 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
Untrusted search path vulnerability in the installer in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, and Thunderbird ESR 10.x before 10.0.7 on Windows allows local users to gain privileges via a Trojan horse executable file in a root directory.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | thunderbird | 2.0.0.15 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | thunderbird_esr | 10.0.6 |
| mozilla | thunderbird | 3.1.18 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.4.1 |
| mozilla | thunderbird | 3.1.14 |
| mozilla | thunderbird | 2.0.0.13 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 3.1.13 |
| mozilla | firefox | 3.6.24 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 10.0.3 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 8.0.1 |
| mozilla | thunderbird | 12.0 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 9.0 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | thunderbird | 3.1.15 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 3.6.25 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | firefox | 5.0.1 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 3.6.13 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird | 13.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 7.0 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | thunderbird | 3.1.17 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | thunderbird | 3.1.12 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird_esr | 10.0.5 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | thunderbird | 3.1.19 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | thunderbird | 3.1.16 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 2.0.0.20 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | firefox | 10.0.5 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly handle onLocationChange events during navigation between different https sites, which allows remote attackers to spoof the X.509 certificate information in the address bar via a crafted web page.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| redhat | enterprise_linux_server_eus | 6.3 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
| redhat | enterprise_linux_server | 6.0 |
The nsLocation::CheckURL function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 does not properly follow the security model of the location object, which allows remote attackers to bypass intended content-loading restrictions or possibly have unspecified other impact via vectors involving chrome code.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | thunderbird | 2.0.0.15 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | thunderbird_esr | 10.0.6 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.4.1 |
| mozilla | thunderbird | 3.1.14 |
| mozilla | thunderbird | 2.0.0.13 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 3.1.13 |
| mozilla | firefox | 3.6.24 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 10.0.3 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | 12.0 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 9.0 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | thunderbird | 3.1.15 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 3.6.25 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 2.4.1 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | firefox | 3.6.22 |
| mozilla | seamonkey | 2.6 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | firefox | 5.0.1 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | seamonkey | 2.2 |
| mozilla | firefox | 3.6.13 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird | 13.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 7.0 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | seamonkey | 2.4 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | thunderbird | 3.1.17 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | thunderbird | 3.1.12 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird_esr | 10.0.5 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | thunderbird | 3.1.16 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 2.0.0.20 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | firefox | 10.0.5 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox before 15.0 on Android does not properly implement unspecified callers of the __android_log_print function, which allows remote attackers to execute arbitrary code via a crafted web page that calls the JavaScript dump function.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox_mobile | 6.0.2 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 3.6.24 |
| mozilla | firefox_mobile | 10.0.2 |
| mozilla | firefox | 10.0.3 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox_mobile | 10.0.4 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox_mobile | 6.0.1 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox_mobile | 10.0.1 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 2.0.0.20 |
| android | * | |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 3.6.25 |
| mozilla | firefox_mobile | 10.0 |
| mozilla | firefox_mobile | 10.0.3 |
| mozilla | firefox | 10.0.5 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
The web console in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, and Thunderbird ESR 10.x before 10.0.7 allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that injects this code and triggers an eval operation.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | thunderbird | 2.0.0.15 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | thunderbird_esr | 10.0.6 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.4.1 |
| mozilla | thunderbird | 3.1.14 |
| mozilla | thunderbird | 2.0.0.13 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 3.1.13 |
| mozilla | firefox | 3.6.24 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 10.0.3 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 8.0.1 |
| mozilla | thunderbird | 12.0 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 9.0 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | thunderbird | 3.1.15 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 3.6.25 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | firefox | 5.0.1 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | firefox | 3.6.13 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird | 13.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 7.0 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | thunderbird | 3.1.17 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | thunderbird | 3.1.12 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird_esr | 10.0.5 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | thunderbird | 3.1.16 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 2.0.0.20 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | firefox | 10.0.5 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 6.0 |
| canonical | ubuntu_linux | 10.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| suse | linux_enterprise_sdk | 10 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
| redhat | enterprise_linux_server | 6.0 |
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict calls to DOMWindowUtils (aka nsDOMWindowUtils) methods, which allows remote attackers to bypass intended access restrictions via crafted JavaScript code.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 6.0 |
| canonical | ubuntu_linux | 10.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| suse | linux_enterprise_sdk | 10 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
| redhat | enterprise_linux_server | 6.0 |
Use-after-free vulnerability in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 might allow user-assisted remote attackers to execute arbitrary code via vectors involving use of mozRequestFullScreen to enter full-screen mode, and use of the history.back method for backwards history navigation.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| suse | linux_enterprise_sdk | 10 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
| redhat | enterprise_linux_server | 6.0 |
Use-after-free vulnerability in the IME State Manager implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors, related to the nsIContent::GetNameSpaceID function.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 6.0 |
| canonical | ubuntu_linux | 10.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| suse | linux_enterprise_sdk | 10 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
| redhat | enterprise_linux_server | 6.0 |
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict JSAPI access to the GetProperty function, which allows remote attackers to bypass the Same Origin Policy and possibly have unspecified other impact via a crafted web site.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| suse | linux_enterprise_sdk | 10 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
| redhat | enterprise_linux_server | 6.0 |
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage history data, which allows remote attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive POST content via vectors involving a location.hash write operation and history navigation that triggers the loading of a URL into the history object.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| suse | linux_enterprise_sdk | 10 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
| redhat | enterprise_linux_server | 6.0 |
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not properly interact with failures of InstallTrigger methods, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site, related to an "XrayWrapper pollution" issue.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 10.0 |
| mozilla | thunderbird | 1.0 |
| mozilla | thunderbird | 5.0 |
| mozilla | firefox | 3.6.10 |
| mozilla | thunderbird | 2.0.0.15 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | thunderbird_esr | 10.0.6 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | thunderbird | 3.1.2 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.4.1 |
| mozilla | thunderbird | 12.0.1 |
| mozilla | thunderbird | 3.1.14 |
| mozilla | thunderbird_esr | 10.0.7 |
| mozilla | thunderbird | 2.0.0.13 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | thunderbird | 2.0.0.23 |
| mozilla | thunderbird | 1.5.0.1 |
| mozilla | seamonkey | 2.9.1 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | thunderbird_esr | 10.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | thunderbird | 7.0.1 |
| mozilla | thunderbird | 2.0 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 3.0.10 |
| mozilla | thunderbird | 1.0.6 |
| mozilla | thunderbird | 3.1.13 |
| mozilla | firefox | 3.6.24 |
| mozilla | thunderbird | 2.0.0.1 |
| mozilla | thunderbird | 10.0.3 |
| mozilla | thunderbird | 1.7.1 |
| mozilla | firefox | 10.0.3 |
| mozilla | thunderbird | 2.0.0.0 |
| mozilla | thunderbird | 2.0.0.6 |
| mozilla | firefox | 1.5.5 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 2.0.0.2 |
| mozilla | thunderbird_esr | 10.0.3 |
| mozilla | thunderbird | 2.0.0.14 |
| mozilla | thunderbird | 2.0.0.19 |
| mozilla | thunderbird | 3.1.9 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | thunderbird | 13.0.1 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | thunderbird | 3.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | thunderbird | 1.0.5 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | thunderbird | 12.0 |
| mozilla | thunderbird | 2.0.0.12 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | thunderbird | 1.7.3 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | thunderbird | 9.0 |
| mozilla | thunderbird | 3.1.3 |
| mozilla | thunderbird | 6.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | thunderbird | 6.0 |
| mozilla | thunderbird | 3.0.8 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | thunderbird | 3.1.15 |
| mozilla | firefox | 3.5.10 |
| mozilla | thunderbird | 1.0.3 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | thunderbird | 2.0.0.11 |
| mozilla | thunderbird | 2.0.0.7 |
| mozilla | thunderbird | 14.0 |
| mozilla | thunderbird | 9.0.1 |
| mozilla | thunderbird | 1.5.2 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | thunderbird | 10.0.4 |
| mozilla | thunderbird | 1.5.0.3 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 3.6.25 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | firefox | 10.0.7 |
| mozilla | thunderbird | 1.5.0.13 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | thunderbird | 1.0.8 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | thunderbird | 3.1.5 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | thunderbird | 3.1.7 |
| mozilla | thunderbird_esr | 10.0.1 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 2.4.1 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 1.5.0.14 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | thunderbird | 3.1.10 |
| mozilla | thunderbird | 2.0.0.8 |
| mozilla | thunderbird | 1.5 |
| mozilla | thunderbird | 1.5.0.2 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | thunderbird | 2.0.0.5 |
| mozilla | thunderbird | 2.0.0.4 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | firefox | 14.0 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | firefox | 3.6.22 |
| mozilla | seamonkey | 2.6 |
| mozilla | thunderbird | 3.0.6 |
| mozilla | thunderbird | 3.1.4 |
| mozilla | seamonkey | 2.11 |
| mozilla | firefox | 5.0.1 |
| mozilla | thunderbird | 3.0.11 |
| mozilla | firefox | 3.6.17 |
| mozilla | thunderbird | 3.1.6 |
| mozilla | seamonkey | 2.2 |
| mozilla | firefox | 3.6.13 |
| mozilla | thunderbird | 10.0 |
| mozilla | thunderbird | 13.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | thunderbird | 1.0.1 |
| mozilla | firefox | 1.5.4 |
| mozilla | thunderbird | 7.0 |
| mozilla | thunderbird | 2.0.0.22 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | thunderbird | 15.0 |
| mozilla | firefox | 3.5.11 |
| mozilla | thunderbird | 3.0.2 |
| mozilla | thunderbird | 3.0.7 |
| mozilla | seamonkey | 2.4 |
| mozilla | firefox | 1.0.7 |
| mozilla | thunderbird | 3.0.3 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | thunderbird | 1.0.7 |
| mozilla | thunderbird | 1.5.0.11 |
| mozilla | thunderbird_esr | 10.0.2 |
| mozilla | thunderbird | 11.0.1 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | thunderbird | 1.5.0.5 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | thunderbird | 2.0.0.18 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | thunderbird | 3.0 |
| mozilla | thunderbird | 3.0.5 |
| mozilla | thunderbird | 6.0.1 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 1.5.0.8 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 3.6.11 |
| mozilla | thunderbird | 1.5.0.9 |
| mozilla | firefox | 3.6.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | thunderbird | 1.5.0.10 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | thunderbird | 3.1.17 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | thunderbird | 3.0.1 |
| mozilla | thunderbird | 3.1.12 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | thunderbird | 3.0.10 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 13.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | thunderbird | 3.1.1 |
| mozilla | firefox | 1.0.1 |
| mozilla | thunderbird_esr | 10.0.5 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | thunderbird | 2.0.0.16 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | thunderbird | 1.5.1 |
| mozilla | thunderbird | 3.1.11 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | thunderbird | 3.0.4 |
| mozilla | thunderbird | 1.5.0.7 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | thunderbird | 8.0 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | thunderbird | 11.0 |
| mozilla | thunderbird | 3.0.9 |
| mozilla | thunderbird | 3.1.16 |
| mozilla | thunderbird | 1.5.0.4 |
| mozilla | thunderbird | 2.0.0.20 |
| mozilla | thunderbird | 1.5.0.6 |
| mozilla | thunderbird | 3.1.8 |
| mozilla | thunderbird | 2.0.0.9 |
| mozilla | thunderbird | 1.5.0.12 |
| mozilla | firefox | 15.0 |
| mozilla | thunderbird | 2.0.0.3 |
| mozilla | firefox | 10.0.5 |
| mozilla | thunderbird | 10.0.2 |
| mozilla | thunderbird | 1.0.2 |
| mozilla | thunderbird | 10.0.1 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 14.0.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | thunderbird | 1.0.4 |
| mozilla | thunderbird | 2.0.0.17 |
| mozilla | firefox | 1.5.7 |
| mozilla | thunderbird | 2.0.0.21 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to conduct cross-site scripting (XSS) attacks via a binary plugin that uses Object.defineProperty to shadow the top object, and leverages the relationship between top.location and the location property.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| suse | linux_enterprise_sdk | 10 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
| redhat | enterprise_linux_server | 6.0 |
The IsCSSWordSpacingSpace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| suse | linux_enterprise_sdk | 10 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
| redhat | enterprise_linux_server | 6.0 |
Use-after-free vulnerability in the nsHTMLCSSUtils::CreateCSSPropertyTxn function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 6.0 |
| canonical | ubuntu_linux | 10.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| suse | linux_enterprise_sdk | 10 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
| redhat | enterprise_linux_server | 6.0 |
Heap-based buffer overflow in the nsHTMLEditor::IsPrevCharInNodeWhitespace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 6.0 |
| canonical | ubuntu_linux | 10.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| suse | linux_enterprise_sdk | 10 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
| redhat | enterprise_linux_server | 6.0 |
Use-after-free vulnerability in the nsSMILAnimationController::DoSample function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server | 6.0 |
Use-after-free vulnerability in the nsTextEditRules::WillInsert function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 6.0 |
| canonical | ubuntu_linux | 10.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| suse | linux_enterprise_sdk | 10 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
| redhat | enterprise_linux_server | 6.0 |
Use-after-free vulnerability in the DOMSVGTests::GetRequiredFeatures function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| opensuse | opensuse | 13.1 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_sdk | 11 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| redhat | enterprise_linux_server | 6.0 |
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not prevent access to properties of a prototype for a standard class, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| suse | linux_enterprise_sdk | 10 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
| redhat | enterprise_linux_server | 6.0 |
Buffer overflow in the nsCharTraits::length function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| suse | linux_enterprise_sdk | 10 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
| redhat | enterprise_linux_server | 6.0 |
Heap-based buffer overflow in the nsWaveReader::DecodeAudioData function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 6.0 |
| canonical | ubuntu_linux | 10.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| suse | linux_enterprise_sdk | 10 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
| redhat | enterprise_linux_server | 6.0 |
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage a certain insPos variable, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and assertion failure) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| suse | linux_enterprise_sdk | 10 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
| redhat | enterprise_linux_server | 6.0 |
Heap-based buffer overflow in the Convolve3x3 function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 6.0 |
| canonical | ubuntu_linux | 10.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| suse | linux_enterprise_sdk | 10 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
| redhat | enterprise_linux_server | 6.0 |
Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1, Thunderbird ESR 10.x before 10.0.9, and SeaMonkey before 2.13.1 omit a security check in the defaultValue function during the unwrapping of security wrappers, which allows remote attackers to bypass the Same Origin Policy and read the properties of a Location object, or execute arbitrary JavaScript code, via a crafted web site.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-346,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 10 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| suse | linux_enterprise_server | 10 |
| redhat | enterprise_linux_server | 6.0 |
Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 do not prevent use of the valueOf method to shadow the location object (aka window.location), which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a plugin.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine the calling document and principal in its return value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site, and makes it easier for remote attackers to execute arbitrary JavaScript code by leveraging certain add-on behavior.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read the Location object via a prototype property-injection attack that defeats certain protection mechanisms for this object.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-74,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 11.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
The evalInSandbox implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 uses an incorrect context during the handling of JavaScript code that sets the location.href property, which allows remote attackers to conduct cross-site scripting (XSS) attacks or read arbitrary files by leveraging a sandboxed add-on.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 6.0 |
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via a crafted GIF image.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Untrusted search path vulnerability in the installer in Mozilla Firefox before 17.0 and Firefox ESR 10.x before 10.0.11 on Windows allows local users to gain privileges via a Trojan horse DLL in the default downloads directory.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 14.0 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 10.0.9 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 16.0 |
| mozilla | firefox | 3.6.24 |
| mozilla | firefox | 10.0.3 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 15.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 13.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 10.0.10 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 10.0.8 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 3.6.25 |
| mozilla | firefox | 15.0 |
| mozilla | firefox | 10.0.7 |
| mozilla | firefox | 10.0.5 |
| mozilla | firefox | 16.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 14.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
The HZ-GB-2312 character-set implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly handle a ~ (tilde) character in proximity to a chunk delimiter, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 6.0 |
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 do not prevent use of a "top" frame name-attribute value to access the location property, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a binary plugin.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
The Style Inspector in Mozilla Firefox before 17.0 and Firefox ESR 10.x before 10.0.11 does not properly restrict the context of HTML markup and Cascading Style Sheets (CSS) token sequences, which allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted stylesheet.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 14.0 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 10.0.9 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 16.0 |
| mozilla | firefox | 3.6.24 |
| mozilla | firefox | 10.0.3 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 15.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 13.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 10.0.10 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 10.0.8 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 3.6.25 |
| mozilla | firefox | 15.0 |
| mozilla | firefox | 10.0.7 |
| mozilla | firefox | 10.0.5 |
| mozilla | firefox | 16.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 14.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
Use-after-free vulnerability in the nsEditor::FindNextLeafNode function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| suse | linux_enterprise_software_development_kit | 11 |
| opensuse | opensuse | 12.2 |
| suse | linux_enterprise_software_development_kit | 10 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | thunderbird_esr | * |
| opensuse | opensuse | 11.4 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-5840.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Use-after-free vulnerability in the nsPlaintextEditor::FireClipboardEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Use-after-free vulnerability in the gfxFont::GetFontEntry function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 6.0 |
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
The contribution feature in Zamboni does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to use of the Python urllib2 library.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.4 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N | 2.2 | 5.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-295,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | zamboni | - |
Heap-based buffer overflow in the nsWindow::OnExposeEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 6.0 |
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 on Mac OS X allows remote attackers to execute arbitrary code via an HTML document.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| suse | suse_linux_enterprise_software_development_kit | 11.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| suse | suse_linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | suse_linux_enterprise_server | 11 |
| redhat | enterprise_linux_server_eus | 6.3 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| suse | suse_linux_enterprise_server | 10 |
| redhat | enterprise_linux_desktop | 6.0 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | suse_linux_enterprise_desktop | 11 |
| canonical | ubuntu_linux | 12.10 |
The texImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via function calls involving certain values of the level parameter.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Integer overflow in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (invalid write operation) via crafted data.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving the setting of Cascading Style Sheets (CSS) properties in conjunction with SVG text.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| suse | linux_enterprise_software_development_kit | 11 |
| opensuse | opensuse | 12.2 |
| suse | linux_enterprise_software_development_kit | 10 |
| canonical | ubuntu_linux | 12.04 |
| opensuse | opensuse | 11.4 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
The Web Developer Toolbar in Mozilla Firefox before 17.0 executes script with chrome privileges, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted string.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 14.0 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 16.0 |
| mozilla | firefox | 3.6.24 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 15.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 13.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 3.6.25 |
| mozilla | firefox | 15.0 |
| mozilla | firefox | 16.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 14.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
The copyTexImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via large image dimensions.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| suse | linux_enterprise_software_development_kit | 11 |
| opensuse | opensuse | 12.2 |
| suse | linux_enterprise_software_development_kit | 10 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | thunderbird_esr | * |
| opensuse | opensuse | 11.4 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Heap-based buffer overflow in the gfxShapedWord::CompressedGlyph::IsClusterStart function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4214.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 implement cross-origin wrappers with a filtering behavior that does not properly restrict write actions, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 6.0 |
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| suse | linux_enterprise_software_development_kit | 11 |
| opensuse | opensuse | 12.2 |
| suse | linux_enterprise_software_development_kit | 10 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | thunderbird_esr | * |
| opensuse | opensuse | 11.4 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.8.0 through 2.9.0, as used in Bugzilla 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1, allows remote attackers to inject arbitrary web script or HTML via vectors related to swfstore.swf, a similar issue to CVE-2010-4209.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| yahoo | yui | 2.8.0 |
| mozilla | bugzilla | 4.0.3 |
| yahoo | yui | 2.9.0 |
| mozilla | bugzilla | 4.3 |
| mozilla | bugzilla | 4.3.2 |
| mozilla | bugzilla | 4.0.6 |
| mozilla | bugzilla | 4.1 |
| yahoo | yui | 2.8.1 |
| mozilla | bugzilla | 4.1.3 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 4.2.1 |
| mozilla | bugzilla | 4.0.1 |
| mozilla | bugzilla | 4.0.2 |
| mozilla | bugzilla | 4.1.1 |
| mozilla | bugzilla | 4.2.3 |
| mozilla | bugzilla | 4.2 |
| mozilla | bugzilla | 4.3.3 |
| mozilla | bugzilla | 3.7.3 |
| mozilla | bugzilla | 4.2.2 |
| mozilla | bugzilla | 4.0.5 |
| mozilla | bugzilla | 4.3.1 |
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 4.0.4 |
| mozilla | bugzilla | 4.0 |
| mozilla | bugzilla | 4.1.2 |
| mozilla | bugzilla | 4.0.8 |
| mozilla | bugzilla | 4.0.7 |
| yahoo | yui | 2.8.2 |
The User.get method in Bugzilla/WebService/User.pm in Bugzilla 4.3.2 allows remote attackers to obtain sensitive information about the saved searches of arbitrary users via an XMLRPC request or a JSONRPC request, a different vulnerability than CVE-2012-4198.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 4.3.2 |
Use-after-free vulnerability in the TableBackgroundPainter::TableBackgroundData::Destroy function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an HTML document with a table containing many columns and column groups.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_eus | 5.9 |
| redhat | enterprise_linux_server_aus | 5.9 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
The AutoWrapperChanger class in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly interact with garbage collection, which allows remote attackers to execute arbitrary code via a crafted HTML document referencing JavaScript objects.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| suse | linux_enterprise_software_development_kit | 11 |
| opensuse | opensuse | 12.2 |
| suse | linux_enterprise_software_development_kit | 10 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | thunderbird_esr | * |
| opensuse | opensuse | 11.4 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 do not properly implement quickstubs that use the jsval data type for their return values, which allows remote attackers to execute arbitrary code or cause a denial of service (compartment mismatch and application crash) via crafted JavaScript code that is not properly handled during garbage collection.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_eus | 5.9 |
| redhat | enterprise_linux_server_aus | 5.9 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
The gPluginHandler.handleEvent function in the plugin handler in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly enforce the Same Origin Policy, which allows remote attackers to conduct clickjacking attacks via crafted JavaScript code that listens for a mutation event.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| suse | linux_enterprise_software_development_kit | 11 |
| opensuse | opensuse | 12.2 |
| suse | linux_enterprise_software_development_kit | 10 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | thunderbird_esr | * |
| opensuse | opensuse | 11.4 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
The XBL.__proto__.toString implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 makes it easier for remote attackers to bypass the ASLR protection mechanism by calling the toString function of an XBL object.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_eus | 5.9 |
| redhat | enterprise_linux_server_aus | 5.9 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| suse | linux_enterprise_software_development_kit | 11 |
| opensuse | opensuse | 12.2 |
| suse | linux_enterprise_software_development_kit | 10 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | thunderbird_esr | * |
| opensuse | opensuse | 11.4 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Integer overflow in the JavaScript implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted string concatenation, leading to improper memory allocation and a heap-based buffer overflow.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_eus | 5.9 |
| redhat | enterprise_linux_server_aus | 5.9 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Mozilla Firefox before 18.0 on Android and SeaMonkey before 2.15 do not restrict a touch event to a single IFRAME element, which allows remote attackers to obtain sensitive information or possibly conduct cross-site scripting (XSS) attacks via a crafted HTML document.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 0.1 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | firefox | 3.5.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | seamonkey | 2.9.1 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | seamonkey | 2.14.1 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 16.0.2 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 16.0 |
| mozilla | firefox | 3.6.24 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | firefox | 0.7 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 8.0.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | seamonkey | 2.14 |
| mozilla | firefox | 3.5.10 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | seamonkey | 1.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 3.5.5 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 3.6.25 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 3.5.8 |
| mozilla | seamonkey | 2.4.1 |
| mozilla | firefox | 3.0.8 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | firefox | 14.0 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | firefox | 3.6.22 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 2.11 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 3.6.17 |
| mozilla | seamonkey | 2.2 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 3.0.3 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | firefox | 3.5.11 |
| mozilla | seamonkey | 2.4 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 0.10.1 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 2.13 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | firefox | 3.0.2 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | firefox | 3.0 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | firefox | 15.0.1 |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 13.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | firefox | 3.5.4 |
| mozilla | seamonkey | 2.15 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | firefox | 15.0 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | firefox | 16.0.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | firefox | 0.4 |
| mozilla | seamonkey | 2.1 |
| mozilla | firefox | 14.0.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 1.5.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XBL file with multiple bindings that have SVG content.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| suse | linux_enterprise_software_development_kit | 11 |
| opensuse | opensuse | 12.2 |
| suse | linux_enterprise_software_development_kit | 10 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | thunderbird_esr | * |
| opensuse | opensuse | 11.4 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Use-after-free vulnerability in the serializeToStream implementation in the XMLSerializer component in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via crafted web content.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_eus | 5.9 |
| redhat | enterprise_linux_server_aus | 5.9 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Use-after-free vulnerability in the ListenerManager implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors involving the triggering of garbage collection after memory allocation for listener objects.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_eus | 5.9 |
| redhat | enterprise_linux_server_aus | 5.9 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Use-after-free vulnerability in the mozVibrate implementation in the Vibrate library in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via vectors related to the domDoc pointer.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| suse | linux_enterprise_software_development_kit | 11 |
| opensuse | opensuse | 12.2 |
| suse | linux_enterprise_software_development_kit | 10 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | thunderbird_esr | * |
| opensuse | opensuse | 11.4 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Use-after-free vulnerability in the obj_toSource function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted web page referencing JavaScript Proxy objects that are not properly handled during garbage collection.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| suse | linux_enterprise_software_development_kit | 11 |
| opensuse | opensuse | 12.2 |
| suse | linux_enterprise_software_development_kit | 10 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | thunderbird_esr | * |
| opensuse | opensuse | 11.4 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not prevent modifications to the prototype of an object, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by referencing Object.prototype.__proto__ in a crafted HTML document.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| suse | linux_enterprise_software_development_kit | 11 |
| opensuse | opensuse | 12.2 |
| suse | linux_enterprise_software_development_kit | 10 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | thunderbird_esr | * |
| opensuse | opensuse | 11.4 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging improper interaction between plugin objects and SVG elements.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_eus | 5.9 |
| redhat | enterprise_linux_server_aus | 5.9 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to spoof the address bar via vectors involving authentication information in the userinfo field of a URL, in conjunction with a 204 (aka No Content) HTTP status code.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_eus | 5.9 |
| redhat | enterprise_linux_server_aus | 5.9 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Buffer overflow in the CharDistributionAnalysis::HandleOneChar function in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| suse | linux_enterprise_software_development_kit | 11 |
| opensuse | opensuse | 12.2 |
| suse | linux_enterprise_software_development_kit | 10 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | thunderbird_esr | * |
| opensuse | opensuse | 11.4 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Use-after-free vulnerability in the mozilla::TrackUnionStream::EndTrack implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| suse | linux_enterprise_software_development_kit | 11 |
| opensuse | opensuse | 12.2 |
| suse | linux_enterprise_software_development_kit | 10 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | thunderbird_esr | * |
| opensuse | opensuse | 11.4 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Use-after-free vulnerability in the imgRequest::OnStopFrame function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_eus | 5.9 |
| redhat | enterprise_linux_server_aus | 5.9 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Use-after-free vulnerability in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to Mesa drivers and a resized WebGL canvas.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_eus | 5.9 |
| redhat | enterprise_linux_server_aus | 5.9 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
The nsSOCKSSocketInfo::ConnectToProxy function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not ensure thread safety for SSL sessions, which allows remote attackers to execute arbitrary code via crafted data, as demonstrated by e-mail message data.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-326,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| suse | linux_enterprise_software_development_kit | 11 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | thunderbird_esr | * |
| opensuse | opensuse | 11.4 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 do not prevent multiple wrapping of WebIDL objects, which allows remote attackers to bypass intended access restrictions via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| opensuse | opensuse | 12.2 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 12.04 |
| mozilla | seamonkey | * |
| canonical | ubuntu_linux | 11.10 |
| canonical | ubuntu_linux | 12.10 |
| opensuse | opensuse | 11.4 |
Use-after-free vulnerability in the ~nsHTMLEditRules implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_eus | 5.9 |
| redhat | enterprise_linux_server_aus | 5.9 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
The nsSVGPathElement::GetPathLengthScale function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_eus | 5.9 |
| redhat | enterprise_linux_server_aus | 5.9 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Stack-based buffer overflow in the Canvas implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via an HTML document that specifies invalid width and height values.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_eus | 5.9 |
| redhat | enterprise_linux_server_aus | 5.9 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server | 6.0 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| suse | linux_enterprise_software_development_kit | 11 |
| opensuse | opensuse | 12.2 |
| suse | linux_enterprise_software_development_kit | 10 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | thunderbird_esr | * |
| opensuse | opensuse | 11.4 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Heap-based buffer overflow in the gfxTextRun::ShrinkToLigatureBoundaries function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| suse | linux_enterprise_software_development_kit | 11 |
| opensuse | opensuse | 12.2 |
| suse | linux_enterprise_software_development_kit | 10 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | thunderbird_esr | * |
| opensuse | opensuse | 11.4 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
The RasterImage::DrawFrameTo function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) via a crafted GIF image.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_eus | 5.9 |
| redhat | enterprise_linux_aus | 5.9 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| canonical | ubuntu_linux | 12.10 |
| redhat | enterprise_linux_server | 6.0 |
The Chrome Object Wrapper (COW) and System Only Wrapper (SOW) implementations in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent modifications to a prototype, which allows remote attackers to obtain sensitive information from chrome objects or possibly execute arbitrary JavaScript code with chrome privileges via a crafted web site.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | thunderbird_esr | * |
| opensuse | opensuse | 11.4 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| canonical | ubuntu_linux | 12.10 |
Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent JavaScript workers from reading the browser-profile directory name, which has unspecified impact and remote attack vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| opensuse | opensuse | 12.2 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 12.04 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| canonical | ubuntu_linux | 12.10 |
| mozilla | thunderbird_esr | * |
| opensuse | opensuse | 11.4 |
Use-after-free vulnerability in the nsImageLoadingContent::OnStopContainer function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via crafted web script.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_eus | 5.9 |
| redhat | enterprise_linux_aus | 5.9 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| opensuse | opensuse | 11.4 |
| debian | debian_linux | 7.0 |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| canonical | ubuntu_linux | 12.10 |
| redhat | enterprise_linux_server | 6.0 |
Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow man-in-the-middle attackers to spoof the address bar by operating a proxy server that provides a 407 HTTP status code accompanied by web script, as demonstrated by a phishing attack on an HTTPS site.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-295,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_eus | 5.9 |
| redhat | enterprise_linux_aus | 5.9 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| opensuse | opensuse | 11.4 |
| debian | debian_linux | 7.0 |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| canonical | ubuntu_linux | 12.10 |
| redhat | enterprise_linux_server | 6.0 |
Use-after-free vulnerability in the nsDisplayBoxShadowOuter::Paint function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| opensuse | opensuse | 12.2 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 12.04 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| canonical | ubuntu_linux | 12.10 |
| mozilla | thunderbird_esr | * |
| opensuse | opensuse | 11.4 |
The ClusterIterator::NextCluster function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| opensuse | opensuse | 12.2 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 12.04 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| canonical | ubuntu_linux | 12.10 |
| mozilla | thunderbird_esr | * |
| opensuse | opensuse | 11.4 |
The nsCodingStateMachine::NextState function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| opensuse | opensuse | 12.2 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 12.04 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| canonical | ubuntu_linux | 12.10 |
| mozilla | thunderbird_esr | * |
| opensuse | opensuse | 11.4 |
Use-after-free vulnerability in the nsOverflowContinuationTracker::Finish function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document that uses Cascading Style Sheets (CSS) -moz-column-* properties.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_eus | 5.9 |
| redhat | enterprise_linux_aus | 5.9 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| opensuse | opensuse | 11.4 |
| debian | debian_linux | 7.0 |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| canonical | ubuntu_linux | 12.10 |
| redhat | enterprise_linux_server | 6.0 |
Use-after-free vulnerability in the nsPrintEngine::CommonPrint function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| opensuse | opensuse | 12.2 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 12.04 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| canonical | ubuntu_linux | 12.10 |
| mozilla | thunderbird_esr | * |
| opensuse | opensuse | 11.4 |
Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_eus | 5.9 |
| redhat | enterprise_linux_aus | 5.9 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| opensuse | opensuse | 11.4 |
| debian | debian_linux | 7.0 |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| canonical | ubuntu_linux | 12.10 |
| redhat | enterprise_linux_server | 6.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| redhat | enterprise_linux_desktop | 6.0 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_eus | 5.9 |
| redhat | enterprise_linux_aus | 5.9 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| opensuse | opensuse | 11.4 |
| debian | debian_linux | 7.0 |
| redhat | enterprise_linux_eus | 6.3 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| canonical | ubuntu_linux | 12.10 |
| redhat | enterprise_linux_server | 6.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| opensuse | opensuse | 12.2 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 12.04 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| canonical | ubuntu_linux | 12.10 |
| mozilla | thunderbird_esr | * |
| opensuse | opensuse | 11.4 |
Cross-site scripting (XSS) vulnerability in show_bug.cgi in Bugzilla before 3.6.13, 3.7.x and 4.0.x before 4.0.10, 4.1.x and 4.2.x before 4.2.5, and 4.3.x and 4.4.x before 4.4rc2 allows remote attackers to inject arbitrary web script or HTML via the id parameter in conjunction with an invalid value of the format parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 4.0.3 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 3.6.5 |
| mozilla | bugzilla | 4.3 |
| mozilla | bugzilla | 4.3.2 |
| mozilla | bugzilla | 4.0.6 |
| mozilla | bugzilla | 3.6.10 |
| mozilla | bugzilla | 3.6.0 |
| mozilla | bugzilla | 3.6.11 |
| mozilla | bugzilla | 3.6.6 |
| mozilla | bugzilla | 4.1 |
| mozilla | bugzilla | 4.0.9 |
| mozilla | bugzilla | 4.1.3 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 3.6.8 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 4.2.1 |
| mozilla | bugzilla | 4.0.1 |
| mozilla | bugzilla | 4.0.2 |
| mozilla | bugzilla | 4.1.1 |
| mozilla | bugzilla | 4.2.3 |
| mozilla | bugzilla | 4.2 |
| mozilla | bugzilla | 4.3.3 |
| mozilla | bugzilla | 3.7.3 |
| mozilla | bugzilla | 4.2.2 |
| mozilla | bugzilla | * |
| mozilla | bugzilla | 3.6.9 |
| mozilla | bugzilla | 4.0.5 |
| mozilla | bugzilla | 4.3.1 |
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 3.6.4 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 4.0.4 |
| mozilla | bugzilla | 4.0 |
| mozilla | bugzilla | 4.1.2 |
| mozilla | bugzilla | 4.0.8 |
| mozilla | bugzilla | 4.0.7 |
| mozilla | bugzilla | 4.2.4 |
| mozilla | bugzilla | 3.6.7 |
| mozilla | bugzilla | 4.4 |
The Bugzilla::Search::build_subselect function in Bugzilla 2.x and 3.x before 3.6.13 and 3.7.x and 4.0.x before 4.0.10 generates different error messages for invalid product queries depending on whether a product exists, which allows remote attackers to discover private product names by using debug mode for a query.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 2.23.4 |
| mozilla | bugzilla | 2.2 |
| mozilla | bugzilla | 3.6.10 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 3.6.8 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 2.18.9 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 2.21.1 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 3.6.9 |
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 4.0.8 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 4.0.3 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.18.5 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 2.9 |
| mozilla | bugzilla | 2.23.1 |
| mozilla | bugzilla | 2.23.3 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.23.2 |
| mozilla | bugzilla | 2.18.6 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.20.7 |
| mozilla | bugzilla | 3.6.4 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 3.6.7 |
| mozilla | bugzilla | 2.18.4 |
| mozilla | bugzilla | 2.20.6 |
| mozilla | bugzilla | 2.21.2 |
| mozilla | bugzilla | 2.0 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.16.11 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 4.0.6 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 3.6.0 |
| mozilla | bugzilla | 3.6.11 |
| mozilla | bugzilla | 3.6.6 |
| mozilla | bugzilla | 4.0.9 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 2.18.8 |
| mozilla | bugzilla | 2.23 |
| mozilla | bugzilla | 4.0.2 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 3.7.3 |
| mozilla | bugzilla | * |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 4.0.5 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 4.0.4 |
| mozilla | bugzilla | 2.18.6+ |
| mozilla | bugzilla | 4.0.7 |
| mozilla | bugzilla | 2.17.2 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.20.5 |
| mozilla | bugzilla | 2.22.2 |
| mozilla | bugzilla | 3.6.5 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 4.0.1 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 4.0 |
| mozilla | bugzilla | 2.18.7 |
Use-after-free vulnerability in the nsEditor::IsPreformatted function in editor/libeditor/base/nsEditor.cpp in Mozilla Firefox before 19.0.2, Firefox ESR 17.x before 17.0.4, Thunderbird before 17.0.4, Thunderbird ESR 17.x before 17.0.4, and SeaMonkey before 2.16.1 allows remote attackers to execute arbitrary code via vectors involving an execCommand call.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 17.0.3 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | seamonkey | 2.16 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.3 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 17.0.3 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | seamonkey | 2.3 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.4 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.9.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | seamonkey | 2.4.1 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0 and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsContentUtils::HoldJSObjects function and the nsAutoPtr class, and other vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | seamonkey | 2.3 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 19.0 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.9.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 19.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 2.4.1 |
Unspecified vulnerability in the browser engine in Mozilla Firefox before 20.0 on Android allows remote attackers to cause a denial of service (stack memory corruption and application crash) or possibly execute arbitrary code via unknown vectors involving a plug-in.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 14.0 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 18.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 16.0.2 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 16.0 |
| mozilla | firefox | 3.6.24 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 15.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 13.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 18.0.2 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.0.4 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 3.6.25 |
| mozilla | firefox | 15.0 |
| mozilla | firefox | 18.0 |
| mozilla | firefox | 16.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 14.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.0.13 |
The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted certificate.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_eus | 5.9 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_aus | 5.9 |
| mozilla | network_security_services | * |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| oracle | vm_server | 3.2 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| canonical | ubuntu_linux | 12.10 |
| redhat | enterprise_linux_server | 6.0 |
Mozilla Firefox before 20.0 and SeaMonkey before 2.17, when gfx.color_management.enablev4 is used, do not properly handle color profiles during PNG rendering, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a grayscale PNG image.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | seamonkey | 2.3 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 19.0 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.9.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 19.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 2.4.1 |
Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 do not ensure the correctness of the address bar during history navigation, which allows remote attackers to conduct cross-site scripting (XSS) attacks or phishing attacks by leveraging control over navigation timing.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 17.0.3 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | seamonkey | 2.3 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.4 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.9.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | seamonkey | 2.4.1 |
Mozilla Firefox before 20.0 and SeaMonkey before 2.17 do not prevent origin spoofing of tab-modal dialogs, which allows remote attackers to conduct phishing attacks via a crafted web site.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | seamonkey | 2.3 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 19.0 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.9.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 19.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 2.4.1 |
The System Only Wrapper (SOW) implementation in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 does not prevent use of the cloneNode method for cloning a protected node, which allows remote attackers to bypass the Same Origin Policy or possibly execute arbitrary JavaScript code with chrome privileges via a crafted web site.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 17.0.3 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | seamonkey | 2.3 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.4 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.9.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | seamonkey | 2.4.1 |
The WebGL subsystem in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 on Linux does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (free of unallocated memory) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| mozilla | thunderbird_esr | * |
Untrusted search path vulnerability in the Mozilla Updater in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allows local users to gain privileges via a Trojan horse DLL file in an unspecified directory.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 17.0.3 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | seamonkey | 2.3 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.4 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.9.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | seamonkey | 2.4.1 |
Mozilla Firefox before 20.0 on Android uses world-writable and world-readable permissions for the app_tmp installation directory in the local filesystem, which allows attackers to modify add-ons before installation via an application that leverages the time window during which app_tmp is used.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 19.0 |
| mozilla | firefox | * |
| mozilla | firefox | 19.0.1 |
Buffer overflow in the Mozilla Maintenance Service in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, and Thunderbird ESR 17.x before 17.0.5 on Windows allows local users to gain privileges via crafted arguments.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | firefox | 17.0.3 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 17.0 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | * |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.3 |
Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.1 |
| suse | linux_enterprise_software_development_kit | 11 |
| opensuse | opensuse | 12.2 |
| suse | linux_enterprise_software_development_kit | 10 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | thunderbird_esr | * |
| opensuse | opensuse | 11.4 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 11.10 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
| opensuse | opensuse | 12.3 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 20.0 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 17.0 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | * |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | thunderbird_esr | 17.0.5 |
The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-203,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| oracle | traffic_director | 11.1.1.6.0 |
| oracle | glassfish_server | 2.1.1 |
| canonical | ubuntu_linux | 12.04 |
| oracle | iplanet_web_server | 7.0 |
| redhat | enterprise_linux_eus | 5.9 |
| oracle | enterprise_manager_ops_center | 12.2 |
| redhat | enterprise_linux_server_aus | 5.9 |
| mozilla | network_security_services | * |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_desktop | 5.0 |
| oracle | vm_server | 3.2 |
| canonical | ubuntu_linux | 11.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| oracle | opensso | 3.0-03 |
| oracle | iplanet_web_proxy_server | 4.0 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_desktop | 6.0 |
| oracle | enterprise_manager_ops_center | 12.1 |
| oracle | iplanet_web_server | 6.1 |
| oracle | traffic_director | 11.1.1.7.0 |
| oracle | glassfish_communications_server | 2.0 |
| canonical | ubuntu_linux | 12.10 |
| oracle | enterprise_manager_ops_center | 11.1 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 21.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 19.0 |
| mozilla | firefox | * |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 19.0.1 |
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 does not prevent acquisition of chrome privileges during calls to content level constructors, which allows remote attackers to bypass certain read-only restrictions and conduct cross-site scripting (XSS) attacks via a crafted web site.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 20.0 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 17.0 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | * |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | thunderbird_esr | 17.0.5 |
Mozilla Firefox before 21.0 does not properly implement the INPUT element, which allows remote attackers to obtain the full pathname via a crafted web site.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 19.0 |
| mozilla | firefox | * |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 19.0.1 |
The Mozilla Maintenance Service in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 on Windows allows local users to bypass integrity verification and gain privileges via vectors involving junctions.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 20.0 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | thunderbird_esr | * |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 17.0 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | * |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.3 |
The Mozilla Updater in Mozilla Firefox before 21.0 on Windows does not properly maintain Mozilla Maintenance Service registry entries in certain situations involving upgrades from older Firefox versions, which allows local users to gain privileges by leveraging write access to a "trusted path."
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 19.0 |
| mozilla | firefox | * |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 19.0.1 |
Use-after-free vulnerability in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code via vectors involving an onresize event during the playing of a video.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 20.0 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 17.0 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | * |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | thunderbird_esr | 17.0.5 |
Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-665,CWE-665,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_eus | 5.9 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 13.04 |
| redhat | enterprise_linux_server_aus | 5.9 |
| redhat | enterprise_linux_for_scientific_computing | 6.0 |
| redhat | enterprise_linux_for_power_big_endian_eus | 6.4_ppc64 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_for_ibm_z_systems_eus | 5.9_s390x |
| mozilla | thunderbird | * |
| redhat | gluster_storage_server_for_on-premise | 2.1 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_for_ibm_z_systems | 5.0_s390x |
| opensuse | opensuse | 12.3 |
| redhat | enterprise_linux_for_ibm_z_systems_eus | 6.4_s390x |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_for_power_big_endian | 6.0_ppc64 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_aus | 6.4 |
| redhat | enterprise_linux_for_power_big_endian_eus | 5.9_ppc |
| redhat | enterprise_linux_server_eus_from_rhui | 6.4 |
| redhat | enterprise_linux_server_eus_from_rhui | 5.9 |
| redhat | enterprise_linux_eus | 6.4 |
| canonical | ubuntu_linux | 12.10 |
| redhat | enterprise_linux_for_power_big_endian | 5.0_ppc |
| redhat | enterprise_linux_for_ibm_z_systems | 6.0_s390x |
The SelectionIterator::GetNextSegment function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 20.0 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 17.0 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | * |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | thunderbird_esr | 17.0.5 |
The gfxSkipCharsIterator::SetOffsets function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 20.0 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 17.0 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | * |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | thunderbird_esr | 17.0.5 |
The _cairo_xlib_surface_add_glyph function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (invalid write operation) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 20.0 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 17.0 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | * |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | thunderbird_esr | 17.0.5 |
Use-after-free vulnerability in the mozilla::plugins::child::_geturlnotify function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 20.0 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 17.0 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | * |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | thunderbird_esr | 17.0.5 |
Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 20.0 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 17.0 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | * |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | thunderbird_esr | 17.0.5 |
Use-after-free vulnerability in the nsContentUtils::RemoveScriptBlocker function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 20.0 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 17.0 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | * |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | thunderbird_esr | 17.0.5 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 20.0.1 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | firefox | 19.0.2 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | thunderbird_esr | 17.0.5 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 19.0 |
| mozilla | firefox | * |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 19.0.1 |
Use-after-free vulnerability in the mozilla::dom::HTMLMediaElement::LookupMediaElementURITable function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted web site.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 20.0.1 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | firefox | 19.0.2 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | thunderbird_esr | 17.0.5 |
Use-after-free vulnerability in the nsIDocument::GetRootElement function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted web site.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 20.0.1 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | firefox | 19.0.2 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | thunderbird_esr | 17.0.5 |
Use-after-free vulnerability in the mozilla::ResetDir function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 20.0.1 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | firefox | 19.0.2 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | thunderbird_esr | 17.0.5 |
The System Only Wrapper (SOW) and Chrome Object Wrapper (COW) implementations in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly restrict XBL user-defined functions, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges, or conduct cross-site scripting (XSS) attacks, via a crafted web site.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 20.0.1 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | firefox | 19.0.2 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | thunderbird_esr | 17.0.5 |
The Profiler implementation in Mozilla Firefox before 22.0 parses untrusted data during UI rendering, which allows user-assisted remote attackers to execute arbitrary JavaScript code via a crafted web site.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 19.0 |
| mozilla | firefox | * |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 19.0.1 |
Mozilla Firefox 20.0a1 and earlier allows remote attackers to cause a denial of service (crash), related to event handling with frames.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 20.0 |
Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted web site that triggers an attempt to execute data at an unmapped memory location.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_eus | 5.9 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 13.04 |
| redhat | enterprise_linux_server_aus | 5.9 |
| redhat | gluster_storage_server_for_on-premise | 2.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | thunderbird_esr | * |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| suse | linux_enterprise_software_development_kit | 10 |
| redhat | enterprise_linux_server_aus | 6.4 |
| opensuse | opensuse | 11.4 |
| redhat | enterprise_linux_eus | 6.4 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 12.10 |
| suse | linux_enterprise_server | 10 |
Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not prevent the inclusion of body data in an XMLHttpRequest HEAD request, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a crafted web site.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 20.0.1 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | firefox | 19.0.2 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | thunderbird_esr | 17.0.5 |
The SVG filter implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to read pixel values, and possibly bypass the Same Origin Policy and read text from a different domain, by observing timing differences in execution of filter code.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 20.0.1 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | firefox | 19.0.2 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | thunderbird_esr | 17.0.5 |
The PreserveWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly handle the lack of a wrapper, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by leveraging unintended clearing of the wrapper cache's preserved-wrapper flag.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 20.0.1 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | firefox | 19.0.2 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | thunderbird_esr | 17.0.5 |
Mozilla Firefox before 22.0 does not properly implement certain DocShell inheritance behavior for the sandbox attribute of an IFRAME element, which allows remote attackers to bypass intended access restrictions via a FRAME element within an IFRAME element.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 19.0 |
| mozilla | firefox | * |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 19.0.1 |
Mozilla Firefox before 22.0 does not properly enforce the X-Frame-Options protection mechanism, which allows remote attackers to conduct clickjacking attacks via a crafted web site that uses the HTTP server push feature with multipart responses.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 19.0 |
| mozilla | firefox | * |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 19.0.1 |
The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly restrict use of DefaultValue for method calls, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers use of a user-defined (1) toString or (2) valueOf method.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 20.0.1 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | firefox | 19.0.2 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | thunderbird_esr | 17.0.5 |
The getUserMedia permission implementation in Mozilla Firefox before 22.0 references the URL of a top-level document instead of the URL of a specific page, which makes it easier for remote attackers to trick users into permitting camera or microphone access via a crafted web site that uses IFRAME elements.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 19.0 |
| mozilla | firefox | * |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 19.0.1 |
The Internationalized Domain Name (IDN) display algorithm in Mozilla Firefox before 22.0 does not properly handle the .com, .name, and .net top-level domains, which allows remote attackers to spoof the address bar via unspecified homograph characters.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 19.0 |
| mozilla | firefox | * |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 19.0.1 |
The Mozilla Maintenance Service in Mozilla Firefox before 22.0 on Windows does not properly handle inability to launch the Mozilla Updater executable file, which allows local users to gain privileges via vectors involving placement of a Trojan horse executable file at an arbitrary location.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 19.0 |
| mozilla | firefox | * |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 19.0.1 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 20.0.1 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.9.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | firefox | 21.0 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird_esr | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.5 |
| mozilla | seamonkey | 2.4.1 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 20.0.1 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 19.0 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.9.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | firefox | 21.0 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 19.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 2.4.1 |
Use-after-free vulnerability in the nsINode::GetParentNode function in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors involving a DOM modification at the time of a SetBody mutation event.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 20.0.1 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 19.0 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.9.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | firefox | 21.0 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 19.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 2.4.1 |
Heap-based buffer underflow in the cryptojs_interpret_key_gen_type function in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Certificate Request Message Format (CRMF) request.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 20.0.1 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 19.0 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.9.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | firefox | 21.0 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 19.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 2.4.1 |
Stack-based buffer overflow in maintenanceservice.exe in the Mozilla Maintenance Service in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, and Thunderbird ESR 17.x before 17.0.8 allows local users to gain privileges via a long pathname on the command line.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 20.0.1 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | firefox | 19.0.2 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | firefox | 21.0 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.7 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | thunderbird_esr | 17.0.5 |
Stack-based buffer overflow in Mozilla Updater in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, and Thunderbird ESR 17.x before 17.0.8 allows local users to gain privileges via a long pathname on the command line to the Mozilla Maintenance Service.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 20.0.1 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | firefox | 19.0.2 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | firefox | 21.0 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.7 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | thunderbird_esr | 17.0.5 |
Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (application crash) via a crafted WAV file that is not properly handled by the nsCString::CharAt function.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 20.0.1 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 19.0 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.9.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | firefox | 21.0 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 19.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 2.4.1 |
Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly handle the interaction between FRAME elements and history, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving spoofing a relative location in a previously visited document.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 20.0.1 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.9.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | firefox | 21.0 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird_esr | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.5 |
| mozilla | seamonkey | 2.4.1 |
The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allows remote attackers to execute arbitrary JavaScript code or conduct cross-site scripting (XSS) attacks via vectors related to Certificate Request Message Format (CRMF) request generation.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 20.0.1 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.9.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | firefox | 21.0 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird_esr | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.5 |
| mozilla | seamonkey | 2.4.1 |
The XrayWrapper implementation in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 does not properly address the possibility of an XBL scope bypass resulting from non-native arguments in XBL function calls, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks by leveraging access to an unprivileged object.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 20.0.1 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 19.0 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.9.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | firefox | 21.0 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | firefox | * |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 19.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 2.4.1 |
Multiple untrusted search path vulnerabilities in updater.exe in Mozilla Updater in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, and Thunderbird ESR 17.x before 17.0.8 on Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012 allow local users to gain privileges via a Trojan horse DLL in (1) the update directory or (2) the current working directory.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 20.0.1 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | firefox | 19.0.2 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | firefox | 21.0 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.7 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | thunderbird_esr | 17.0.5 |
Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 use an incorrect URI within unspecified comparisons during enforcement of the Same Origin Policy, which allows remote attackers to conduct cross-site scripting (XSS) attacks or install arbitrary add-ons via a crafted web site.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 20.0.1 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.9.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | firefox | 21.0 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird_esr | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.5 |
| mozilla | seamonkey | 2.4.1 |
The Web Workers implementation in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 does not properly restrict XMLHttpRequest calls, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 20.0.1 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.9.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | firefox | 21.0 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird_esr | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.5 |
| mozilla | seamonkey | 2.4.1 |
Multiple untrusted search path vulnerabilities in the (1) full installer and (2) stub installer in Mozilla Firefox before 23.0 on Windows allow local users to gain privileges via a Trojan horse DLL in the default downloads directory. NOTE: this issue exists because of an incomplete fix for CVE-2012-4206.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 19.0 |
| mozilla | firefox | * |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 21.0 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 19.0.1 |
Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly restrict local-filesystem access by Java applets, which allows user-assisted remote attackers to read arbitrary files by leveraging a download to a fixed pathname or other predictable pathname.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.5 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.3.3 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | seamonkey | 2.7.1 |
| mozilla | seamonkey | 2.9 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | seamonkey | 2.3 |
| mozilla | firefox | 20.0.1 |
| mozilla | seamonkey | 2.3.2 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.6 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.6.1 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.9.1 |
| mozilla | seamonkey | 2.2 |
| mozilla | firefox | 21.0 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 2.4 |
| mozilla | seamonkey | 2.7.2 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.8 |
| mozilla | seamonkey | 2.3.1 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | seamonkey | 2.7 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird_esr | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.5 |
| mozilla | seamonkey | 2.4.1 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | thunderbird | 17.0.8 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | thunderbird_esr | 17.0.8 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 21.0 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 17.0.8 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird | 17.0.7 |
| mozilla | thunderbird_esr | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.5 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | thunderbird | 17.0.8 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 19.0 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 21.0 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
The nsHtml5TreeBuilder::resetTheInsertionMode function in the HTML5 Tree Builder in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 does not properly maintain the state of the insertion-mode stack for template elements, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer over-read) by triggering use of this stack in its empty state.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | thunderbird | 17.0.8 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 19.0 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 21.0 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
Integer overflow in the drawLineLoop function in the libGLESv2 library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox before 24.0 and SeaMonkey before 2.21, allows remote attackers to execute arbitrary code via a crafted web site.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.19 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.13 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | firefox | 19.0.1 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 23.0 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | firefox | 19.0 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | firefox | 21.0 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 2.0.8 |
Use-after-free vulnerability in the nsAnimationManager::BuildAnimations function in the Animation Manager in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving stylesheet cloning.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | thunderbird | 17.0.8 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | thunderbird_esr | 17.0.8 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 21.0 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 17.0.8 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird | 17.0.7 |
| mozilla | thunderbird_esr | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.5 |
The NativeKey widget in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 processes key messages after destruction by a dispatched event listener, which allows remote attackers to cause a denial of service (application crash) by leveraging incorrect event usage after widget-memory reallocation.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | thunderbird | 17.0.8 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 19.0 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 21.0 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
Use-after-free vulnerability in the mozilla::dom::HTMLFormElement::IsDefaultSubmitElement function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving a destroyed SELECT element.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | thunderbird | 17.0.8 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 19.0 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 21.0 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not ensure that initialization occurs for JavaScript objects with compartments, which allows remote attackers to execute arbitrary code by leveraging incorrect scope handling.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | thunderbird | 17.0.8 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | thunderbird_esr | 17.0.8 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 21.0 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 17.0.8 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird | 17.0.7 |
| mozilla | thunderbird_esr | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.5 |
Mozilla Updater in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 does not ensure exclusive access to a MAR file, which allows local users to gain privileges by creating a Trojan horse file after MAR signature verification but before MAR use.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | thunderbird | 17.0.8 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | thunderbird_esr | 17.0.8 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 21.0 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 17.0.8 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird | 17.0.7 |
| mozilla | thunderbird_esr | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.5 |
Mozilla Firefox before 24.0 on Android allows attackers to bypass the Same Origin Policy, and consequently conduct cross-site scripting (XSS) attacks or obtain password or cookie information, by using a symlink in conjunction with a file: URL for a local file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 19.0 |
| mozilla | firefox | * |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 21.0 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 23.0 |
The IonMonkey JavaScript engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21, when Valgrind mode is used, does not properly initialize memory, which makes it easier for remote attackers to obtain sensitive information via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | thunderbird | 17.0.8 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 19.0 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 21.0 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
The WebGL implementation in Mozilla Firefox before 24.0, when NVIDIA graphics drivers are used on Mac OS X, allows remote attackers to obtain desktop-screenshot data by reading from a CANVAS element.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 19.0 |
| mozilla | firefox | * |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 21.0 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 23.0 |
Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly handle movement of XBL-backed nodes between documents, which allows remote attackers to execute arbitrary code or cause a denial of service (JavaScript compartment mismatch, or assertion failure and application exit) via a crafted web site.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | thunderbird | 17.0.8 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | thunderbird_esr | 17.0.8 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 21.0 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 17.0.8 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird | 17.0.7 |
| mozilla | thunderbird_esr | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.5 |
Untrusted search path vulnerability in the GL tracing functionality in Mozilla Firefox before 24.0 on Android allows attackers to execute arbitrary code via a Trojan horse .so file in a world-writable directory.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 19.0 |
| mozilla | firefox | * |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 21.0 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 23.0 |
Buffer overflow in the nsFloatManager::GetFlowArea function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code via crafted use of lists and floats within a multi-column layout.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | thunderbird | 17.0.8 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | thunderbird_esr | 17.0.8 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 21.0 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 17.0.8 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird | 17.0.7 |
| mozilla | thunderbird_esr | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.5 |
Cross-site request forgery (CSRF) vulnerability in process_bug.cgi in Bugzilla 4.4.x before 4.4.1 allows remote attackers to hijack the authentication of arbitrary users for requests that modify bugs via vectors involving a midair-collision token.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 4.4 |
Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 2.x, 3.x, and 4.0.x before 4.0.11; 4.1.x and 4.2.x before 4.2.7; and 4.3.x and 4.4.x before 4.4.1 allows remote attackers to hijack the authentication of arbitrary users for requests that commit an attachment change via an update action.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.0.0 |
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 2.23.4 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 2.2 |
| mozilla | bugzilla | 3.3 |
| mozilla | bugzilla | 4.3.2 |
| mozilla | bugzilla | 3.2.9 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 3.6.10 |
| mozilla | bugzilla | 3.1.3 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 3.0.11 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 3.6.8 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 4.2.1 |
| mozilla | bugzilla | 2.18.9 |
| mozilla | bugzilla | 4.1.1 |
| mozilla | bugzilla | 3.0.9 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 2.21.1 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 3.6.9 |
| mozilla | bugzilla | 4.3.1 |
| mozilla | bugzilla | 3.4.10 |
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 3.0.1 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 3.2.8 |
| mozilla | bugzilla | 4.1.2 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 4.0.8 |
| mozilla | bugzilla | 3.0.4 |
| mozilla | bugzilla | 3.2.1 |
| mozilla | bugzilla | 4.4 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 3.0.5 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 4.0.3 |
| mozilla | bugzilla | 3.0.10 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.18.5 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 3.0 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 3.5.3 |
| mozilla | bugzilla | 3.0.3 |
| mozilla | bugzilla | 4.3 |
| mozilla | bugzilla | 3.5 |
| mozilla | bugzilla | 3.3.3 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 4.1 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 2.9 |
| mozilla | bugzilla | 3.4.11 |
| mozilla | bugzilla | 3.4.13 |
| mozilla | bugzilla | 2.23.1 |
| mozilla | bugzilla | 2.23.3 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.23.2 |
| mozilla | bugzilla | 2.18.6 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 3.0.2 |
| mozilla | bugzilla | 3.0.8 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.20.7 |
| mozilla | bugzilla | 3.6.4 |
| mozilla | bugzilla | 3.4.12 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 3.6.7 |
| mozilla | bugzilla | 2.18.4 |
| mozilla | bugzilla | 2.20.6 |
| mozilla | bugzilla | 2.21.2 |
| mozilla | bugzilla | 4.0.10 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.0.7 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.1.0 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 2.0 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.16.11 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 4.0.6 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 3.6.0 |
| mozilla | bugzilla | 3.6.11 |
| mozilla | bugzilla | 3.6.6 |
| mozilla | bugzilla | 4.0.9 |
| mozilla | bugzilla | 4.1.3 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 3.1.4 |
| mozilla | bugzilla | 2.18.8 |
| mozilla | bugzilla | 2.23 |
| mozilla | bugzilla | 4.0.2 |
| mozilla | bugzilla | 3.3.2 |
| mozilla | bugzilla | 4.2.3 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 3.4 |
| mozilla | bugzilla | 3.7.3 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 3.5.2 |
| mozilla | bugzilla | 4.0.5 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 4.0.4 |
| mozilla | bugzilla | 2.18.6+ |
| mozilla | bugzilla | 3.1.2 |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 4.0.7 |
| mozilla | bugzilla | 2.17.2 |
| mozilla | bugzilla | 3.2.10 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 3.5.1 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 3.4.8 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.20.5 |
| mozilla | bugzilla | 2.22.2 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 3.6.5 |
| mozilla | bugzilla | 3.6.13 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 4.2.5 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 3.0.6 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 3.1.1 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 4.0.1 |
| mozilla | bugzilla | 3.6.12 |
| mozilla | bugzilla | 4.2 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 3.3.1 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 4.3.3 |
| mozilla | bugzilla | 4.2.2 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 3.3.4 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 3.4.9 |
| mozilla | bugzilla | 4.0 |
| mozilla | bugzilla | 2.18.7 |
| mozilla | bugzilla | 4.2.4 |
Use-after-free vulnerability in the mozilla::layout::ScrollbarActivity function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code via vectors related to image-document scrolling.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | thunderbird | 17.0.8 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | thunderbird_esr | 17.0.8 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 21.0 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 17.0.8 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird | 17.0.7 |
| mozilla | thunderbird_esr | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.5 |
The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to improperly establishing parent-child relationships of range-request nodes.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | thunderbird | 17.0.8 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | thunderbird_esr | 17.0.8 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 21.0 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 17.0.8 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird | 17.0.7 |
| mozilla | thunderbird_esr | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.5 |
Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly identify the "this" object during use of user-defined getter methods on DOM proxies, which might allow remote attackers to bypass intended access restrictions via vectors involving an expando object.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | thunderbird | 17.0.8 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | thunderbird_esr | 17.0.8 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 21.0 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 17.0.8 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird | 17.0.7 |
| mozilla | thunderbird_esr | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.5 |
Use-after-free vulnerability in the JS_GetGlobalForScopeChain function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code by leveraging incorrect garbage collection in situations involving default compartments and frame-chain restoration.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 2.12 |
| mozilla | thunderbird | 17.0.8 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 19.0 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 21.0 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
Mozilla Network Security Services (NSS) before 3.15.2 does not ensure that data structures are initialized before read operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a decryption failure.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | network_security_services | 3.14.3 |
| mozilla | network_security_services | 3.14.1 |
| mozilla | network_security_services | 3.12.2 |
| mozilla | network_security_services | 3.12 |
| mozilla | network_security_services | 3.12.9 |
| mozilla | network_security_services | 3.14 |
| mozilla | network_security_services | 3.12.3.2 |
| mozilla | network_security_services | 3.12.5 |
| mozilla | network_security_services | * |
| mozilla | network_security_services | 3.12.1 |
| mozilla | network_security_services | 3.12.7 |
| mozilla | network_security_services | 3.15 |
| mozilla | network_security_services | 3.12.4 |
| mozilla | network_security_services | 3.12.11 |
| mozilla | network_security_services | 3.12.8 |
| mozilla | network_security_services | 3.12.10 |
| mozilla | network_security_services | 3.14.2 |
| mozilla | network_security_services | 3.12.3 |
| mozilla | network_security_services | 3.12.3.1 |
| mozilla | network_security_services | 3.12.6 |
The ssl_Do1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services (NSS) before 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle attackers to spoof SSL servers by using an arbitrary X.509 certificate during certain handshake traffic.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | network_security_services | 3.4.2 |
| mozilla | network_security_services | 3.14.1 |
| mozilla | network_security_services | 3.7.7 |
| mozilla | network_security_services | 3.12.2 |
| mozilla | network_security_services | 3.15.1 |
| mozilla | network_security_services | 3.12 |
| mozilla | network_security_services | 3.7.1 |
| mozilla | network_security_services | 3.12.9 |
| mozilla | network_security_services | 3.2 |
| mozilla | network_security_services | 3.11.5 |
| mozilla | network_security_services | 3.5 |
| mozilla | network_security_services | 3.11.3 |
| mozilla | network_security_services | * |
| mozilla | network_security_services | 3.11.2 |
| mozilla | network_security_services | 3.12.7 |
| mozilla | network_security_services | 3.15 |
| mozilla | network_security_services | 3.7.2 |
| mozilla | network_security_services | 3.12.11 |
| mozilla | network_security_services | 3.7 |
| mozilla | network_security_services | 3.12.10 |
| mozilla | network_security_services | 3.6.1 |
| mozilla | network_security_services | 3.14.2 |
| mozilla | network_security_services | 3.4 |
| mozilla | network_security_services | 3.6 |
| mozilla | network_security_services | 3.12.3 |
| mozilla | network_security_services | 3.12.3.1 |
| mozilla | network_security_services | 3.12.6 |
| mozilla | network_security_services | 3.7.3 |
| mozilla | network_security_services | 3.14.3 |
| mozilla | network_security_services | 3.14.5 |
| mozilla | network_security_services | 3.3 |
| mozilla | network_security_services | 3.9 |
| mozilla | network_security_services | 3.4.1 |
| mozilla | network_security_services | 3.2.1 |
| mozilla | network_security_services | 3.14 |
| mozilla | network_security_services | 3.12.3.2 |
| mozilla | network_security_services | 3.3.2 |
| mozilla | network_security_services | 3.12.5 |
| mozilla | network_security_services | 3.12.1 |
| mozilla | network_security_services | 3.12.4 |
| mozilla | network_security_services | 3.11.4 |
| mozilla | network_security_services | 3.7.5 |
| mozilla | network_security_services | 3.14.4 |
| mozilla | network_security_services | 3.12.8 |
| mozilla | network_security_services | 3.8 |
| mozilla | network_security_services | 3.3.1 |
| mozilla | network_security_services | 3.15.2 |
Integer overflow in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large size value.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | network_security_services | 3.15.1 |
| mozilla | network_security_services | 3.15 |
| mozilla | network_security_services | 3.15.2 |
Multiple cross-site scripting (XSS) vulnerabilities in editflagtypes.cgi in Bugzilla 2.x, 3.x, and 4.0.x before 4.0.11; 4.1.x and 4.2.x before 4.2.7; and 4.3.x and 4.4.x before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) id or (2) sortkey parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.0.0 |
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 2.23.4 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 2.2 |
| mozilla | bugzilla | 3.3 |
| mozilla | bugzilla | 4.3.2 |
| mozilla | bugzilla | 3.2.9 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 3.6.10 |
| mozilla | bugzilla | 3.1.3 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 3.0.11 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 3.6.8 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 4.2.1 |
| mozilla | bugzilla | 2.18.9 |
| mozilla | bugzilla | 4.1.1 |
| mozilla | bugzilla | 3.0.9 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 2.21.1 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 3.6.9 |
| mozilla | bugzilla | 4.3.1 |
| mozilla | bugzilla | 3.4.10 |
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 3.0.1 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 3.2.8 |
| mozilla | bugzilla | 4.1.2 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 4.0.8 |
| mozilla | bugzilla | 3.0.4 |
| mozilla | bugzilla | 3.2.1 |
| mozilla | bugzilla | 4.4 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 3.0.5 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 4.0.3 |
| mozilla | bugzilla | 3.0.10 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.18.5 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 3.0 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 3.5.3 |
| mozilla | bugzilla | 3.0.3 |
| mozilla | bugzilla | 4.3 |
| mozilla | bugzilla | 3.5 |
| mozilla | bugzilla | 3.3.3 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 4.1 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 2.9 |
| mozilla | bugzilla | 3.4.11 |
| mozilla | bugzilla | 3.4.13 |
| mozilla | bugzilla | 2.23.1 |
| mozilla | bugzilla | 2.23.3 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.23.2 |
| mozilla | bugzilla | 2.18.6 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 3.0.2 |
| mozilla | bugzilla | 3.0.8 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.20.7 |
| mozilla | bugzilla | 3.6.4 |
| mozilla | bugzilla | 3.4.12 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 3.6.7 |
| mozilla | bugzilla | 2.18.4 |
| mozilla | bugzilla | 2.20.6 |
| mozilla | bugzilla | 2.21.2 |
| mozilla | bugzilla | 4.0.10 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.0.7 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.1.0 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 2.0 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.16.11 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 4.0.6 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 3.6.0 |
| mozilla | bugzilla | 3.6.11 |
| mozilla | bugzilla | 3.6.6 |
| mozilla | bugzilla | 4.0.9 |
| mozilla | bugzilla | 4.1.3 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 3.1.4 |
| mozilla | bugzilla | 2.18.8 |
| mozilla | bugzilla | 2.23 |
| mozilla | bugzilla | 4.0.2 |
| mozilla | bugzilla | 3.3.2 |
| mozilla | bugzilla | 4.2.3 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 3.4 |
| mozilla | bugzilla | 3.7.3 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 3.5.2 |
| mozilla | bugzilla | 4.0.5 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 4.0.4 |
| mozilla | bugzilla | 2.18.6+ |
| mozilla | bugzilla | 3.1.2 |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 4.0.7 |
| mozilla | bugzilla | 2.17.2 |
| mozilla | bugzilla | 3.2.10 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 3.5.1 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 3.4.8 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.20.5 |
| mozilla | bugzilla | 2.22.2 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 3.6.5 |
| mozilla | bugzilla | 3.6.13 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 4.2.5 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 3.0.6 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 3.1.1 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 4.0.1 |
| mozilla | bugzilla | 3.6.12 |
| mozilla | bugzilla | 4.2 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 3.3.1 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 4.3.3 |
| mozilla | bugzilla | 4.2.2 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 3.3.4 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 3.4.9 |
| mozilla | bugzilla | 4.0 |
| mozilla | bugzilla | 2.18.7 |
| mozilla | bugzilla | 4.2.4 |
Multiple cross-site scripting (XSS) vulnerabilities in report.cgi in Bugzilla 4.1.x and 4.2.x before 4.2.7 and 4.3.x and 4.4.x before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via a field value that is not properly handled during construction of a tabular report, as demonstrated by the (1) summary or (2) real name field. NOTE: this issue exists because of an incomplete fix for CVE-2012-4189.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 4.2.1 |
| mozilla | bugzilla | 4.1.1 |
| mozilla | bugzilla | 4.2.3 |
| mozilla | bugzilla | 4.2 |
| mozilla | bugzilla | 4.3.3 |
| mozilla | bugzilla | 4.2.2 |
| mozilla | bugzilla | 4.3.1 |
| mozilla | bugzilla | 4.3 |
| mozilla | bugzilla | 4.3.2 |
| mozilla | bugzilla | 4.2.5 |
| mozilla | bugzilla | 4.1 |
| mozilla | bugzilla | 4.1.2 |
| mozilla | bugzilla | 4.1.3 |
| mozilla | bugzilla | 4.2.4 |
| mozilla | bugzilla | 4.4 |
The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-326,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| fujitsu | m10-4s_firmware | * |
| fujitsu | m10-4_firmware | * |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 13.04 |
| canonical | ubuntu_linux | 13.10 |
| fujitsu | m10-1_firmware | * |
| fujitsu | sparc_enterprise_m9000_firmware | * |
| oracle | integrated_lights_out_manager_firmware | * |
| oracle | communications_application_session_controller | * |
| fujitsu | sparc_enterprise_m8000_firmware | * |
| oracle | http_server | 11.1.1.9.0 |
| mozilla | thunderbird_esr | * |
| fujitsu | sparc_enterprise_m4000_firmware | * |
| oracle | http_server | 12.1.3.0.0 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| oracle | http_server | 12.2.1.2.0 |
| fujitsu | sparc_enterprise_m5000_firmware | * |
| fujitsu | sparc_enterprise_m3000_firmware | * |
| oracle | http_server | 11.1.1.7.0 |
| canonical | ubuntu_linux | 12.10 |
| oracle | http_server | 12.2.1.1.0 |
Cross-site request forgery (CSRF) vulnerability in the persona_xsrf_token function in persona.module in the Mozilla Persona module 7.x-1.x before 7.x-1.11 for Drupal allows remote attackers to hijack the authentication of aribitrary users via a security token that is not a string data type.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | persona | * |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | thunderbird_esr | 17.0.9 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | firefox | 23.0.1 |
| mozilla | seamonkey | 2.12 |
| mozilla | thunderbird | 17.0.8 |
| mozilla | firefox | 24.0.2 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | thunderbird_esr | 17.0.8 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 21.0 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | firefox_esr | 24.0.2 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.21 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | firefox | 17.0.9 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 17.0.8 |
| mozilla | firefox | 24.0.1 |
| mozilla | thunderbird | 24.0 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | firefox | 24.0 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | firefox_esr | 24.0.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird | 17.0.7 |
| mozilla | seamonkey | 2.22 |
| mozilla | thunderbird_esr | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.5 |
Unspecified vulnerability in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | thunderbird_esr | 17.0.9 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | firefox | 23.0.1 |
| mozilla | seamonkey | 2.12 |
| mozilla | thunderbird | 17.0.8 |
| mozilla | firefox | 24.0.2 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 19.0 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 21.0 |
| mozilla | firefox_esr | 24.0.2 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.21 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 24.0.1 |
| mozilla | thunderbird | 24.0 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | firefox | 24.0 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | firefox_esr | 24.0.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird | 17.0.7 |
| mozilla | seamonkey | 2.22 |
| mozilla | seamonkey | 2.0.10 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 19.0 |
| mozilla | firefox | * |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 23.0.1 |
| mozilla | firefox | 21.0 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 23.0 |
The SELECT element implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly restrict the nature or placement of HTML within a dropdown menu, which allows remote attackers to spoof the address bar or conduct clickjacking attacks via vectors that trigger navigation off of a page containing this element.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | thunderbird_esr | 17.0.9 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | firefox | 23.0.1 |
| mozilla | seamonkey | 2.12 |
| mozilla | thunderbird | 17.0.8 |
| mozilla | firefox | 24.0.2 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 19.0 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 21.0 |
| mozilla | firefox_esr | 24.0.2 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.21 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 24.0.1 |
| mozilla | thunderbird | 24.0 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | firefox | 24.0 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | firefox_esr | 24.0.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird | 17.0.7 |
| mozilla | seamonkey | 2.22 |
| mozilla | seamonkey | 2.0.10 |
Mozilla Firefox before 25 allows modification of anonymous content of pluginProblem.xml binding
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-1021,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The JavaScript engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly allocate memory for unspecified functions, which allows remote attackers to conduct buffer overflow attacks via a crafted web page.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | thunderbird_esr | 17.0.9 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | firefox | 23.0.1 |
| mozilla | seamonkey | 2.12 |
| mozilla | thunderbird | 17.0.8 |
| mozilla | firefox | 24.0.2 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | thunderbird_esr | 17.0.8 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 21.0 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | firefox_esr | 24.0.2 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.21 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | firefox | 17.0.9 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 17.0.8 |
| mozilla | firefox | 24.0.1 |
| mozilla | thunderbird | 24.0 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | firefox | 24.0 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | firefox_esr | 24.0.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird | 17.0.7 |
| mozilla | seamonkey | 2.22 |
| mozilla | thunderbird_esr | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.5 |
The cycle collection (CC) implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly determine the thread for release of an image object, which allows remote attackers to execute arbitrary code or cause a denial of service (race condition and application crash) via a large HTML document containing IMG elements, as demonstrated by the Never-Ending Reddit on reddit.com.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | thunderbird_esr | 17.0.9 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | firefox | 23.0.1 |
| mozilla | seamonkey | 2.12 |
| mozilla | thunderbird | 17.0.8 |
| mozilla | firefox | 24.0.2 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 19.0 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 21.0 |
| mozilla | firefox_esr | 24.0.2 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.21 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 24.0.1 |
| mozilla | thunderbird | 24.0 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | firefox | 24.0 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | firefox_esr | 24.0.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird | 17.0.7 |
| mozilla | seamonkey | 2.22 |
| mozilla | seamonkey | 2.0.10 |
Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving a state-change event during an update of the offline cache.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | thunderbird_esr | 17.0.9 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | firefox | 23.0.1 |
| mozilla | seamonkey | 2.12 |
| mozilla | thunderbird | 17.0.8 |
| mozilla | firefox | 24.0.2 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | thunderbird_esr | 17.0.8 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 21.0 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | firefox_esr | 24.0.2 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.21 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | firefox | 17.0.9 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 17.0.8 |
| mozilla | firefox | 24.0.1 |
| mozilla | thunderbird | 24.0 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | firefox | 24.0 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | firefox_esr | 24.0.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird | 17.0.7 |
| mozilla | seamonkey | 2.22 |
| mozilla | thunderbird_esr | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.5 |
PDF.js in Mozilla Firefox before 25.0 and Firefox ESR 24.x before 24.1 does not properly handle the appending of an IFRAME element, which allows remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges by using this element within an embedded PDF object.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 24.0 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | * |
| mozilla | firefox | 23.0.1 |
| mozilla | firefox_esr | 24.0.1 |
| mozilla | firefox | 24.0.2 |
| mozilla | firefox | 21.0 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | firefox | 24.0.1 |
| mozilla | firefox_esr | 24.0.2 |
Use-after-free vulnerability in the nsIPresShell::GetPresContext function in the PresShell (aka presentation shell) implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors involving a CANVAS element, a mozTextStyle attribute, and an onresize event.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | thunderbird_esr | 17.0.9 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | firefox | 23.0.1 |
| mozilla | seamonkey | 2.12 |
| mozilla | thunderbird | 17.0.8 |
| mozilla | firefox | 24.0.2 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | thunderbird_esr | 17.0.8 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 21.0 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | firefox_esr | 24.0.2 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.21 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | firefox | 17.0.9 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 17.0.8 |
| mozilla | firefox | 24.0.1 |
| mozilla | thunderbird | 24.0 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | firefox | 24.0 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | firefox_esr | 24.0.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird | 17.0.7 |
| mozilla | seamonkey | 2.22 |
| mozilla | thunderbird_esr | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.5 |
Use-after-free vulnerability in the nsIOService::NewChannelFromURIWithProxyFlags function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code via vectors involving a blob: URL.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | thunderbird_esr | 17.0.9 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | firefox | 23.0.1 |
| mozilla | seamonkey | 2.12 |
| mozilla | thunderbird | 17.0.8 |
| mozilla | firefox | 24.0.2 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | thunderbird_esr | 17.0.8 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 21.0 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | firefox_esr | 24.0.2 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.21 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | firefox | 17.0.9 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 17.0.8 |
| mozilla | firefox | 24.0.1 |
| mozilla | thunderbird | 24.0 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | firefox | 24.0 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | firefox_esr | 24.0.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird | 17.0.7 |
| mozilla | seamonkey | 2.22 |
| mozilla | thunderbird_esr | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.5 |
Use-after-free vulnerability in the nsEventListenerManager::SetEventHandler function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code via vectors related to a memory allocation through the garbage collection (GC) API.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | thunderbird_esr | 17.0.9 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | firefox | 23.0.1 |
| mozilla | seamonkey | 2.12 |
| mozilla | thunderbird | 17.0.8 |
| mozilla | firefox | 24.0.2 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | thunderbird_esr | 17.0.8 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 21.0 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | firefox_esr | 24.0.2 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.21 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | firefox | 17.0.9 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 17.0.8 |
| mozilla | firefox | 24.0.1 |
| mozilla | thunderbird | 24.0 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | firefox | 24.0 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | firefox_esr | 24.0.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird | 17.0.7 |
| mozilla | seamonkey | 2.22 |
| mozilla | thunderbird_esr | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.5 |
The Worker::SetEventListener function in the Web workers implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to direct proxies.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | thunderbird_esr | 17.0.9 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | firefox | 23.0.1 |
| mozilla | seamonkey | 2.12 |
| mozilla | thunderbird | 17.0.8 |
| mozilla | firefox | 24.0.2 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | thunderbird_esr | 17.0.8 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 21.0 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | firefox_esr | 24.0.2 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.21 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | firefox | 17.0.9 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 17.0.8 |
| mozilla | firefox | 24.0.1 |
| mozilla | thunderbird | 24.0 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | firefox | 24.0 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | firefox_esr | 24.0.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird | 17.0.7 |
| mozilla | seamonkey | 2.22 |
| mozilla | thunderbird_esr | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.5 |
Use-after-free vulnerability in the nsContentUtils::ContentIsHostIncludingDescendantOf function in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving HTML document templates.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | thunderbird_esr | 17.0.9 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | firefox | 23.0.1 |
| mozilla | seamonkey | 2.12 |
| mozilla | thunderbird | 17.0.8 |
| mozilla | firefox | 24.0.2 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 19.0 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 21.0 |
| mozilla | firefox_esr | 24.0.2 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.21 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 24.0.1 |
| mozilla | thunderbird | 24.0 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | firefox | 24.0 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | firefox_esr | 24.0.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird | 17.0.7 |
| mozilla | seamonkey | 2.22 |
| mozilla | seamonkey | 2.0.10 |
The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly initialize data, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow and application crash) via crafted documents.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | thunderbird_esr | 17.0.9 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | firefox | 23.0.1 |
| mozilla | seamonkey | 2.12 |
| mozilla | thunderbird | 17.0.8 |
| mozilla | firefox | 24.0.2 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 22.0 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | thunderbird_esr | 17.0.8 |
| mozilla | firefox | 19.0.2 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 17.0.4 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 2.0 |
| mozilla | firefox | 21.0 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | firefox | 17.0.5 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | firefox_esr | 24.0.2 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.21 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | firefox | 17.0.9 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | firefox | 17.0.6 |
| mozilla | thunderbird | 17.0 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 17.0.8 |
| mozilla | firefox | 24.0.1 |
| mozilla | thunderbird | 24.0 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | firefox | 24.0 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | firefox | 19.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | firefox_esr | 24.0.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird | 17.0.7 |
| mozilla | seamonkey | 2.22 |
| mozilla | thunderbird_esr | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.5 |
Mozilla Network Security Services (NSS) 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | network_security_services | 3.14.3 |
| mozilla | network_security_services | 3.14.1 |
| mozilla | network_security_services | 3.14.4 |
| mozilla | network_security_services | 3.15.1 |
| mozilla | network_security_services | 3.14.2 |
| mozilla | network_security_services | 3.14 |
| mozilla | network_security_services | 3.15 |
| mozilla | network_security_services | 3.15.2 |
The CERT_VerifyCert function in lib/certhigh/certvfy.c in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 provides an unexpected return value for an incompatible key-usage certificate when the CERTVerifyLog argument is valid, which might allow remote attackers to bypass intended access restrictions via a crafted certificate.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | network_security_services | 3.15.1 |
| mozilla | network_security_services | 3.15 |
| mozilla | network_security_services | 3.15.2 |
Integer overflow in the PL_ArenaAllocate function in Mozilla Netscape Portable Runtime (NSPR) before 4.10.2, as used in Firefox before 25.0.1, Firefox ESR 17.x before 17.0.11 and 24.x before 24.1.1, and SeaMonkey before 2.22.1, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted X.509 certificate, a related issue to CVE-2013-1741.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | netscape_portable_runtime | 4.9.3 |
| mozilla | seamonkey | 2.19 |
| mozilla | netscape_portable_runtime | 4.9.2 |
| mozilla | firefox | 20.0 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | netscape_portable_runtime | 4.8.6 |
| mozilla | netscape_portable_runtime | 4.6.8 |
| mozilla | firefox | 19.0.2 |
| mozilla | netscape_portable_runtime | 4.2 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | firefox | 17.0.10 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | netscape_portable_runtime | 4.7.2 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | netscape_portable_runtime | 4.9.1 |
| mozilla | netscape_portable_runtime | 4.7.5 |
| mozilla | firefox | 17.0.4 |
| mozilla | netscape_portable_runtime | 4.9.4 |
| mozilla | firefox | 21.0 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.21 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | netscape_portable_runtime | 4.8.8 |
| mozilla | firefox | 17.0.6 |
| mozilla | firefox | 17.0 |
| mozilla | netscape_portable_runtime | 4.4.1 |
| mozilla | netscape_portable_runtime | 4.6.4 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | netscape_portable_runtime | 4.9 |
| mozilla | netscape_portable_runtime | 4.3 |
| mozilla | firefox | 24.0 |
| mozilla | netscape_portable_runtime | 4.7 |
| mozilla | seamonkey | 2.13 |
| mozilla | netscape_portable_runtime | 4.2.2 |
| mozilla | netscape_portable_runtime | 4.7.3 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | firefox_esr | 24.0.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 2.22 |
| mozilla | netscape_portable_runtime | 4.7.1 |
| mozilla | netscape_portable_runtime | 4.9.6 |
| mozilla | firefox | 17.0.3 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | netscape_portable_runtime | 4.8.2 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 17.0.2 |
| mozilla | netscape_portable_runtime | 4.1.1 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | netscape_portable_runtime | 4.6 |
| mozilla | seamonkey | * |
| mozilla | firefox | 23.0.1 |
| mozilla | netscape_portable_runtime | * |
| mozilla | seamonkey | 2.12 |
| mozilla | netscape_portable_runtime | 4.8.7 |
| mozilla | firefox | 24.0.2 |
| mozilla | firefox | 20.0.1 |
| mozilla | netscape_portable_runtime | 4.8.4 |
| mozilla | firefox | 22.0 |
| mozilla | netscape_portable_runtime | 4.6.2 |
| mozilla | netscape_portable_runtime | 4.6.1 |
| mozilla | netscape_portable_runtime | 4.7.6 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.14 |
| mozilla | netscape_portable_runtime | 4.9.5 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 17.0.7 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | netscape_portable_runtime | 4.1.2 |
| mozilla | seamonkey | 2.0 |
| mozilla | netscape_portable_runtime | 4.8 |
| mozilla | firefox | 17.0.5 |
| mozilla | firefox_esr | 24.0.2 |
| mozilla | netscape_portable_runtime | 4.10 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | firefox | 17.0.9 |
| mozilla | netscape_portable_runtime | 4.8.5 |
| mozilla | seamonkey | 2.16 |
| mozilla | netscape_portable_runtime | 4.5.1 |
| mozilla | firefox | * |
| mozilla | firefox | 17.0.8 |
| mozilla | netscape_portable_runtime | 4.6.6 |
| mozilla | firefox | 24.0.1 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | netscape_portable_runtime | 4.6.3 |
| mozilla | netscape_portable_runtime | 4.8.9 |
| mozilla | netscape_portable_runtime | 4.6.5 |
| mozilla | netscape_portable_runtime | 4.8.3 |
| mozilla | firefox | 19.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | netscape_portable_runtime | 4.7.4 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | netscape_portable_runtime | 4.6.7 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 13.04 |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_tus | 6.5 |
| suse | suse_linux_enterprise_software_development_kit | 11.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | suse_linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| fedoraproject | fedora | 20 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 6.5 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| fedoraproject | fedora | 19 |
| suse | suse_linux_enterprise_desktop | 11 |
| fedoraproject | fedora | 18 |
| canonical | ubuntu_linux | 12.10 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| suse | linux_enterprise_software_development_kit | 11 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 13.04 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| mozilla | firefox | * |
| fedoraproject | fedora | 19 |
| mozilla | seamonkey | * |
| oracle | solaris | 11.3 |
| suse | linux_enterprise_desktop | 11 |
| fedoraproject | fedora | 18 |
| suse | linux_enterprise_server | 11 |
| canonical | ubuntu_linux | 12.10 |
| opensuse | opensuse | 12.3 |
| fedoraproject | fedora | 20 |
Mozilla Firefox before 26.0 does not properly remove the Application Installation doorhanger, which makes it easier for remote attackers to spoof a Web App installation site by controlling the timing of page navigation.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 3.6.27 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| suse | linux_enterprise_software_development_kit | 11 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 3.5.1 |
| opensuse | opensuse | 13.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 17.0.4 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox | 7.0.1 |
| opensuse_project | opensuse | 11.4 |
| mozilla | firefox | 18.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 17.0.6 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 16.0.2 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 16.0 |
| mozilla | firefox | 3.6.24 |
| mozilla | firefox | 10.0.3 |
| fedoraproject | fedora | 19 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| canonical | ubuntu_linux | 13.04 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 17.0.2 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 23.0.1 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 10.0.10 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 18.0.2 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 17.0.5 |
| mozilla | firefox | 2.0.0.20 |
| canonical | ubuntu_linux | 12.10 |
| mozilla | firefox | 10.0.8 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.6.26 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 3.6.25 |
| mozilla | firefox | 17.0.11 |
| mozilla | firefox | 10.0.7 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| opensuse_project | opensuse | 12.3 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 25.0 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 14.0 |
| mozilla | firefox | 3.0.18 |
| fedoraproject | fedora | 20 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 17.0.10 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 10.0.9 |
| mozilla | firefox | 10.0.12 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 21.0 |
| oracle | solaris | 11.3 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 10.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 24.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 3.6.28 |
| mozilla | firefox | 24.0 |
| canonical | ubuntu_linux | 13.10 |
| mozilla | firefox | 3.0.19 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 15.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| suse | linux_enterprise_server | 11 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 13.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 17.0.9 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 17.0.8 |
| suse | linux_enterprise_desktop | 11 |
| mozilla | firefox | 15.0 |
| mozilla | firefox | 18.0 |
| mozilla | firefox | 10.0.5 |
| mozilla | firefox | 16.0.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 14.0.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset parameter in a Content-Type HTTP header.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 13.04 |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_tus | 6.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| fedoraproject | fedora | 20 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 6.5 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| redhat | enterprise_linux_server_aus | 6.5 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| fedoraproject | fedora | 19 |
| oracle | solaris | 11.3 |
| canonical | ubuntu_linux | 12.10 |
Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 13.04 |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_tus | 6.5 |
| suse | suse_linux_enterprise_software_development_kit | 11.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | suse_linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| fedoraproject | fedora | 20 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 6.5 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| fedoraproject | fedora | 19 |
| suse | suse_linux_enterprise_desktop | 11 |
| fedoraproject | fedora | 18 |
| canonical | ubuntu_linux | 12.10 |
Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-1021,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 13.04 |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_tus | 6.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| fedoraproject | fedora | 20 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 6.5 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| redhat | enterprise_linux_server_aus | 6.5 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| fedoraproject | fedora | 19 |
| oracle | solaris | 11.3 |
| canonical | ubuntu_linux | 12.10 |
The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 13.04 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| suse | suse_linux_enterprise_software_development_kit | 11.0 |
| mozilla | firefox | * |
| fedoraproject | fedora | 19 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| suse | suse_linux_enterprise_desktop | 11 |
| fedoraproject | fedora | 18 |
| suse | suse_linux_enterprise_server | 11 |
| canonical | ubuntu_linux | 12.10 |
| opensuse | opensuse | 12.3 |
| fedoraproject | fedora | 20 |
Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 13.04 |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_tus | 6.5 |
| suse | suse_linux_enterprise_software_development_kit | 11.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | suse_linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| fedoraproject | fedora | 20 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 6.5 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| fedoraproject | fedora | 19 |
| suse | suse_linux_enterprise_desktop | 11 |
| fedoraproject | fedora | 18 |
| canonical | ubuntu_linux | 12.10 |
Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by triggering improper garbage collection.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 13.04 |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_tus | 6.5 |
| suse | suse_linux_enterprise_software_development_kit | 11.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | suse_linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| fedoraproject | fedora | 20 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 6.5 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| fedoraproject | fedora | 19 |
| suse | suse_linux_enterprise_desktop | 11 |
| fedoraproject | fedora | 18 |
| canonical | ubuntu_linux | 12.10 |
Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| suse | linux_enterprise_software_development_kit | 11 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 13.04 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| mozilla | firefox | * |
| fedoraproject | fedora | 19 |
| mozilla | seamonkey | * |
| oracle | solaris | 11.3 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| canonical | ubuntu_linux | 12.10 |
| fedoraproject | fedora | 20 |
Mozilla Firefox through 27 sends HTTP Cookie headers without first validating that they have the required character-set restrictions, which allows remote attackers to conduct the equivalent of a persistent Logout CSRF attack via a crafted parameter that forces a web application to set a malformed cookie within an HTTP response.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 10.04 |
| opensuse | opensuse | 12.2 |
| artifex | gpl_ghostscript | * |
| canonical | ubuntu_linux | 12.04 |
| chrome | * | |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 13.04 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| fedoraproject | fedora | 19 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| oracle | solaris | 11.3 |
| fedoraproject | fedora | 18 |
| libjpeg-turbo | libjpeg-turbo | * |
| canonical | ubuntu_linux | 12.10 |
| debian | debian_linux | 8.0 |
| opensuse | opensuse | 12.3 |
| fedoraproject | fedora | 20 |
The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 13.04 |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_tus | 6.5 |
| suse | suse_linux_enterprise_software_development_kit | 11.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | suse_linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| fedoraproject | fedora | 20 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 6.5 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| fedoraproject | fedora | 19 |
| suse | suse_linux_enterprise_desktop | 11 |
| fedoraproject | fedora | 18 |
| canonical | ubuntu_linux | 12.10 |
Mozilla Firefox before 26.0 and SeaMonkey before 2.23 on Linux allow user-assisted remote attackers to read clipboard data by leveraging certain middle-click paste operations.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| suse | linux_enterprise_software_development_kit | 11 |
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 13.04 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| mozilla | firefox | * |
| fedoraproject | fedora | 19 |
| mozilla | seamonkey | * |
| oracle | solaris | 11.3 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| canonical | ubuntu_linux | 12.10 |
| opensuse | opensuse | 12.3 |
| fedoraproject | fedora | 20 |
Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.9 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N | 2.2 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| opensuse | opensuse | 12.2 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 13.04 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| suse | suse_linux_enterprise_software_development_kit | 11.0 |
| mozilla | firefox | * |
| fedoraproject | fedora | 19 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| suse | linux_enterprise_desktop | 11 |
| fedoraproject | fedora | 18 |
| suse | linux_enterprise_server | 11 |
| canonical | ubuntu_linux | 12.10 |
| opensuse | opensuse | 12.3 |
| fedoraproject | fedora | 20 |
Cross-site scripting (XSS) vulnerability in Mozilla Thunderbird 17.x through 17.0.8, Thunderbird ESR 17.x through 17.0.10, and SeaMonkey before 2.20 allows user-assisted remote attackers to inject arbitrary web script or HTML via an e-mail message containing a data: URL in an IFRAME element, a related issue to CVE-2014-2018.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | thunderbird_esr | 17.0.9 |
| mozilla | thunderbird_esr | 17.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 2.12 |
| mozilla | thunderbird | 17.0.8 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | thunderbird_esr | 17.0.8 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 17.0 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird | 17.0.7 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | thunderbird_esr | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_tus | 6.5 |
| debian | debian_linux | 7.0 |
| suse | suse_linux_enterprise_software_development_kit | 11.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | suse_linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| fedoraproject | fedora | 20 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 6.5 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 11.4 |
| fedoraproject | fedora | 19 |
| suse | suse_linux_enterprise_desktop | 11 |
| canonical | ubuntu_linux | 12.10 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the MPostWriteBarrier class in js/src/jit/MIR.h and stack alignment in js/src/jit/AsmJS.cpp in OdinMonkey, and unknown other vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| canonical | ubuntu_linux | 12.04 |
| mozilla | seamonkey | * |
| canonical | ubuntu_linux | 13.10 |
| oracle | solaris | 11.3 |
| opensuse | opensuse | 13.1 |
| canonical | ubuntu_linux | 12.10 |
| opensuse | opensuse | 12.3 |
| opensuse | opensuse | 11.4 |
The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_tus | 6.5 |
| debian | debian_linux | 7.0 |
| suse | suse_linux_enterprise_software_development_kit | 11.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | suse_linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| fedoraproject | fedora | 20 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 6.5 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 11.4 |
| fedoraproject | fedora | 19 |
| suse | suse_linux_enterprise_desktop | 11 |
| canonical | ubuntu_linux | 12.10 |
The file-download implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 does not properly restrict the timing of button selections, which allows remote attackers to conduct clickjacking attacks, and trigger unintended launching of a downloaded file, via a crafted web site.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-1021,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| suse | linux_enterprise_software_development_kit | 11 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 11.4 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| oracle | solaris | 11.3 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| canonical | ubuntu_linux | 12.10 |
| opensuse | opensuse | 12.3 |
Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_tus | 6.5 |
| debian | debian_linux | 7.0 |
| suse | suse_linux_enterprise_software_development_kit | 11.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | suse_linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| fedoraproject | fedora | 20 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 6.5 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 11.4 |
| fedoraproject | fedora | 19 |
| suse | suse_linux_enterprise_desktop | 11 |
| canonical | ubuntu_linux | 12.10 |
RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_tus | 6.5 |
| debian | debian_linux | 7.0 |
| suse | suse_linux_enterprise_software_development_kit | 11.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | suse_linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| fedoraproject | fedora | 20 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 6.5 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 11.4 |
| fedoraproject | fedora | 19 |
| suse | suse_linux_enterprise_desktop | 11 |
| canonical | ubuntu_linux | 12.10 |
Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-1021,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 11.4 |
| suse | suse_linux_enterprise_software_development_kit | 11.0 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| oracle | solaris | 11.3 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| canonical | ubuntu_linux | 12.10 |
| opensuse | opensuse | 12.3 |
Mozilla Firefox before 27.0 on Android 4.2 and earlier creates system-log entries containing profile paths, which allows attackers to obtain sensitive information via a crafted application.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 3.6.27 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| suse | linux_enterprise_software_development_kit | 11 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 3.5.1 |
| opensuse | opensuse | 13.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 17.0.4 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 25.0.1 |
| mozilla | firefox | 18.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 17.0.6 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 16.0.2 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 16.0 |
| mozilla | firefox | 3.6.24 |
| mozilla | firefox | 10.0.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 17.0.2 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 23.0.1 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 10.0.10 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 18.0.2 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 17.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 10.0.8 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.6.26 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 3.6.25 |
| mozilla | firefox | 17.0.11 |
| mozilla | firefox | 10.0.7 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| opensuse_project | opensuse | 12.3 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 25.0 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 14.0 |
| mozilla | firefox | 3.0.18 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 17.0.10 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 10.0.9 |
| mozilla | firefox | 10.0.12 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 21.0 |
| oracle | solaris | 11.3 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 10.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 24.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 3.6.28 |
| mozilla | firefox | 24.0 |
| mozilla | firefox | 3.0.19 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 15.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| suse | linux_enterprise_server | 11 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 13.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 17.0.9 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 17.0.8 |
| suse | linux_enterprise_desktop | 11 |
| mozilla | firefox | 15.0 |
| mozilla | firefox | 18.0 |
| mozilla | firefox | 10.0.5 |
| mozilla | firefox | 16.0.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 14.0.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directives, which might allow remote attackers to execute arbitrary XSLT code by leveraging insufficient style-src restrictions.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| suse | linux_enterprise_software_development_kit | 11 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 11.4 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| oracle | solaris | 11.3 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| canonical | ubuntu_linux | 12.10 |
| opensuse | opensuse | 12.3 |
Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server_tus | 6.5 |
| opensuse | opensuse | 11.4 |
| debian | debian_linux | 7.0 |
| suse | suse_linux_enterprise_software_development_kit | 11.0 |
| mozilla | firefox | * |
| fedoraproject | fedora | 19 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| suse | suse_linux_enterprise_desktop | 11 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | suse_linux_enterprise_server | 11 |
| canonical | ubuntu_linux | 12.10 |
| opensuse | opensuse | 12.3 |
| fedoraproject | fedora | 20 |
| redhat | enterprise_linux_server | 6.0 |
The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-346,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_tus | 6.5 |
| debian | debian_linux | 7.0 |
| suse | suse_linux_enterprise_software_development_kit | 11.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | suse_linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| fedoraproject | fedora | 20 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 6.5 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 11.4 |
| fedoraproject | fedora | 19 |
| suse | suse_linux_enterprise_desktop | 11 |
| canonical | ubuntu_linux | 12.10 |
The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in conjunction with use of asm.js.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| suse | linux_enterprise_software_development_kit | 11 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 12.04 |
| mozilla | seamonkey | * |
| canonical | ubuntu_linux | 13.10 |
| oracle | solaris | 11.3 |
| suse | linux_enterprise_desktop | 11 |
| opensuse | opensuse | 13.1 |
| suse | linux_enterprise_server | 11 |
| canonical | ubuntu_linux | 12.10 |
| opensuse | opensuse | 12.3 |
Mozilla Firefox before 27.0 does not properly restrict access to about:home buttons by script on other pages, which allows user-assisted remote attackers to cause a denial of service (session restore) via a crafted web site.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 3.6.27 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| suse | linux_enterprise_software_development_kit | 11 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 3.5.1 |
| opensuse | opensuse | 13.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 17.0.4 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 25.0.1 |
| mozilla | firefox | 18.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 17.0.6 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 16.0.2 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 16.0 |
| mozilla | firefox | 3.6.24 |
| mozilla | firefox | 10.0.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 17.0.2 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 23.0.1 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 10.0.10 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 18.0.2 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 17.0.5 |
| mozilla | firefox | 2.0.0.20 |
| canonical | ubuntu_linux | 12.10 |
| mozilla | firefox | 10.0.8 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.6.26 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 3.6.25 |
| mozilla | firefox | 17.0.11 |
| mozilla | firefox | 10.0.7 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| opensuse_project | opensuse | 12.3 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 25.0 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 14.0 |
| mozilla | firefox | 3.0.18 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 17.0.10 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 10.0.9 |
| mozilla | firefox | 10.0.12 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 21.0 |
| oracle | solaris | 11.3 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 10.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 24.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 3.6.28 |
| mozilla | firefox | 24.0 |
| canonical | ubuntu_linux | 13.10 |
| mozilla | firefox | 3.0.19 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 15.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| suse | linux_enterprise_server | 11 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 13.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 17.0.9 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 17.0.8 |
| suse | linux_enterprise_desktop | 11 |
| mozilla | firefox | 15.0 |
| mozilla | firefox | 18.0 |
| mozilla | firefox | 10.0.5 |
| mozilla | firefox | 16.0.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 14.0.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors involving a resumption handshake that triggers incorrect replacement of a session ticket.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| suse | linux_enterprise_software_development_kit | 11 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 13.10 |
| oracle | enterprise_manager_ops_center | 12.2.0 |
| opensuse | opensuse | 13.1 |
| mozilla | network_security_services | * |
| oracle | enterprise_manager_ops_center | 12.2.1 |
| oracle | enterprise_manager_ops_center | 12.3.0 |
| opensuse | opensuse | 11.4 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| fedoraproject | fedora | 19 |
| oracle | vm_server | 3.2 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| oracle | enterprise_manager_ops_center | * |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| canonical | ubuntu_linux | 12.10 |
| opensuse | opensuse | 12.3 |
| fedoraproject | fedora | 20 |
Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict public values in Diffie-Hellman key exchanges, which makes it easier for remote attackers to bypass cryptographic protection mechanisms in ticket handling by leveraging use of a certain value.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-326,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| suse | linux_enterprise_software_development_kit | 11 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 13.10 |
| oracle | enterprise_manager_ops_center | 12.2.0 |
| opensuse | opensuse | 13.1 |
| mozilla | network_security_services | * |
| oracle | enterprise_manager_ops_center | 12.2.1 |
| oracle | enterprise_manager_ops_center | 12.3.0 |
| opensuse | opensuse | 11.4 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| fedoraproject | fedora | 19 |
| oracle | vm_server | 3.2 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| oracle | enterprise_manager_ops_center | * |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| canonical | ubuntu_linux | 12.10 |
| debian | debian_linux | 8.0 |
| opensuse | opensuse | 12.3 |
| fedoraproject | fedora | 20 |
The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checking implementation in Mozilla Network Security Services (NSS) before 3.16 accepts a wildcard character that is embedded in an internationalized domain name's U-label, which might allow man-in-the-middle attackers to spoof SSL servers via a crafted certificate.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | network_security_services | 3.4.2 |
| mozilla | network_security_services | 3.12.2 |
| mozilla | network_security_services | 3.15.1 |
| mozilla | network_security_services | 3.12 |
| mozilla | network_security_services | 3.12.9 |
| mozilla | network_security_services | 3.2 |
| mozilla | network_security_services | 3.11.5 |
| mozilla | network_security_services | * |
| mozilla | network_security_services | 3.11.2 |
| mozilla | network_security_services | 3.12.7 |
| mozilla | network_security_services | 3.12.11 |
| mozilla | network_security_services | 3.7 |
| mozilla | network_security_services | 3.14.2 |
| mozilla | network_security_services | 3.12.3.1 |
| mozilla | network_security_services | 3.12.6 |
| mozilla | network_security_services | 3.14.3 |
| mozilla | network_security_services | 3.9 |
| mozilla | network_security_services | 3.2.1 |
| mozilla | network_security_services | 3.14 |
| mozilla | network_security_services | 3.3.2 |
| mozilla | network_security_services | 3.7.5 |
| mozilla | network_security_services | 3.15.3 |
| mozilla | network_security_services | 3.14.4 |
| mozilla | network_security_services | 3.8 |
| mozilla | network_security_services | 3.15.2 |
| mozilla | network_security_services | 3.14.1 |
| mozilla | network_security_services | 3.7.7 |
| mozilla | network_security_services | 3.7.1 |
| mozilla | network_security_services | 3.5 |
| mozilla | network_security_services | 3.11.3 |
| mozilla | network_security_services | 3.15 |
| mozilla | network_security_services | 3.7.2 |
| mozilla | network_security_services | 3.12.10 |
| mozilla | network_security_services | 3.6.1 |
| mozilla | network_security_services | 3.4 |
| mozilla | network_security_services | 3.6 |
| mozilla | network_security_services | 3.12.3 |
| mozilla | network_security_services | 3.7.3 |
| mozilla | network_security_services | 3.14.5 |
| mozilla | network_security_services | 3.3 |
| mozilla | network_security_services | 3.4.1 |
| mozilla | network_security_services | 3.15.3.1 |
| mozilla | network_security_services | 3.15.4 |
| mozilla | network_security_services | 3.12.3.2 |
| mozilla | network_security_services | 3.12.5 |
| mozilla | network_security_services | 3.12.1 |
| mozilla | network_security_services | 3.12.4 |
| mozilla | network_security_services | 3.11.4 |
| mozilla | network_security_services | 3.12.8 |
| mozilla | network_security_services | 3.3.1 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_tus | 6.5 |
| debian | debian_linux | 7.0 |
| suse | suse_linux_enterprise_software_development_kit | 11.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | suse_linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 6.5 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 11.4 |
| suse | suse_linux_enterprise_desktop | 11 |
| canonical | ubuntu_linux | 12.10 |
| debian | debian_linux | 8.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| suse | linux_enterprise_software_development_kit | 11 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| opensuse_project | opensuse | 12.3 |
| oracle | solaris | 11.3 |
| suse | linux_enterprise_desktop | 11 |
| opensuse_project | opensuse | 11.4 |
| opensuse | opensuse | 13.1 |
| suse | linux_enterprise_server | 11 |
Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| suse | suse_linux_enterprise_software_development_kit | 11.0 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| suse | suse_linux_enterprise_desktop | 11 |
| mozilla | firefox_esr | * |
| suse | suse_linux_enterprise_server | 11 |
The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and application crash), or possibly have unspecified other impact via a crafted WAV file.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_tus | 6.5 |
| debian | debian_linux | 7.0 |
| suse | suse_linux_enterprise_software_development_kit | 11.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | suse_linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 6.5 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 11.4 |
| suse | suse_linux_enterprise_desktop | 11 |
| canonical | ubuntu_linux | 12.10 |
| debian | debian_linux | 8.0 |
The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger generation of a key that supports the Elliptic Curve ec-dual-use algorithm.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-347,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| suse | linux_enterprise_software_development_kit | 11 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| opensuse_project | opensuse | 12.3 |
| oracle | solaris | 11.3 |
| suse | linux_enterprise_desktop | 11 |
| opensuse_project | opensuse | 11.4 |
| opensuse | opensuse | 13.1 |
| suse | linux_enterprise_server | 11 |
Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| suse | linux_enterprise_software_development_kit | 11 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| opensuse_project | opensuse | 12.3 |
| oracle | solaris | 11.3 |
| suse | linux_enterprise_desktop | 11 |
| opensuse_project | opensuse | 11.4 |
| opensuse | opensuse | 13.1 |
| suse | linux_enterprise_server | 11 |
Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-400,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| suse | linux_enterprise_software_development_kit | 11 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| opensuse_project | opensuse | 12.3 |
| oracle | solaris | 11.3 |
| suse | linux_enterprise_desktop | 11 |
| opensuse_project | opensuse | 11.4 |
| opensuse | opensuse | 13.1 |
| suse | linux_enterprise_server | 11 |
Mozilla Firefox before 28.0 on Android allows remote attackers to bypass the Same Origin Policy and access arbitrary file: URLs via vectors involving the "Open Link in New Tab" menu selection.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 3.6.27 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| suse | linux_enterprise_software_development_kit | 11 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 17.0.4 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 25.0.1 |
| mozilla | firefox | 18.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 17.0.6 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 16.0.2 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 27.0 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 16.0 |
| mozilla | firefox | 3.6.24 |
| mozilla | firefox | 10.0.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 17.0.2 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 23.0.1 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 10.0.10 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 18.0.2 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 17.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 10.0.8 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.6.26 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 3.6.25 |
| mozilla | firefox | 17.0.11 |
| mozilla | firefox | 10.0.7 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 25.0 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 14.0 |
| mozilla | firefox | 3.0.18 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 17.0.10 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 10.0.9 |
| mozilla | firefox | 10.0.12 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 21.0 |
| oracle | solaris | 11.3 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 10.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 24.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 3.6.28 |
| mozilla | firefox | 24.0 |
| mozilla | firefox | 3.0.19 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 15.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| suse | linux_enterprise_server | 11 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 13.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 17.0.9 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 17.0.8 |
| suse | linux_enterprise_desktop | 11 |
| mozilla | firefox | 15.0 |
| mozilla | firefox | 18.0 |
| mozilla | firefox | 10.0.5 |
| mozilla | firefox | 16.0.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 14.0.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | firefox | 26.0 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-346,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| suse | linux_enterprise_software_development_kit | 11 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| opensuse_project | opensuse | 12.3 |
| oracle | solaris | 11.3 |
| suse | linux_enterprise_desktop | 11 |
| opensuse_project | opensuse | 11.4 |
| opensuse | opensuse | 13.1 |
| suse | linux_enterprise_server | 11 |
The session-restore feature in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not consider the Content Security Policy of a data: URL, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document that is accessed after a browser restart.
CVSS 2.0
Severity: LOW
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| suse | linux_enterprise_sdk | 11 |
| oracle | solaris | 11.3 |
| suse | linux_enterprise_desktop | 11 |
| opensuse | opensuse | 13.1 |
| suse | linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| opensuse | opensuse | 11.4 |
The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a different domain, via a timing attack involving feDisplacementMap elements, a related issue to CVE-2013-1693.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_tus | 6.5 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| novell | suse_linux_enterprise_software_development_kit | 11.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | suse_linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 6.5 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 11.4 |
| suse | suse_linux_enterprise_desktop | 11 |
| canonical | ubuntu_linux | 12.10 |
| debian | debian_linux | 8.0 |
Directory traversal vulnerability in Android Crash Reporter in Mozilla Firefox before 28.0 on Android allows attackers to trigger the transmission of local files to arbitrary servers, or cause a denial of service (application crash), via a crafted application that specifies Android Crash Reporter arguments.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 3.6.27 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 17.0.4 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 25.0.1 |
| mozilla | firefox | 18.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 17.0.6 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 16.0.2 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 27.0 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 16.0 |
| mozilla | firefox | 3.6.24 |
| mozilla | firefox | 10.0.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 17.0.2 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 23.0.1 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 10.0.10 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 18.0.2 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 17.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 10.0.8 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.6.26 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 3.6.25 |
| mozilla | firefox | 17.0.11 |
| mozilla | firefox | 10.0.7 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 25.0 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 14.0 |
| mozilla | firefox | 3.0.18 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 17.0.10 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 10.0.9 |
| mozilla | firefox | 10.0.12 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 21.0 |
| oracle | solaris | 11.3 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 10.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 24.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 3.6.28 |
| mozilla | firefox | 24.0 |
| mozilla | firefox | 3.0.19 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 15.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 13.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 17.0.9 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 17.0.8 |
| mozilla | firefox | 15.0 |
| mozilla | firefox | 18.0 |
| mozilla | firefox | 10.0.5 |
| mozilla | firefox | 16.0.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 14.0.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | firefox | 26.0 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
Directory traversal vulnerability in the DeviceStorage API in Mozilla FirefoxOS before 1.2.2 allows attackers to bypass the media sandbox protection mechanism, and read or modify arbitrary files, via a crafted application that uses a relative pathname for a DeviceStorageFile object.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefoxos | * |
| oracle | solaris | 11.3 |
The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H | 3.9 | 5.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_tus | 6.5 |
| debian | debian_linux | 7.0 |
| suse | suse_linux_enterprise_software_development_kit | 11.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | suse_linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 6.5 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 11.4 |
| suse | suse_linux_enterprise_desktop | 11 |
| canonical | ubuntu_linux | 12.10 |
| debian | debian_linux | 8.0 |
Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_tus | 6.5 |
| opensuse | opensuse | 11.4 |
| suse | suse_linux_enterprise_software_development_kit | 11.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| suse | suse_linux_enterprise_desktop | 11 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | suse_linux_enterprise_server | 11 |
| canonical | ubuntu_linux | 12.10 |
| opensuse | opensuse | 12.3 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 6.5 |
The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_tus | 6.5 |
| debian | debian_linux | 7.0 |
| suse | suse_linux_enterprise_software_development_kit | 11.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | suse_linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 6.5 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 11.4 |
| suse | suse_linux_enterprise_desktop | 11 |
| canonical | ubuntu_linux | 12.10 |
| debian | debian_linux | 8.0 |
Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_tus | 6.5 |
| debian | debian_linux | 7.0 |
| suse | suse_linux_enterprise_software_development_kit | 11.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | suse_linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 6.5 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 11.4 |
| suse | suse_linux_enterprise_desktop | 11 |
| canonical | ubuntu_linux | 12.10 |
| debian | debian_linux | 8.0 |
Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering extensive memory consumption while garbage collection is occurring, as demonstrated by improper handling of BumpChunk objects.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_tus | 6.5 |
| debian | debian_linux | 7.0 |
| suse | suse_linux_enterprise_software_development_kit | 11.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | suse_linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 6.5 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 11.4 |
| suse | suse_linux_enterprise_desktop | 11 |
| canonical | ubuntu_linux | 12.10 |
| debian | debian_linux | 8.0 |
TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based out-of-bounds write or read) via a crafted web site.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_tus | 6.5 |
| debian | debian_linux | 7.0 |
| suse | suse_linux_enterprise_software_development_kit | 11.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | suse_linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 6.5 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 11.4 |
| suse | suse_linux_enterprise_desktop | 11 |
| canonical | ubuntu_linux | 12.10 |
| debian | debian_linux | 8.0 |
vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_tus | 6.5 |
| debian | debian_linux | 7.0 |
| suse | suse_linux_enterprise_software_development_kit | 11.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | suse_linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 6.5 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 11.4 |
| suse | suse_linux_enterprise_desktop | 11 |
| canonical | ubuntu_linux | 12.10 |
| debian | debian_linux | 8.0 |
Mozilla Firefox before 28.0.1 on Android processes a file: URL by copying a local file onto the SD card, which allows attackers to obtain sensitive information from the Firefox profile directory via a crafted application.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The saltProfileName function in base/GeckoProfileDirectories.java in Mozilla Firefox through 28.0.1 on Android relies on Android's weak approach to seeding the Math.random function, which makes it easier for attackers to bypass a profile-randomization protection mechanism via a crafted application.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The login form in Bugzilla 2.x, 3.x, 4.x before 4.4.3, and 4.5.x before 4.5.3 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain sensitive information by arranging for a victim to login to the attacker's account and then submit a vulnerability report, related to a "login CSRF" issue.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.0.0 |
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 2.23.4 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 2.2 |
| mozilla | bugzilla | 4.4.2 |
| mozilla | bugzilla | 3.3 |
| mozilla | bugzilla | 4.3.2 |
| mozilla | bugzilla | 3.2.9 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 3.6.10 |
| mozilla | bugzilla | 3.1.3 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 4.5 |
| mozilla | bugzilla | 3.0.11 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 3.6.8 |
| fedoraproject | fedora | 20 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 4.2.1 |
| mozilla | bugzilla | 2.18.9 |
| mozilla | bugzilla | 4.1.1 |
| mozilla | bugzilla | 3.0.9 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 2.21.1 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 3.6.9 |
| mozilla | bugzilla | 4.3.1 |
| mozilla | bugzilla | 3.4.10 |
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 3.0.1 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 4.2.8 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 3.2.8 |
| mozilla | bugzilla | 4.1.2 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 4.0.8 |
| mozilla | bugzilla | 4.4.1 |
| mozilla | bugzilla | 3.0.4 |
| mozilla | bugzilla | 3.2.1 |
| mozilla | bugzilla | 4.4 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 3.0.5 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 4.0.3 |
| mozilla | bugzilla | 3.0.10 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.18.5 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 3.0 |
| mozilla | bugzilla | 4.2.6 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 3.5.3 |
| mozilla | bugzilla | 3.0.3 |
| mozilla | bugzilla | 4.3 |
| mozilla | bugzilla | 3.5 |
| mozilla | bugzilla | 3.3.3 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 4.0.13 |
| mozilla | bugzilla | 4.1 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 2.9 |
| mozilla | bugzilla | 3.4.11 |
| mozilla | bugzilla | 3.4.13 |
| mozilla | bugzilla | 2.23.1 |
| mozilla | bugzilla | 2.23.3 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.23.2 |
| mozilla | bugzilla | 2.18.6 |
| mozilla | bugzilla | 4.5.1 |
| mozilla | bugzilla | 4.5.2 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 3.0.2 |
| mozilla | bugzilla | 3.0.8 |
| fedoraproject | fedora | 19 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.20.7 |
| mozilla | bugzilla | 3.6.4 |
| mozilla | bugzilla | 3.4.12 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 4.0.12 |
| mozilla | bugzilla | 3.6.7 |
| mozilla | bugzilla | 2.18.4 |
| mozilla | bugzilla | 2.20.6 |
| mozilla | bugzilla | 2.21.2 |
| mozilla | bugzilla | 4.0.10 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.0.7 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.1.0 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 2.0 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.16.11 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 4.0.6 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 3.6.0 |
| mozilla | bugzilla | 3.6.11 |
| mozilla | bugzilla | 3.6.6 |
| mozilla | bugzilla | 4.0.11 |
| mozilla | bugzilla | 4.0.9 |
| mozilla | bugzilla | 4.1.3 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 3.1.4 |
| mozilla | bugzilla | 2.18.8 |
| mozilla | bugzilla | 2.23 |
| mozilla | bugzilla | 4.0.2 |
| mozilla | bugzilla | 3.3.2 |
| mozilla | bugzilla | 4.2.3 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 3.4 |
| mozilla | bugzilla | 3.7.3 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 3.5.2 |
| mozilla | bugzilla | 4.0.5 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 4.0.4 |
| mozilla | bugzilla | 2.18.6+ |
| mozilla | bugzilla | 3.1.2 |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 4.0.7 |
| mozilla | bugzilla | 4.2.7 |
| mozilla | bugzilla | 2.17.2 |
| mozilla | bugzilla | 3.2.10 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 3.5.1 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 3.4.8 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.20.5 |
| mozilla | bugzilla | 2.22.2 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 3.6.5 |
| mozilla | bugzilla | 3.6.13 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 4.2.5 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 4.2.9 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 3.0.6 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 3.1.1 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 4.0.1 |
| mozilla | bugzilla | 3.6.12 |
| mozilla | bugzilla | 4.2 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 3.3.1 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 4.3.3 |
| mozilla | bugzilla | 4.2.2 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 3.3.4 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 3.4.9 |
| mozilla | bugzilla | 4.0 |
| mozilla | bugzilla | 2.18.7 |
| mozilla | bugzilla | 4.2.4 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_tus | 6.5 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | suse_linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| fedoraproject | fedora | 20 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 6.5 |
| suse | suse_linux_enterprise_server | 10 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| canonical | ubuntu_linux | 14.04 |
| opensuse | opensuse | 11.4 |
| fedoraproject | fedora | 19 |
| canonical | ubuntu_linux | 12.10 |
| debian | debian_linux | 8.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| fedoraproject | fedora | 19 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | seamonkey | * |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| canonical | ubuntu_linux | 12.10 |
| canonical | ubuntu_linux | 14.04 |
| opensuse | opensuse | 12.3 |
| fedoraproject | fedora | 20 |
maintenservice_installer.exe in the Maintenance Service Installer in Mozilla Firefox before 29.0 and Firefox ESR 24.x before 24.5 on Windows allows local users to gain privileges by placing a Trojan horse DLL file into a temporary directory at an unspecified point in the update process.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| fedoraproject | fedora | 19 |
| mozilla | firefox_esr | * |
| fedoraproject | fedora | 20 |
The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read, memory corruption, and application crash) via crafted content.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| fedoraproject | fedora | 19 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | seamonkey | * |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| canonical | ubuntu_linux | 12.10 |
| canonical | ubuntu_linux | 14.04 |
| opensuse | opensuse | 12.3 |
Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_tus | 6.5 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | suse_linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| fedoraproject | fedora | 20 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 6.5 |
| suse | suse_linux_enterprise_server | 10 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| canonical | ubuntu_linux | 14.04 |
| opensuse | opensuse | 11.4 |
| fedoraproject | fedora | 19 |
| canonical | ubuntu_linux | 12.10 |
| debian | debian_linux | 8.0 |
The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted JavaScript code that accesses a non-XBL object as if it were an XBL object.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_tus | 6.5 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | suse_linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| fedoraproject | fedora | 20 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 6.5 |
| suse | suse_linux_enterprise_server | 10 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| canonical | ubuntu_linux | 14.04 |
| opensuse | opensuse | 11.4 |
| fedoraproject | fedora | 19 |
| canonical | ubuntu_linux | 12.10 |
| debian | debian_linux | 8.0 |
The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 does not properly perform garbage collection for Text Track Manager variables, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) via a crafted VIDEO element in an HTML document.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| fedoraproject | fedora | 19 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | seamonkey | * |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| canonical | ubuntu_linux | 12.10 |
| canonical | ubuntu_linux | 14.04 |
| opensuse | opensuse | 12.3 |
The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operations and calls to DOM methods on the unwrapped objects.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| fedoraproject | fedora | 19 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | seamonkey | * |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| canonical | ubuntu_linux | 12.10 |
| canonical | ubuntu_linux | 14.04 |
| opensuse | opensuse | 12.3 |
Mozilla Firefox before 29.0 on Android allows remote attackers to spoof the address bar via crafted JavaScript code that uses DOM events to prevent the reemergence of the actual address bar after scrolling has taken it off of the screen.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 3.6.27 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 17.0.4 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 27.0.1 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 25.0.1 |
| mozilla | firefox | 18.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 17.0.6 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 16.0.2 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 27.0 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 16.0 |
| mozilla | firefox | 3.6.24 |
| mozilla | firefox | 10.0.3 |
| fedoraproject | fedora | 19 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 17.0.2 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 23.0.1 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 10.0.10 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 18.0.2 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 17.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 10.0.8 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.6.26 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 3.6.25 |
| mozilla | firefox | 17.0.11 |
| mozilla | firefox | 10.0.7 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 25.0 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 14.0 |
| mozilla | firefox | 3.0.18 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 17.0.10 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 10.0.9 |
| mozilla | firefox | 10.0.12 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 21.0 |
| oracle | solaris | 11.3 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 10.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 24.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 3.6.28 |
| mozilla | firefox | 24.0 |
| mozilla | firefox | 3.0.19 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 15.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 13.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 17.0.9 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 17.0.8 |
| mozilla | firefox | 15.0 |
| mozilla | firefox | 18.0 |
| mozilla | firefox | 10.0.5 |
| mozilla | firefox | 16.0.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 14.0.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | firefox | 26.0 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
The sse2_composite_src_x888_8888 function in Pixman, as used in Cairo in Mozilla Firefox 28.0 and SeaMonkey 2.25 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by painting on a CANVAS element.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| fedoraproject | fedora | 19 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 13.10 |
| mozilla | seamonkey | 2.25 |
| opensuse_project | opensuse | 12.3 |
| oracle | solaris | 11.3 |
| opensuse | opensuse | 13.1 |
| mozilla | firefox | 28.0 |
| canonical | ubuntu_linux | 12.10 |
| canonical | ubuntu_linux | 14.04 |
The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page for which Notification.permission is granted.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_tus | 6.5 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | suse_linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| fedoraproject | fedora | 20 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 6.5 |
| suse | suse_linux_enterprise_server | 10 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| canonical | ubuntu_linux | 14.04 |
| opensuse | opensuse | 11.4 |
| fedoraproject | fedora | 19 |
| canonical | ubuntu_linux | 12.10 |
| debian | debian_linux | 8.0 |
The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-site scripting (XSS) attacks, via a crafted web site that performs history navigation.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_tus | 6.5 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | suse_linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| fedoraproject | fedora | 20 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 6.5 |
| suse | suse_linux_enterprise_server | 10 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| canonical | ubuntu_linux | 14.04 |
| opensuse | opensuse | 11.4 |
| fedoraproject | fedora | 19 |
| canonical | ubuntu_linux | 12.10 |
| debian | debian_linux | 8.0 |
Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving an imgLoader object that is not properly handled during an image-resize operation.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_tus | 6.5 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | suse_linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| fedoraproject | fedora | 20 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 6.5 |
| suse | suse_linux_enterprise_server | 10 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| canonical | ubuntu_linux | 14.04 |
| opensuse | opensuse | 11.4 |
| fedoraproject | fedora | 19 |
| canonical | ubuntu_linux | 12.10 |
| debian | debian_linux | 8.0 |
Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to host resolution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_tus | 6.5 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | suse_linux_enterprise_server | 11 |
| opensuse | opensuse | 12.3 |
| fedoraproject | fedora | 20 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_eus | 6.5 |
| suse | suse_linux_enterprise_server | 10 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| canonical | ubuntu_linux | 13.10 |
| opensuse | opensuse | 13.1 |
| canonical | ubuntu_linux | 14.04 |
| opensuse | opensuse | 11.4 |
| fedoraproject | fedora | 19 |
| canonical | ubuntu_linux | 12.10 |
| debian | debian_linux | 8.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 24.0 |
| mozilla | firefox | 24.1.0 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox_esr | 24.5 |
| mozilla | firefox | * |
| mozilla | firefox_esr | 24.4 |
| mozilla | firefox_esr | 24.0.1 |
| mozilla | firefox_esr | 24.2 |
| mozilla | firefox | 24.0.2 |
| mozilla | firefox_esr | 24.3 |
| mozilla | firefox | 24.0.1 |
| mozilla | firefox_esr | 24.0.2 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The PropertyProvider::FindJustificationRange function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Use-after-free vulnerability in the mozilla::dom::workers::WorkerPrivateParent function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Use-after-free vulnerability in the nsTextEditRules::CreateMozBR function in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 24.0.1 |
| mozilla | firefox | 24.0 |
| mozilla | thunderbird | 24.4 |
| mozilla | firefox | 24.1.0 |
| mozilla | thunderbird | 24.3 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox_esr | 24.5 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | 24.4 |
| mozilla | firefox_esr | 24.0.1 |
| mozilla | firefox_esr | 24.2 |
| mozilla | firefox | 24.0.2 |
| mozilla | firefox_esr | 24.3 |
| mozilla | thunderbird | 24.1 |
| mozilla | thunderbird | 24.1.1 |
| mozilla | firefox | 24.0.1 |
| mozilla | thunderbird | 24.0 |
| mozilla | firefox_esr | 24.0.2 |
| mozilla | thunderbird | 24.2 |
Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X do not ensure visibility of the cursor after interaction with a Flash object and a DIV element, which makes it easier for remote attackers to conduct clickjacking attacks via JavaScript code that produces a fake cursor image.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | 24.0.1 |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 24.4 |
| mozilla | thunderbird | 24.5 |
| mozilla | thunderbird | 24.1 |
| mozilla | thunderbird | 24.1.1 |
| mozilla | thunderbird | 24.0 |
| mozilla | thunderbird | 24.3 |
| mozilla | thunderbird | 24.2 |
Use-after-free vulnerability in the nsEventListenerManager::CompileEventHandlerInternal function in the Event Listener Manager in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Use-after-free vulnerability in the RefreshDriverTimer::TickDriver function in the SMIL Animation Controller in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 24.0.1 |
| mozilla | firefox | 24.0 |
| mozilla | thunderbird | 24.4 |
| mozilla | firefox | 24.1.0 |
| mozilla | thunderbird | 24.3 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox_esr | 24.5 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | 24.4 |
| mozilla | firefox_esr | 24.0.1 |
| mozilla | firefox_esr | 24.2 |
| mozilla | firefox | 24.0.2 |
| mozilla | firefox_esr | 24.3 |
| mozilla | thunderbird | 24.1 |
| mozilla | thunderbird | 24.1.1 |
| mozilla | firefox | 24.0.1 |
| mozilla | thunderbird | 24.0 |
| mozilla | firefox_esr | 24.0.2 |
| mozilla | thunderbird | 24.2 |
Buffer overflow in the Speex resampler in the Web Audio subsystem in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code via vectors related to a crafted AudioBuffer channel count and sample rate.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| opensuse_project | opensuse | 12.3 |
| oracle | solaris | 11.3 |
| opensuse | opensuse | 13.1 |
Multiple heap-based buffer overflows in the navigator.getGamepads function in the Gamepad API in Mozilla Firefox before 30.0 allow remote attackers to execute arbitrary code by using non-contiguous axes with a (1) physical or (2) virtual Gamepad device.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger certain improper removal of an NSSCertificate structure from a trust domain.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | network_security_services | 3.4.2 |
| mozilla | thunderbird | 24.4 |
| mozilla | network_security_services | 3.12.2 |
| mozilla | network_security_services | 3.15.1 |
| mozilla | network_security_services | 3.12 |
| mozilla | network_security_services | 3.12.9 |
| mozilla | network_security_services | 3.2 |
| mozilla | network_security_services | 3.11.5 |
| mozilla | network_security_services | 3.11.2 |
| mozilla | network_security_services | 3.12.7 |
| mozilla | network_security_services | 3.12.11 |
| mozilla | firefox_esr | 24.4 |
| mozilla | thunderbird | 24.5 |
| mozilla | network_security_services | 3.7 |
| mozilla | firefox | 24.0.2 |
| mozilla | network_security_services | 3.14.2 |
| mozilla | network_security_services | 3.12.3.1 |
| mozilla | network_security_services | 3.12.6 |
| mozilla | network_security_services | 3.14.3 |
| mozilla | network_security_services | 3.9 |
| mozilla | thunderbird | 24.0.1 |
| mozilla | firefox | 24.1.0 |
| mozilla | network_security_services | 3.2.1 |
| mozilla | network_security_services | 3.14 |
| mozilla | network_security_services | 3.3.2 |
| mozilla | firefox | 24.1.1 |
| mozilla | network_security_services | 3.7.5 |
| mozilla | network_security_services | 3.15.3 |
| mozilla | network_security_services | 3.14.4 |
| mozilla | firefox_esr | 24.3 |
| mozilla | network_security_services | 3.8 |
| mozilla | thunderbird | 24.1 |
| mozilla | thunderbird | 24.1.1 |
| mozilla | firefox_esr | 24.0.2 |
| mozilla | network_security_services | 3.15.2 |
| mozilla | network_security_services | 3.14.1 |
| mozilla | network_security_services | 3.7.7 |
| mozilla | network_security_services | 3.7.1 |
| mozilla | network_security_services | 3.5 |
| mozilla | network_security_services | 3.11.3 |
| mozilla | thunderbird | 24.3 |
| mozilla | network_security_services | 3.15 |
| mozilla | network_security_services | 3.7.2 |
| mozilla | firefox_esr | 24.5 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | network_security_services | 3.12.10 |
| mozilla | network_security_services | 3.6.1 |
| mozilla | network_security_services | 3.4 |
| mozilla | network_security_services | 3.6 |
| mozilla | firefox | 24.0.1 |
| mozilla | thunderbird | 24.0 |
| mozilla | network_security_services | 3.12.3 |
| mozilla | network_security_services | 3.7.3 |
| mozilla | thunderbird | 24.2 |
| mozilla | network_security_services | 3.14.5 |
| mozilla | network_security_services | 3.16 |
| mozilla | network_security_services | 3.3 |
| mozilla | network_security_services | 3.4.1 |
| mozilla | firefox | 24.0 |
| mozilla | network_security_services | 3.15.3.1 |
| mozilla | network_security_services | 3.15.4 |
| mozilla | network_security_services | 3.12.3.2 |
| mozilla | firefox_esr | 24.6 |
| mozilla | network_security_services | 3.12.5 |
| mozilla | network_security_services | 3.12.1 |
| mozilla | network_security_services | 3.15.5 |
| mozilla | network_security_services | 3.12.4 |
| mozilla | network_security_services | 3.11.4 |
| mozilla | firefox_esr | 24.0.1 |
| mozilla | firefox_esr | 24.2 |
| mozilla | network_security_services | 3.12.8 |
| mozilla | network_security_services | 3.3.1 |
Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and console functions.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | netscape_portable_runtime | 4.9.3 |
| mozilla | netscape_portable_runtime | 4.9.2 |
| mozilla | netscape_portable_runtime | 4.9.6 |
| mozilla | netscape_portable_runtime | 4.8.5 |
| mozilla | netscape_portable_runtime | 4.8.2 |
| mozilla | netscape_portable_runtime | 4.5.1 |
| mozilla | netscape_portable_runtime | 4.8.8 |
| mozilla | netscape_portable_runtime | 4.10.4 |
| mozilla | netscape_portable_runtime | 4.1.1 |
| mozilla | netscape_portable_runtime | 4.4.1 |
| mozilla | netscape_portable_runtime | 4.6 |
| mozilla | netscape_portable_runtime | 4.8.6 |
| mozilla | netscape_portable_runtime | * |
| mozilla | netscape_portable_runtime | 4.8.7 |
| mozilla | netscape_portable_runtime | 4.10.2 |
| mozilla | netscape_portable_runtime | 4.6.6 |
| mozilla | netscape_portable_runtime | 4.8.4 |
| mozilla | netscape_portable_runtime | 4.6.4 |
| mozilla | netscape_portable_runtime | 4.6.8 |
| mozilla | netscape_portable_runtime | 4.6.2 |
| mozilla | netscape_portable_runtime | 4.6.1 |
| mozilla | netscape_portable_runtime | 4.10.3 |
| mozilla | netscape_portable_runtime | 4.7.6 |
| mozilla | netscape_portable_runtime | 4.9 |
| mozilla | netscape_portable_runtime | 4.2 |
| mozilla | netscape_portable_runtime | 4.3 |
| mozilla | netscape_portable_runtime | 4.6.3 |
| mozilla | netscape_portable_runtime | 4.8.9 |
| mozilla | netscape_portable_runtime | 4.7 |
| mozilla | netscape_portable_runtime | 4.9.5 |
| mozilla | netscape_portable_runtime | 4.7.2 |
| mozilla | netscape_portable_runtime | 4.6.5 |
| mozilla | netscape_portable_runtime | 4.2.2 |
| mozilla | netscape_portable_runtime | 4.7.3 |
| mozilla | netscape_portable_runtime | 4.8.3 |
| mozilla | netscape_portable_runtime | 4.9.1 |
| mozilla | netscape_portable_runtime | 4.7.5 |
| mozilla | netscape_portable_runtime | 4.10.1 |
| mozilla | netscape_portable_runtime | 4.9.4 |
| mozilla | netscape_portable_runtime | 4.1.2 |
| mozilla | netscape_portable_runtime | 4.7.4 |
| mozilla | netscape_portable_runtime | 4.8 |
| mozilla | netscape_portable_runtime | 4.7.1 |
| mozilla | netscape_portable_runtime | 4.6.7 |
| mozilla | netscape_portable_runtime | 4.10 |
The response function in the JSONP endpoint in WebService/Server/JSONRPC.pm in jsonrpc.cgi in Bugzilla 3.x and 4.x before 4.0.14, 4.1.x and 4.2.x before 4.2.10, 4.3.x and 4.4.x before 4.4.5, and 4.5.x before 4.5.5 accepts certain long callback values and does not restrict the initial bytes of a JSONP response, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks, and obtain sensitive information, via a crafted OBJECT element with SWF content consistent with the _bz_callback character set.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.0.0 |
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 4.4.2 |
| mozilla | bugzilla | 3.3 |
| mozilla | bugzilla | 4.3.2 |
| mozilla | bugzilla | 3.2.9 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 3.6.10 |
| mozilla | bugzilla | 4.4.4 |
| mozilla | bugzilla | 3.1.3 |
| mozilla | bugzilla | 4.5 |
| mozilla | bugzilla | 3.0.11 |
| mozilla | bugzilla | 3.6.8 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 4.2.1 |
| mozilla | bugzilla | 4.1.1 |
| mozilla | bugzilla | 3.0.9 |
| mozilla | bugzilla | 4.5.4 |
| mozilla | bugzilla | 3.6.9 |
| mozilla | bugzilla | 4.3.1 |
| mozilla | bugzilla | 3.4.10 |
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 3.0.1 |
| mozilla | bugzilla | 4.2.8 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 3.2.8 |
| mozilla | bugzilla | 4.1.2 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 4.0.8 |
| mozilla | bugzilla | 4.4.1 |
| mozilla | bugzilla | 3.0.4 |
| mozilla | bugzilla | 3.2.1 |
| mozilla | bugzilla | 4.4 |
| mozilla | bugzilla | 3.0.5 |
| mozilla | bugzilla | 4.0.3 |
| mozilla | bugzilla | 3.0.10 |
| mozilla | bugzilla | 3.0 |
| mozilla | bugzilla | 4.2.6 |
| mozilla | bugzilla | 3.5.3 |
| mozilla | bugzilla | 3.0.3 |
| mozilla | bugzilla | 4.3 |
| mozilla | bugzilla | 3.5 |
| mozilla | bugzilla | 3.3.3 |
| mozilla | bugzilla | 4.0.13 |
| mozilla | bugzilla | 4.1 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 3.4.11 |
| mozilla | bugzilla | 3.4.13 |
| mozilla | bugzilla | 4.5.1 |
| mozilla | bugzilla | 4.5.2 |
| mozilla | bugzilla | 3.0.2 |
| mozilla | bugzilla | 3.0.8 |
| mozilla | bugzilla | 3.6.4 |
| mozilla | bugzilla | 3.4.12 |
| mozilla | bugzilla | 4.0.12 |
| mozilla | bugzilla | 3.6.7 |
| mozilla | bugzilla | 4.0.10 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.0.7 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.1.0 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 4.0.6 |
| mozilla | bugzilla | 3.6.0 |
| mozilla | bugzilla | 3.6.11 |
| mozilla | bugzilla | 3.6.6 |
| mozilla | bugzilla | 4.0.11 |
| mozilla | bugzilla | 4.0.9 |
| mozilla | bugzilla | 4.1.3 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 3.1.4 |
| mozilla | bugzilla | 4.0.2 |
| mozilla | bugzilla | 3.3.2 |
| mozilla | bugzilla | 4.2.3 |
| mozilla | bugzilla | 3.4 |
| mozilla | bugzilla | 3.7.3 |
| mozilla | bugzilla | 3.5.2 |
| mozilla | bugzilla | 4.0.5 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 4.0.4 |
| mozilla | bugzilla | 4.5.3 |
| mozilla | bugzilla | 3.1.2 |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 4.0.7 |
| mozilla | bugzilla | 4.2.7 |
| mozilla | bugzilla | 3.2.10 |
| mozilla | bugzilla | 3.5.1 |
| mozilla | bugzilla | 3.4.8 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 3.6.5 |
| mozilla | bugzilla | 3.6.13 |
| mozilla | bugzilla | 4.2.5 |
| mozilla | bugzilla | 4.2.9 |
| mozilla | bugzilla | 3.0.6 |
| mozilla | bugzilla | 3.1.1 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 4.4.3 |
| mozilla | bugzilla | 4.0.1 |
| mozilla | bugzilla | 3.6.12 |
| mozilla | bugzilla | 4.2 |
| mozilla | bugzilla | 3.3.1 |
| mozilla | bugzilla | 4.3.3 |
| mozilla | bugzilla | 4.2.2 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 3.3.4 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 3.4.9 |
| mozilla | bugzilla | 4.0 |
| mozilla | bugzilla | 4.2.4 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 24.0.1 |
| mozilla | firefox | 24.0 |
| mozilla | thunderbird | 24.4 |
| mozilla | firefox | 24.1.0 |
| mozilla | firefox_esr | 24.6 |
| mozilla | thunderbird | 24.3 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox_esr | 24.5 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | 24.4 |
| mozilla | thunderbird | 24.5 |
| mozilla | firefox_esr | 24.0.1 |
| mozilla | firefox_esr | 24.2 |
| mozilla | firefox | 24.0.2 |
| mozilla | firefox_esr | 24.3 |
| mozilla | thunderbird | 24.1 |
| mozilla | thunderbird | 24.1.1 |
| mozilla | firefox | 24.0.1 |
| mozilla | thunderbird | 24.0 |
| mozilla | firefox_esr | 24.0.2 |
| mozilla | thunderbird | 24.2 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 24.6 |
| mozilla | firefox | * |
| mozilla | thunderbird | 24.0.1 |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 24.4 |
| mozilla | thunderbird | 24.5 |
| mozilla | thunderbird | 24.1 |
| mozilla | thunderbird | 24.1.1 |
| mozilla | thunderbird | 24.0 |
| mozilla | thunderbird | 24.3 |
| mozilla | thunderbird | 24.2 |
The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox before 31.0 and Thunderbird before 31.0 does not properly allocate Web Audio buffer memory, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via crafted audio content that is improperly handled during playback buffering.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 24.6 |
| mozilla | firefox | * |
| mozilla | thunderbird | 24.0.1 |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 24.4 |
| mozilla | thunderbird | 24.5 |
| mozilla | thunderbird | 24.1 |
| mozilla | thunderbird | 24.1.1 |
| mozilla | thunderbird | 24.0 |
| mozilla | thunderbird | 24.3 |
| mozilla | thunderbird | 24.2 |
Use-after-free vulnerability in the MediaInputPort class in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging incorrect Web Audio control-message ordering.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 24.6 |
| mozilla | firefox | * |
| mozilla | thunderbird | 24.0.1 |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 24.4 |
| mozilla | thunderbird | 24.5 |
| mozilla | thunderbird | 24.1 |
| mozilla | thunderbird | 24.1.1 |
| mozilla | thunderbird | 24.0 |
| mozilla | thunderbird | 24.3 |
| mozilla | thunderbird | 24.2 |
Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 on Windows allows remote attackers to execute arbitrary code via crafted use of fonts in MathML content, leading to improper handling of a DirectWrite font-face object.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 24.0.1 |
| mozilla | firefox | 24.0 |
| mozilla | thunderbird | 24.4 |
| mozilla | firefox | 24.1.0 |
| mozilla | firefox_esr | 24.6 |
| mozilla | thunderbird | 24.3 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox_esr | 24.5 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | 24.4 |
| mozilla | thunderbird | 24.5 |
| mozilla | firefox_esr | 24.0.1 |
| mozilla | firefox_esr | 24.2 |
| mozilla | firefox | 24.0.2 |
| mozilla | firefox_esr | 24.3 |
| mozilla | thunderbird | 24.1 |
| mozilla | thunderbird | 24.1.1 |
| mozilla | firefox | 24.0.1 |
| mozilla | thunderbird | 24.0 |
| mozilla | firefox_esr | 24.0.2 |
| mozilla | thunderbird | 24.2 |
Mozilla Firefox before 31.0 and Thunderbird before 31.0 do not properly implement the sandbox attribute of the IFRAME element, which allows remote attackers to bypass intended restrictions on same-origin content via a crafted web site in conjunction with a redirect.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 24.6 |
| mozilla | firefox | * |
| mozilla | thunderbird | 24.0.1 |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 24.4 |
| mozilla | thunderbird | 24.5 |
| mozilla | thunderbird | 24.1 |
| mozilla | thunderbird | 24.1.1 |
| mozilla | thunderbird | 24.0 |
| mozilla | thunderbird | 24.3 |
| mozilla | thunderbird | 24.2 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | 31.0 |
| mozilla | firefox | 30.0 |
| opensuse | opensuse | 13.1 |
| opensuse | evergreen | 11.4 |
| opensuse | opensuse | 12.3 |
| mozilla | firefox | 31.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 32.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 31.0 |
Use-after-free vulnerability in the nsDocLoader::OnProgress function in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allows remote attackers to execute arbitrary code via vectors that trigger a FireOnStateChange event.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 24.0.1 |
| mozilla | firefox | 24.0 |
| mozilla | thunderbird | 24.4 |
| mozilla | firefox | 24.1.0 |
| mozilla | firefox_esr | 24.6 |
| mozilla | thunderbird | 24.3 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox_esr | 24.5 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | 24.4 |
| mozilla | thunderbird | 24.5 |
| mozilla | firefox_esr | 24.0.1 |
| mozilla | firefox_esr | 24.2 |
| mozilla | firefox | 24.0.2 |
| mozilla | firefox_esr | 24.3 |
| mozilla | thunderbird | 24.1 |
| mozilla | thunderbird | 24.1.1 |
| mozilla | firefox | 24.0.1 |
| mozilla | thunderbird | 24.0 |
| mozilla | firefox_esr | 24.0.2 |
| mozilla | thunderbird | 24.2 |
Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to execute arbitrary code via crafted WebGL content constructed with the Cesium JavaScript library.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 24.0.1 |
| mozilla | firefox | 24.0 |
| mozilla | thunderbird | 24.4 |
| mozilla | firefox | 24.1.0 |
| mozilla | firefox_esr | 24.6 |
| mozilla | thunderbird | 24.3 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox_esr | 24.5 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | 24.4 |
| mozilla | thunderbird | 24.5 |
| mozilla | firefox_esr | 24.0.1 |
| mozilla | firefox_esr | 24.2 |
| mozilla | firefox | 24.0.2 |
| mozilla | firefox_esr | 24.3 |
| mozilla | thunderbird | 24.1 |
| mozilla | thunderbird | 24.1.1 |
| mozilla | firefox | 24.0.1 |
| mozilla | thunderbird | 24.0 |
| mozilla | firefox_esr | 24.0.2 |
| mozilla | thunderbird | 24.2 |
The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data during function execution, which allows remote attackers to execute arbitrary code by triggering prolonged image scaling, as demonstrated by scaling of a high-quality image.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 6.0 |
| mozilla | thunderbird | 24.4 |
| mozilla | thunderbird | 24.3 |
| mozilla | firefox_esr | 24.5 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | 24.4 |
| mozilla | thunderbird | 24.5 |
| mozilla | firefox | 24.0.2 |
| mozilla | firefox | 24.0.1 |
| mozilla | thunderbird | 24.0 |
| mozilla | thunderbird | 24.2 |
| mozilla | thunderbird | 24.0.1 |
| mozilla | firefox | 24.0 |
| mozilla | firefox | 24.1.0 |
| mozilla | firefox_esr | 24.6 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox_esr | 24.0.1 |
| mozilla | firefox_esr | 24.2 |
| mozilla | firefox_esr | 24.3 |
| oracle | solaris | 11.3 |
| mozilla | thunderbird | 24.1 |
| mozilla | thunderbird | 24.1.1 |
| mozilla | firefox_esr | 24.0.2 |
Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1559.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 24.6 |
| mozilla | firefox | * |
| mozilla | thunderbird | 24.0.1 |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 24.4 |
| mozilla | thunderbird | 24.5 |
| mozilla | thunderbird | 24.1 |
| mozilla | thunderbird | 24.1.1 |
| mozilla | thunderbird | 24.0 |
| mozilla | thunderbird | 24.3 |
| mozilla | thunderbird | 24.2 |
Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1558.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 24.6 |
| mozilla | firefox | * |
| mozilla | thunderbird | 24.0.1 |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 24.4 |
| mozilla | thunderbird | 24.5 |
| mozilla | thunderbird | 24.1 |
| mozilla | thunderbird | 24.1.1 |
| mozilla | thunderbird | 24.0 |
| mozilla | thunderbird | 24.3 |
| mozilla | thunderbird | 24.2 |
Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use ASCII character encoding in a required context.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 24.6 |
| mozilla | firefox | * |
| mozilla | thunderbird | 24.0.1 |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 24.4 |
| mozilla | thunderbird | 24.5 |
| mozilla | thunderbird | 24.1 |
| mozilla | thunderbird | 24.1.1 |
| mozilla | thunderbird | 24.0 |
| mozilla | thunderbird | 24.3 |
| mozilla | thunderbird | 24.2 |
Mozilla Firefox before 31.0 does not properly restrict use of drag-and-drop events to spoof customization events, which allows remote attackers to alter the placement of UI icons via crafted JavaScript code that is encountered during (1) page, (2) panel, or (3) toolbar customization.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| oracle | solaris | 11.3 |
Unspecified vulnerability in the browser engine in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 24.4 |
| mozilla | thunderbird | 31.0 |
| mozilla | firefox | 30.0 |
| mozilla | thunderbird | 24.3 |
| mozilla | firefox_esr | 24.5 |
| mozilla | firefox | * |
| mozilla | firefox_esr | 24.4 |
| mozilla | thunderbird | 24.5 |
| mozilla | firefox | 24.0.2 |
| mozilla | firefox | 24.0.1 |
| mozilla | thunderbird | 24.0 |
| mozilla | thunderbird | 24.2 |
| mozilla | thunderbird | 24.6 |
| mozilla | thunderbird | 24.0.1 |
| mozilla | firefox | 24.0 |
| mozilla | firefox | 24.1.0 |
| mozilla | firefox_esr | 24.6 |
| mozilla | firefox | 24.1.1 |
| mozilla | thunderbird | 24.7 |
| mozilla | firefox_esr | 24.7 |
| mozilla | firefox_esr | 24.0.1 |
| mozilla | firefox_esr | 24.2 |
| mozilla | firefox_esr | 24.3 |
| mozilla | thunderbird | 24.1 |
| mozilla | thunderbird | 24.1.1 |
| mozilla | firefox_esr | 24.0.2 |
| mozilla | firefox | 31.0 |
Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG animation with DOM interaction that triggers incorrect cycle collection.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| oracle | solaris | 11.3 |
| mozilla | thunderbird | 31.0 |
| mozilla | firefox | 30.0 |
| opensuse | opensuse | 13.1 |
| opensuse | evergreen | 11.4 |
| opensuse | opensuse | 12.3 |
| mozilla | firefox | 31.0 |
Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 do not properly initialize memory for GIF rendering, which allows remote attackers to obtain sensitive information from process memory via crafted web script that interacts with a CANVAS element associated with a malformed GIF image.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-824,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | 31.0 |
| mozilla | firefox | 30.0 |
| opensuse | opensuse | 13.1 |
| opensuse | evergreen | 11.4 |
| opensuse | opensuse | 12.3 |
| mozilla | firefox | 31.0 |
The mozilla::dom::AudioEventTimeline function in the Web Audio API implementation in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 does not properly create audio timelines, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via crafted API calls.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | 31.0 |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 31.0 |
Mozilla Firefox before 31.1 on Android does not properly restrict copying of local files onto the SD card during processing of file: URLs, which allows attackers to obtain sensitive information from the Firefox profile directory via a crafted application. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1515.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 30.0 |
Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between directionality resolution and layout.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 24.4 |
| mozilla | thunderbird | 31.0 |
| mozilla | firefox | 30.0 |
| mozilla | thunderbird | 24.3 |
| mozilla | firefox_esr | 24.5 |
| mozilla | firefox | * |
| mozilla | firefox_esr | 24.4 |
| mozilla | thunderbird | 24.5 |
| mozilla | firefox | 24.0.2 |
| mozilla | firefox | 24.0.1 |
| mozilla | thunderbird | 24.0 |
| mozilla | thunderbird | 24.2 |
| mozilla | thunderbird | 24.6 |
| mozilla | thunderbird | 24.0.1 |
| mozilla | firefox | 24.0 |
| mozilla | firefox | 24.1.0 |
| mozilla | firefox_esr | 24.6 |
| mozilla | firefox | 24.1.1 |
| mozilla | thunderbird | 24.7 |
| mozilla | firefox_esr | 24.7 |
| mozilla | firefox_esr | 24.0.1 |
| mozilla | firefox_esr | 24.2 |
| mozilla | firefox_esr | 24.3 |
| mozilla | thunderbird | 24.1 |
| mozilla | thunderbird | 24.1.1 |
| mozilla | firefox_esr | 24.0.2 |
| mozilla | firefox | 31.0 |
Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31.x before 31.1.2, Mozilla SeaMonkey before 2.29.1, Google Chrome before 37.0.2062.124 on Windows and OS X, and Google Chrome OS before 37.0.2062.120, does not properly parse ASN.1 values in X.509 certificates, which makes it easier for remote attackers to spoof RSA signatures via a crafted certificate, aka a "signature malleability" issue.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | network_security_services | 3.12.2 |
| mozilla | network_security_services | 3.15.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | network_security_services | 3.12 |
| mozilla | network_security_services | 3.12.9 |
| mozilla | thunderbird | 31.0 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | network_security_services | 3.12.7 |
| mozilla | network_security_services | 3.7 |
| mozilla | network_security_services | 3.16.4 |
| mozilla | firefox | 32.0.1 |
| mozilla | network_security_services | 3.9 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | network_security_services | 3.7.5 |
| mozilla | network_security_services | 3.14.4 |
| mozilla | seamonkey | 2.2 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | network_security_services | 3.15.2 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | network_security_services | 3.14.1 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 2.21 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | network_security_services | 3.7.7 |
| mozilla | network_security_services | 3.7.1 |
| mozilla | network_security_services | 3.11.3 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| chrome | 37.0.2062.100 | |
| mozilla | thunderbird | * |
| mozilla | seamonkey | 1.0.9 |
| mozilla | network_security_services | 3.6.1 |
| mozilla | network_security_services | 3.12.3 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | network_security_services | 3.7.3 |
| chrome | 37.0.2062.0 | |
| mozilla | network_security_services | 3.14.5 |
| mozilla | seamonkey | 1.1.3 |
| chrome | * | |
| mozilla | seamonkey | 2.13 |
| mozilla | network_security_services | 3.15.4 |
| mozilla | network_security_services | 3.12.3.2 |
| mozilla | thunderbird | 31.1.1 |
| mozilla | network_security_services | 3.12.1 |
| mozilla | network_security_services | 3.15.5 |
| chrome | 37.0.2062.20 | |
| mozilla | network_security_services | 3.12.4 |
| mozilla | network_security_services | 3.11.4 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | thunderbird | 31.1.0 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | seamonkey | 2.22 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | network_security_services | 3.3.1 |
| mozilla | firefox | 31.1.0 |
| mozilla | seamonkey | 1.1.9 |
| mozilla | network_security_services | 3.16.3 |
| mozilla | network_security_services | 3.4.2 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.24 |
| mozilla | network_security_services | 3.2 |
| mozilla | network_security_services | 3.11.5 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | network_security_services | * |
| mozilla | seamonkey | 1.0.8 |
| mozilla | network_security_services | 3.11.2 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | network_security_services | 3.12.11 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 2.12 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | network_security_services | 3.14.2 |
| mozilla | firefox_esr | 24.8.0 |
| mozilla | network_security_services | 3.12.3.1 |
| mozilla | network_security_services | 3.12.6 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | network_security_services | 3.16.1 |
| mozilla | network_security_services | 3.14.3 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | network_security_services | 3.2.1 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | network_security_services | 3.14 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | network_security_services | 3.3.2 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | network_security_services | 3.15.3 |
| chrome | 37.0.2062.3 | |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | network_security_services | 3.8 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | network_security_services | 3.5 |
| mozilla | network_security_services | 3.15 |
| mozilla | network_security_services | 3.7.2 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | firefox | * |
| mozilla | network_security_services | 3.12.10 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | network_security_services | 3.4 |
| mozilla | network_security_services | 3.6 |
| mozilla | seamonkey | 2.26 |
| mozilla | firefox | 32.0.2 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | seamonkey | 2.23 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | network_security_services | 3.16 |
| mozilla | network_security_services | 3.3 |
| mozilla | network_security_services | 3.4.1 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | network_security_services | 3.15.3.1 |
| mozilla | seamonkey | 2.25 |
| mozilla | network_security_services | 3.12.5 |
| chrome | 37.0.2062.102 | |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.20 |
| mozilla | network_security_services | 3.12.8 |
| mozilla | seamonkey | 2.22.1 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | firefox | 31.0 |
The definite_length_decoder function in lib/util/quickder.c in Mozilla Network Security Services (NSS) before 3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers to conduct data-smuggling attacks by using a long byte sequence for an encoding, as demonstrated by the SEC_QuickDERDecodeItem function's improper handling of an arbitrary-length encoding of 0x00.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | network_security_services | 3.17.2 |
| mozilla | network_security_services | 3.16.2.0 |
| mozilla | network_security_services | 3.16.2.1 |
| mozilla | network_security_services | 3.17.1 |
| mozilla | network_security_services | 3.17.0 |
| mozilla | network_security_services | * |
| mozilla | network_security_services | 3.16.2.2 |
Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before 4.2.11, 4.3.x and 4.4.x before 4.4.6, and 4.5.x before 4.5.6 allows remote authenticated users to obtain sensitive private-comment information by leveraging a role as a flag recipient, related to Bug.pm, Flag.pm, and a mail template.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.0.0 |
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 2.23.4 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 2.2 |
| mozilla | bugzilla | 4.4.2 |
| mozilla | bugzilla | 3.3 |
| mozilla | bugzilla | 4.3.2 |
| mozilla | bugzilla | 3.2.9 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 3.6.10 |
| mozilla | bugzilla | 4.4.4 |
| mozilla | bugzilla | 3.1.3 |
| mozilla | bugzilla | 4.0.14 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 4.5 |
| mozilla | bugzilla | 3.0.11 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 3.6.8 |
| fedoraproject | fedora | 20 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 4.2.1 |
| mozilla | bugzilla | 2.18.9 |
| mozilla | bugzilla | 4.1.1 |
| mozilla | bugzilla | 3.0.9 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 4.4.5 |
| mozilla | bugzilla | 2.21.1 |
| mozilla | bugzilla | 4.5.4 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 3.6.9 |
| mozilla | bugzilla | 4.3.1 |
| mozilla | bugzilla | 3.4.10 |
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 3.0.1 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 4.2.8 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 3.2.8 |
| mozilla | bugzilla | 4.1.2 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 4.4.1 |
| mozilla | bugzilla | 3.0.4 |
| mozilla | bugzilla | 3.2.1 |
| mozilla | bugzilla | 4.4 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 3.0.5 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 4.2.10 |
| mozilla | bugzilla | 3.0.10 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.18.5 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 3.0 |
| mozilla | bugzilla | 4.2.6 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 3.5.3 |
| mozilla | bugzilla | 3.0.3 |
| mozilla | bugzilla | 4.3 |
| mozilla | bugzilla | 3.5 |
| mozilla | bugzilla | 3.3.3 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 4.0.13 |
| mozilla | bugzilla | 4.1 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 2.9 |
| mozilla | bugzilla | 3.4.11 |
| mozilla | bugzilla | 3.4.13 |
| mozilla | bugzilla | 2.23.1 |
| mozilla | bugzilla | 2.23.3 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.23.2 |
| mozilla | bugzilla | 2.18.6 |
| mozilla | bugzilla | 4.5.1 |
| mozilla | bugzilla | 4.5.2 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 3.0.2 |
| mozilla | bugzilla | 3.0.8 |
| fedoraproject | fedora | 19 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.20.7 |
| mozilla | bugzilla | 3.6.4 |
| mozilla | bugzilla | 3.4.12 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 4.0.12 |
| mozilla | bugzilla | 3.6.7 |
| mozilla | bugzilla | 2.18.4 |
| mozilla | bugzilla | 2.20.6 |
| mozilla | bugzilla | 2.21.2 |
| mozilla | bugzilla | 4.5.5 |
| mozilla | bugzilla | 4.0.10 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.0.7 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.1.0 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 2.0 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.16.11 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 3.6.0 |
| mozilla | bugzilla | 3.6.11 |
| mozilla | bugzilla | 3.6.6 |
| mozilla | bugzilla | 4.0.11 |
| mozilla | bugzilla | 4.1.3 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 3.1.4 |
| mozilla | bugzilla | 2.18.8 |
| mozilla | bugzilla | 2.23 |
| mozilla | bugzilla | 3.3.2 |
| mozilla | bugzilla | 4.2.3 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 3.4 |
| mozilla | bugzilla | 3.7.3 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 3.5.2 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 4.5.3 |
| mozilla | bugzilla | 2.18.6+ |
| mozilla | bugzilla | 3.1.2 |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 4.2.7 |
| mozilla | bugzilla | 2.17.2 |
| mozilla | bugzilla | 3.2.10 |
| mozilla | bugzilla | 2.16_rc2 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 3.5.1 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 3.4.8 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.20.5 |
| mozilla | bugzilla | 2.22.2 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 3.6.5 |
| mozilla | bugzilla | 3.6.13 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 4.2.5 |
| fedoraproject | fedora | 21 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 4.2.9 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 3.0.6 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 3.1.1 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 3.0_rc1 |
| mozilla | bugzilla | 4.4.3 |
| mozilla | bugzilla | 4.0.1 |
| mozilla | bugzilla | 3.6.12 |
| mozilla | bugzilla | 4.2 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 3.3.1 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 4.3.3 |
| mozilla | bugzilla | 4.2.2 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 3.3.4 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 3.4.9 |
| mozilla | bugzilla | 4.0 |
| mozilla | bugzilla | 2.18.7 |
| mozilla | bugzilla | 4.2.4 |
The confirm_create_account function in the account-creation feature in token.cgi in Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before 4.2.11, 4.3.x and 4.4.x before 4.4.6, and 4.5.x before 4.5.6 does not specify a scalar context for the realname parameter, which allows remote attackers to create accounts with unverified e-mail addresses by sending three realname values with realname=login_name as the second, as demonstrated by selecting an e-mail address with a domain name for which group privileges are automatically granted.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.0.0 |
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 2.23.4 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 2.2 |
| mozilla | bugzilla | 4.4.2 |
| mozilla | bugzilla | 3.3 |
| mozilla | bugzilla | 4.3.2 |
| mozilla | bugzilla | 3.2.9 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 3.6.10 |
| mozilla | bugzilla | 4.4.4 |
| mozilla | bugzilla | 3.1.3 |
| mozilla | bugzilla | 4.0.14 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 4.5 |
| mozilla | bugzilla | 3.0.11 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 3.6.8 |
| fedoraproject | fedora | 20 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 4.2.1 |
| mozilla | bugzilla | 2.18.9 |
| mozilla | bugzilla | 4.1.1 |
| mozilla | bugzilla | 3.0.9 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 4.4.5 |
| mozilla | bugzilla | 2.21.1 |
| mozilla | bugzilla | 4.5.4 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 3.6.9 |
| mozilla | bugzilla | 4.3.1 |
| mozilla | bugzilla | 3.4.10 |
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 3.0.1 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 4.2.8 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 3.2.8 |
| mozilla | bugzilla | 4.1.2 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 4.4.1 |
| mozilla | bugzilla | 3.0.4 |
| mozilla | bugzilla | 3.2.1 |
| mozilla | bugzilla | 4.4 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 3.0.5 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 4.2.10 |
| mozilla | bugzilla | 3.0.10 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.18.5 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 3.0 |
| mozilla | bugzilla | 4.2.6 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 3.5.3 |
| mozilla | bugzilla | 3.0.3 |
| mozilla | bugzilla | 4.3 |
| mozilla | bugzilla | 3.5 |
| mozilla | bugzilla | 3.3.3 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 4.0.13 |
| mozilla | bugzilla | 4.1 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 2.9 |
| mozilla | bugzilla | 3.4.11 |
| mozilla | bugzilla | 3.4.13 |
| mozilla | bugzilla | 2.23.1 |
| mozilla | bugzilla | 2.23.3 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.23.2 |
| mozilla | bugzilla | 2.18.6 |
| mozilla | bugzilla | 4.5.1 |
| mozilla | bugzilla | 4.5.2 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 3.0.2 |
| mozilla | bugzilla | 3.0.8 |
| fedoraproject | fedora | 19 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.20.7 |
| mozilla | bugzilla | 3.6.4 |
| mozilla | bugzilla | 3.4.12 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 4.0.12 |
| mozilla | bugzilla | 3.6.7 |
| mozilla | bugzilla | 2.18.4 |
| mozilla | bugzilla | 2.20.6 |
| mozilla | bugzilla | 2.21.2 |
| mozilla | bugzilla | 4.5.5 |
| mozilla | bugzilla | 4.0.10 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.0.7 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.1.0 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 2.0 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.16.11 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 3.6.0 |
| mozilla | bugzilla | 3.6.11 |
| mozilla | bugzilla | 3.6.6 |
| mozilla | bugzilla | 4.0.11 |
| mozilla | bugzilla | 4.1.3 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 3.1.4 |
| mozilla | bugzilla | 2.18.8 |
| mozilla | bugzilla | 2.23 |
| mozilla | bugzilla | 3.3.2 |
| mozilla | bugzilla | 4.2.3 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 3.4 |
| mozilla | bugzilla | 3.7.3 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 3.5.2 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 4.5.3 |
| mozilla | bugzilla | 2.18.6+ |
| mozilla | bugzilla | 3.1.2 |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 4.2.7 |
| mozilla | bugzilla | 2.17.2 |
| mozilla | bugzilla | 3.2.10 |
| mozilla | bugzilla | 2.16_rc2 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 3.5.1 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 3.4.8 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.20.5 |
| mozilla | bugzilla | 2.22.2 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 3.6.5 |
| mozilla | bugzilla | 3.6.13 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 4.2.5 |
| fedoraproject | fedora | 21 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 4.2.9 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 3.0.6 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 3.1.1 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 3.0_rc1 |
| mozilla | bugzilla | 4.4.3 |
| mozilla | bugzilla | 4.0.1 |
| mozilla | bugzilla | 3.6.12 |
| mozilla | bugzilla | 4.2 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 3.3.1 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 4.3.3 |
| mozilla | bugzilla | 4.2.2 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 3.3.4 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 3.4.9 |
| mozilla | bugzilla | 4.0 |
| mozilla | bugzilla | 2.18.7 |
| mozilla | bugzilla | 4.2.4 |
Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before 4.2.11, 4.3.x and 4.4.x before 4.4.6, and 4.5.x before 4.5.6 does not ensure that a scalar context is used for certain CGI parameters, which allows remote attackers to conduct cross-site scripting (XSS) attacks by sending three values for a single parameter name.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.0.0 |
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 2.23.4 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 2.2 |
| mozilla | bugzilla | 4.4.2 |
| mozilla | bugzilla | 3.3 |
| mozilla | bugzilla | 4.3.2 |
| mozilla | bugzilla | 3.2.9 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 3.6.10 |
| mozilla | bugzilla | 4.4.4 |
| mozilla | bugzilla | 3.1.3 |
| mozilla | bugzilla | 4.0.14 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 4.5 |
| mozilla | bugzilla | 3.0.11 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 3.6.8 |
| fedoraproject | fedora | 20 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 4.2.1 |
| mozilla | bugzilla | 2.18.9 |
| mozilla | bugzilla | 4.1.1 |
| mozilla | bugzilla | 3.0.9 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 4.4.5 |
| mozilla | bugzilla | 2.21.1 |
| mozilla | bugzilla | 4.5.4 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 3.6.9 |
| mozilla | bugzilla | 4.3.1 |
| mozilla | bugzilla | 3.4.10 |
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 3.0.1 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 4.2.8 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 3.2.8 |
| mozilla | bugzilla | 4.1.2 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 4.4.1 |
| mozilla | bugzilla | 3.0.4 |
| mozilla | bugzilla | 3.2.1 |
| mozilla | bugzilla | 4.4 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 3.0.5 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 4.2.10 |
| mozilla | bugzilla | 3.0.10 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.18.5 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 3.0 |
| mozilla | bugzilla | 4.2.6 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 3.5.3 |
| mozilla | bugzilla | 3.0.3 |
| mozilla | bugzilla | 4.3 |
| mozilla | bugzilla | 3.5 |
| mozilla | bugzilla | 3.3.3 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 4.0.13 |
| mozilla | bugzilla | 4.1 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 2.9 |
| mozilla | bugzilla | 3.4.11 |
| mozilla | bugzilla | 3.4.13 |
| mozilla | bugzilla | 2.23.1 |
| mozilla | bugzilla | 2.23.3 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.23.2 |
| mozilla | bugzilla | 2.18.6 |
| mozilla | bugzilla | 4.5.1 |
| mozilla | bugzilla | 4.5.2 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 3.0.2 |
| mozilla | bugzilla | 3.0.8 |
| fedoraproject | fedora | 19 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.20.7 |
| mozilla | bugzilla | 3.6.4 |
| mozilla | bugzilla | 3.4.12 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 4.0.12 |
| mozilla | bugzilla | 3.6.7 |
| mozilla | bugzilla | 2.18.4 |
| mozilla | bugzilla | 2.20.6 |
| mozilla | bugzilla | 2.21.2 |
| mozilla | bugzilla | 4.5.5 |
| mozilla | bugzilla | 4.0.10 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.0.7 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.1.0 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 2.0 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.16.11 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 3.6.0 |
| mozilla | bugzilla | 3.6.11 |
| mozilla | bugzilla | 3.6.6 |
| mozilla | bugzilla | 4.0.11 |
| mozilla | bugzilla | 4.1.3 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 3.1.4 |
| mozilla | bugzilla | 2.18.8 |
| mozilla | bugzilla | 2.23 |
| mozilla | bugzilla | 3.3.2 |
| mozilla | bugzilla | 4.2.3 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 3.4 |
| mozilla | bugzilla | 3.7.3 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 3.5.2 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 4.5.3 |
| mozilla | bugzilla | 2.18.6+ |
| mozilla | bugzilla | 3.1.2 |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 4.2.7 |
| mozilla | bugzilla | 2.17.2 |
| mozilla | bugzilla | 3.2.10 |
| mozilla | bugzilla | 2.16_rc2 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 3.5.1 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 3.4.8 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 2.20.5 |
| mozilla | bugzilla | 2.22.2 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 3.6.5 |
| mozilla | bugzilla | 3.6.13 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 4.2.5 |
| fedoraproject | fedora | 21 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 4.2.9 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 3.0.6 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 3.1.1 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 3.0_rc1 |
| mozilla | bugzilla | 4.4.3 |
| mozilla | bugzilla | 4.0.1 |
| mozilla | bugzilla | 3.6.12 |
| mozilla | bugzilla | 4.2 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 3.3.1 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 4.3.3 |
| mozilla | bugzilla | 4.2.2 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 3.3.4 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 3.4.9 |
| mozilla | bugzilla | 4.0 |
| mozilla | bugzilla | 2.18.7 |
| mozilla | bugzilla | 4.2.4 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | 31.1.0 |
| mozilla | thunderbird | 31.0 |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 33.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to improper interaction between threading and garbage collection in the GCRuntime::triggerGC function in js/src/jsgc.cpp, and unknown other vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
Heap-based buffer overflow in the nsTransformedTextRun function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via Cascading Style Sheets (CSS) token sequences that trigger changes to capitalization style.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | 31.1.0 |
| mozilla | thunderbird | 31.0 |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read, memory corruption, and application crash) via an invalid custom waveform that triggers a calculation of a negative frequency value.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | 31.1.0 |
| mozilla | thunderbird | 31.0 |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
The get_tile function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly execute arbitrary code via WebM frames with invalid tile sizes that are improperly handled in buffering operations during video playback.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | 31.1.0 |
| mozilla | thunderbird | 31.0 |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
Mozilla Firefox before 33.0 does not properly initialize memory for GIF images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers a sequence of rendering operations for truncated GIF data within a CANVAS element.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between directionality resolution and layout.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | 31.1.0 |
| mozilla | thunderbird | 31.0 |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
The Public Key Pinning (PKP) implementation in Mozilla Firefox before 33.0 does not properly consider the connection-coalescing behavior of SPDY and HTTP/2 in the case of a shared IP address, which allows man-in-the-middle attackers to bypass an intended pinning configuration and spoof a web site by providing a valid certificate from an arbitrary recognized Certification Authority.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
The Alarm API in Mozilla Firefox before 33.0 and Firefox ESR 31.x before 31.2 does not properly restrict toJSON calls, which allows remote attackers to bypass the Same Origin Policy via crafted API calls that access sensitive information within the JSON data of an alarm.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
The Public Key Pinning (PKP) implementation in Mozilla Firefox before 33.0 skips pinning checks upon an unspecified issuer-verification error, which makes it easier for remote attackers to bypass an intended pinning configuration and spoof a web site via a crafted certificate that leads to presentation of the Untrusted Connection dialog to the user.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
The WebRTC video-sharing feature in dom/media/MediaManager.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 does not properly recognize Stop Sharing actions for videos in IFRAME elements, which allows remote attackers to obtain sensitive information from the local camera by maintaining a session after the user tries to discontinue streaming.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | 31.1.0 |
| mozilla | thunderbird | 31.0 |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
content/base/src/nsDocument.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 does not consider whether WebRTC video sharing is occurring, which allows remote attackers to obtain sensitive information from the local camera in certain IFRAME situations by maintaining a session after the user temporarily navigates away.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | 31.1.0 |
| mozilla | thunderbird | 31.0 |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
Mozilla Firefox before 34.0 and SeaMonkey before 2.31 provide stylesheets with an incorrect primary namespace, which allows remote attackers to bypass intended access restrictions via an XBL binding.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
The XMLHttpRequest.prototype.send method in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to cause a denial of service (application crash) via a crafted JavaScript object.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla Firefox 33.0 and SeaMonkey before 2.31 include path strings in CSP violation reports, which allows remote attackers to obtain sensitive information via a web site that receives a report after a redirect.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-199,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | * |
| mozilla | firefox | 33.0 |
Use-after-free vulnerability in the nsHtml5TreeOperation function in xul.dll in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code by adding a second root element to an HTML5 document during parsing.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Stack-based buffer overflow in the mozilla::FileBlockCache::Read function in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code via crafted media content.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 might allow remote attackers to execute arbitrary code by leveraging an incorrect cast from the BasicThebesLayer data type to the BasicContainerLayer data type.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, and Thunderbird before 31.3 on Apple OS X 10.10 omit a CoreGraphics disable-logging action that is needed by jemalloc-based applications, which allows local users to obtain sensitive information by reading /tmp files, as demonstrated by credential information.
CVSS 2.0
Severity: LOW
Problem Type: CWE-199,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | 31.2 |
| mozilla | thunderbird | * |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
Cross-site scripting (XSS) vulnerability in Mozilla Thunderbird 17.x through 17.0.8, Thunderbird ESR 17.x through 17.0.10, and SeaMonkey before 2.20 allows user-assisted remote attackers to inject arbitrary web script or HTML via an e-mail message containing a data: URL in a (1) OBJECT or (2) EMBED element, a related issue to CVE-2013-6674.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 2.19 |
| mozilla | thunderbird_esr | 17.0.10 |
| mozilla | seamonkey | 2.0.1 |
| mozilla | seamonkey | 2.0.3 |
| mozilla | seamonkey | 2.0.5 |
| mozilla | seamonkey | 2.13.1 |
| mozilla | seamonkey | 1.5.0.8 |
| mozilla | seamonkey | 1.0.8 |
| mozilla | thunderbird | 17.0.4 |
| mozilla | seamonkey | 2.17.1 |
| mozilla | seamonkey | * |
| mozilla | seamonkey | 1.1.4 |
| mozilla | seamonkey | 1.1.18 |
| mozilla | seamonkey | 2.12 |
| mozilla | thunderbird | 17.0.8 |
| mozilla | seamonkey | 1.0.3 |
| mozilla | thunderbird | 17.0.2 |
| mozilla | seamonkey | 1.0.2 |
| mozilla | thunderbird | 17.0.6 |
| mozilla | thunderbird_esr | 17.0.8 |
| mozilla | seamonkey | 2.18 |
| mozilla | seamonkey | 2.0.11 |
| mozilla | seamonkey | 1.1.16 |
| mozilla | seamonkey | 2.14 |
| mozilla | seamonkey | 1.0.6 |
| mozilla | seamonkey | 2.15.1 |
| mozilla | seamonkey | 1.5.0.9 |
| mozilla | seamonkey | 1.5.0.10 |
| mozilla | seamonkey | 1.0.4 |
| mozilla | seamonkey | 2.10.1 |
| mozilla | seamonkey | 2.11 |
| mozilla | seamonkey | 1.1.2 |
| mozilla | seamonkey | 2.13.2 |
| mozilla | thunderbird | 17.0.5 |
| mozilla | seamonkey | 2.0.9 |
| mozilla | seamonkey | 1.0 |
| mozilla | seamonkey | 2.0 |
| mozilla | seamonkey | 1.0.5 |
| mozilla | thunderbird_esr | 17.0 |
| mozilla | thunderbird_esr | 17.0.3 |
| mozilla | seamonkey | 1.1.12 |
| mozilla | seamonkey | 2.0.8 |
| mozilla | seamonkey | 1.1 |
| mozilla | seamonkey | 1.1.15 |
| mozilla | thunderbird_esr | 17.0.4 |
| mozilla | seamonkey | 2.16.2 |
| mozilla | seamonkey | 2.12.1 |
| mozilla | seamonkey | 1.1.19 |
| mozilla | seamonkey | 2.17 |
| mozilla | seamonkey | 1.1.17 |
| mozilla | seamonkey | 2.15 |
| mozilla | seamonkey | 2.16 |
| mozilla | seamonkey | 2.0.6 |
| mozilla | seamonkey | 1.1.11 |
| mozilla | thunderbird | 17.0 |
| mozilla | seamonkey | 1.1.1 |
| mozilla | seamonkey | 1.0.9 |
| mozilla | seamonkey | 1.1.14 |
| mozilla | seamonkey | 1.1.7 |
| mozilla | seamonkey | 2.0.12 |
| mozilla | seamonkey | 2.10 |
| mozilla | seamonkey | 2.15.2 |
| mozilla | thunderbird_esr | 17.0.6 |
| mozilla | seamonkey | 2.0.4 |
| mozilla | seamonkey | 1.0.7 |
| mozilla | seamonkey | 1.1.3 |
| mozilla | seamonkey | 1.1.13 |
| mozilla | seamonkey | 2.13 |
| mozilla | thunderbird | 17.0.1 |
| mozilla | thunderbird_esr | 17.0.1 |
| mozilla | seamonkey | 2.0.13 |
| mozilla | seamonkey | 2.0.14 |
| mozilla | seamonkey | 2.16.1 |
| mozilla | seamonkey | 2.1 |
| mozilla | seamonkey | 2.0.2 |
| mozilla | seamonkey | 2.0.7 |
| mozilla | seamonkey | 1.1.10 |
| mozilla | thunderbird | 17.0.3 |
| mozilla | thunderbird | 17.0.7 |
| mozilla | seamonkey | 1.1.6 |
| mozilla | seamonkey | 1.1.5 |
| mozilla | thunderbird_esr | 17.0.7 |
| mozilla | seamonkey | 2.0.10 |
| mozilla | thunderbird_esr | 17.0.2 |
| mozilla | thunderbird_esr | 17.0.5 |
| mozilla | seamonkey | 1.0.1 |
| mozilla | seamonkey | 1.1.8 |
| mozilla | seamonkey | 1.1.9 |
Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, when running on Firefox, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | jdk | 1.8.0 |
| oracle | jre | 1.6.0 |
| oracle | jre | 1.7.0 |
| oracle | jdk | 1.6.0 |
| oracle | jre | 1.8.0 |
| mozilla | firefox | - |
Bugzilla before 4.0.16, 4.1.x and 4.2.x before 4.2.12, 4.3.x and 4.4.x before 4.4.7, and 5.x before 5.0rc1 allows remote authenticated users to execute arbitrary commands by leveraging the editcomponents privilege and triggering crafted input to a two-argument Perl open call, as demonstrated by shell metacharacters in a product name.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-77,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 4.2.10 |
| mozilla | bugzilla | 4.4.2 |
| mozilla | bugzilla | 4.2.6 |
| mozilla | bugzilla | 4.3 |
| mozilla | bugzilla | 4.3.2 |
| mozilla | bugzilla | 4.2.5 |
| mozilla | bugzilla | 4.4.4 |
| fedoraproject | fedora | 21 |
| mozilla | bugzilla | 4.2.9 |
| mozilla | bugzilla | 4.1 |
| mozilla | bugzilla | 4.2.11 |
| mozilla | bugzilla | 4.1.3 |
| mozilla | bugzilla | 4.5 |
| fedoraproject | fedora | 20 |
| mozilla | bugzilla | 4.2.1 |
| mozilla | bugzilla | 4.4.3 |
| mozilla | bugzilla | 4.4.6 |
| mozilla | bugzilla | 4.1.1 |
| mozilla | bugzilla | 4.2.3 |
| mozilla | bugzilla | 4.2 |
| mozilla | bugzilla | 4.4.5 |
| mozilla | bugzilla | 4.3.3 |
| mozilla | bugzilla | 4.5.1 |
| mozilla | bugzilla | 4.2.2 |
| mozilla | bugzilla | * |
| mozilla | bugzilla | 4.5.2 |
| mozilla | bugzilla | 4.5.4 |
| mozilla | bugzilla | 4.3.1 |
| mozilla | bugzilla | 4.5.6 |
| mozilla | bugzilla | 4.2.8 |
| mozilla | bugzilla | 4.5.3 |
| mozilla | bugzilla | 4.1.2 |
| mozilla | bugzilla | 4.4.1 |
| mozilla | bugzilla | 4.2.4 |
| mozilla | bugzilla | 4.2.7 |
| mozilla | bugzilla | 4.4 |
| mozilla | bugzilla | 4.5.5 |
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 supports native-interface passing, which allows remote attackers to bypass intended DOM object restrictions via a call to an unspecified method.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
The structured-clone implementation in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 does not properly interact with XrayWrapper property filtering, which allows remote attackers to bypass intended DOM object restrictions by leveraging property availability after XrayWrapper removal.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 31.3.0 |
| mozilla | firefox | * |
| mozilla | firefox_esr | 31.2 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
The XrayWrapper implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly interact with a DOM object that has a named getter, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not properly initialize memory for BMP images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers the rendering of malformed BMP data within a CANVAS element.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
The navigator.sendBeacon implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 omits the CORS Origin header, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 31.3.0 |
| mozilla | firefox | * |
| mozilla | firefox_esr | 31.2 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 do not properly interpret Set-Cookie headers within responses that have a 407 (aka Proxy Authentication Required) status code, which allows remote HTTP proxy servers to conduct session fixation attacks by providing a cookie name that corresponds to the session cookie of the origin server.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 31.3.0 |
| mozilla | firefox | * |
| mozilla | firefox_esr | 31.2 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in the Web Audio API implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly restrict timeline operations, which allows remote attackers to cause a denial of service (uninitialized-memory read and application crash) via crafted API calls.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
Use-after-free vulnerability in the WebRTC implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, and SeaMonkey before 2.32 allows remote attackers to execute arbitrary code via crafted track data.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 31.3.0 |
| mozilla | firefox | * |
| mozilla | firefox_esr | 31.2 |
| mozilla | seamonkey | * |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not consider the id-pkix-ocsp-nocheck extension in deciding whether to trust an OCSP responder, which makes it easier for remote attackers to obtain sensitive information by sniffing the network during a session in which there was an incorrect decision to accept a compromised and revoked certificate.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
Mozilla Firefox before 35.0 on Windows allows remote attackers to bypass the Gecko Media Plugin (GMP) sandbox protection mechanism by leveraging access to the GMP process, as demonstrated by the OpenH264 plugin's process.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or possibly execute arbitrary code via crafted H.264 video data in an m4v file.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_eus | 6.6 |
| redhat | enterprise_linux_eus | 7.1 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| redhat | enterprise_linux_eus | 7.4 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_eus | 7.7 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| debian | debian_linux | 7.0 |
| redhat | enterprise_linux_server_aus | 7.7 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_aus | 6.6 |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | seamonkey | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_eus | 7.3 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server_tus | 7.3 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_eus | 7.5 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_tus | 6.6 |
| redhat | enterprise_linux_server_tus | 7.7 |
| redhat | enterprise_linux_server_aus | 7.4 |
| gstreamer_project | gstreamer | * |
| redhat | enterprise_linux_eus | 7.2 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_eus | 7.6 |
The Reader mode feature in Mozilla Firefox before 37.0.1 on Android, and Desktop Firefox pre-release, does not properly handle privileged URLs, which makes it easier for remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging the ability to bypass the Same Origin Policy.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| oracle | solaris | 11.3 |
The HTTP Alternative Services feature in Mozilla Firefox before 37.0.1 allows man-in-the-middle attackers to bypass an intended X.509 certificate-verification step for an SSL server by specifying that server in the uri-host field of an Alt-Svc HTTP/2 response header.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 14.10 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| canonical | ubuntu_linux | 14.04 |
The PRNG implementation in the DNS resolver in Mozilla Firefox (aka Fennec) before 37.0 on Android does not properly generate random numbers for query ID values and UDP source ports, which makes it easier for remote attackers to spoof DNS responses by guessing these numbers, a related issue to CVE-2012-2808.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving anchor navigation, a similar issue to CVE-2015-0818.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 31.5.1 |
| mozilla | firefox_esr | 31.2 |
| mozilla | firefox_esr | 31.4 |
| mozilla | firefox_esr | * |
| mozilla | firefox_esr | 31.3 |
| mozilla | firefox | 31.3.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 31.5.1 |
| mozilla | firefox_esr | 31.5 |
| mozilla | firefox_esr | 31.1 |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.5.2 |
| mozilla | firefox | 31.0 |
Mozilla Firefox before 37.0 relies on docshell type information instead of page principal information for Window.webidl access control, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via certain content navigation that leverages the reachability of a privileged window with an unintended persistence of access to restricted internal methods.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 14.10 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| canonical | ubuntu_linux | 14.04 |
The HTMLSourceElement::AfterSetAttr function in Mozilla Firefox before 37.0 does not properly constrain the original data type of a casted value during the setting of a SOURCE element's attributes, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted HTML document.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 14.10 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| canonical | ubuntu_linux | 14.04 |
The HTMLSourceElement::BindToTree function in Mozilla Firefox before 37.0 does not properly constrain a data type after omitting namespace validation during certain tree-binding operations, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted HTML document containing a SOURCE element.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 14.10 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| canonical | ubuntu_linux | 14.04 |
The Off Main Thread Compositing (OMTC) implementation in Mozilla Firefox before 37.0 makes an incorrect memset call during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors that trigger rendering of 2D graphics content.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-17,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 14.10 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| canonical | ubuntu_linux | 14.04 |
The Off Main Thread Compositing (OMTC) implementation in Mozilla Firefox before 37.0 attempts to use memset for a memory region of negative length during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors that trigger rendering of 2D graphics content.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-17,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 14.10 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| canonical | ubuntu_linux | 14.04 |
The navigator.sendBeacon implementation in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 processes HTTP 30x status codes for redirects after a preflight request has occurred, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site, a similar issue to CVE-2014-8638.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 31.5.1 |
| mozilla | firefox_esr | 31.2 |
| mozilla | firefox_esr | 31.4 |
| mozilla | firefox | 31.5.3 |
| mozilla | firefox_esr | 31.3 |
| mozilla | firefox | 31.3.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 31.5.1 |
| mozilla | firefox_esr | 31.5 |
| mozilla | firefox_esr | 31.1 |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.5.2 |
| mozilla | firefox | 31.0 |
The webrtc::VPMContentAnalysis::Release function in the WebRTC implementation in Mozilla Firefox before 37.0 uses incompatible approaches to the deallocation of memory for simple-type arrays, which might allow remote attackers to cause a denial of service (memory corruption) via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-17,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 14.10 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| canonical | ubuntu_linux | 14.04 |
Mozilla Firefox before 37.0 on OS X does not ensure that the cursor is visible, which allows remote attackers to conduct clickjacking attacks via a Flash object in conjunction with DIV elements associated with layered presentation, and crafted JavaScript code that interacts with an IMG element.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The QCMS implementation in Mozilla Firefox before 37.0 allows remote attackers to obtain sensitive information from process heap memory or cause a denial of service (out-of-bounds read) via an image that is improperly handled during transformation.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 14.10 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| canonical | ubuntu_linux | 14.04 |
Mozilla Firefox before 37.0 does not require an HTTPS session for lightweight theme add-on installations, which allows man-in-the-middle attackers to bypass an intended user-confirmation requirement by deploying a crafted web site and conducting a DNS spoofing attack against a mozilla.org subdomain.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-17,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox | 36.0.4 |
| canonical | ubuntu_linux | 14.10 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| canonical | ubuntu_linux | 14.04 |
Use-after-free vulnerability in the AppendElements function in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 on Linux, when the Fluendo MP3 plugin for GStreamer is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted MP3 file.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 37.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 36.0.4 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 do not properly restrict resource: URLs, which makes it easier for remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging the ability to bypass the Same Origin Policy, as demonstrated by the resource: URL associated with PDF.js.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
The asm.js implementation in Mozilla Firefox before 36.0.3, Firefox ESR 31.x before 31.5.2, and SeaMonkey before 2.33.1 does not properly determine the cases in which bounds checking may be safely skipped during JIT compilation and heap access, which allows remote attackers to read or write to unintended memory locations, and consequently execute arbitrary code, via crafted JavaScript.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-17,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 31.5.1 |
| mozilla | firefox_esr | 31.2 |
| mozilla | firefox_esr | 31.4 |
| mozilla | firefox_esr | 31.3 |
| mozilla | firefox | 31.3.0 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | firefox | 31.5.1 |
| mozilla | firefox_esr | 31.5 |
| mozilla | firefox_esr | 31.1 |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
Mozilla Firefox before 36.0.4, Firefox ESR 31.x before 31.5.3, and SeaMonkey before 2.33.1 allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving SVG hash navigation.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 31.5.1 |
| mozilla | firefox_esr | 31.2 |
| mozilla | firefox_esr | 31.4 |
| mozilla | firefox_esr | 31.3 |
| mozilla | firefox | 31.3.0 |
| mozilla | firefox | * |
| mozilla | seamonkey | * |
| mozilla | firefox | 31.5.1 |
| mozilla | firefox_esr | 31.5 |
| mozilla | firefox_esr | 31.1 |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.5.2 |
| mozilla | firefox | 31.0 |
The UITour::onPageEvent function in Mozilla Firefox before 36.0 does not ensure that an API call originates from a foreground tab, which allows remote attackers to conduct spoofing and clickjacking attacks by leveraging access to a UI Tour web site.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-19,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 3.6.27 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 32.0 |
| mozilla | firefox | 3.5.1 |
| opensuse | opensuse | 13.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 17.0.4 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox | 27.0.1 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 25.0.1 |
| mozilla | firefox | 18.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 29.0.1 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 17.0.6 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 16.0.2 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 27.0 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 16.0 |
| mozilla | firefox | 3.6.24 |
| mozilla | firefox | 10.0.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 29.0 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 17.0.2 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 23.0.1 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 22.0 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 10.0.10 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 18.0.2 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 17.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 10.0.8 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 28.0 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.6.26 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 3.6.25 |
| mozilla | firefox | 17.0.11 |
| mozilla | firefox | 10.0.7 |
| mozilla | firefox | 0.9.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 25.0 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 14.0 |
| mozilla | firefox | 3.0.18 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 17.0.10 |
| mozilla | firefox | 33.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 10.0.9 |
| mozilla | firefox | 10.0.12 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 21.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 34.0.5 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 10.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 24.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 3.6.28 |
| mozilla | firefox | 24.0 |
| mozilla | firefox | 3.0.19 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 15.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 13.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| canonical | ubuntu_linux | 14.10 |
| mozilla | firefox | 3.0.4 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 17.0.9 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 17.0.8 |
| mozilla | firefox | 15.0 |
| mozilla | firefox | 18.0 |
| mozilla | firefox | 10.0.5 |
| mozilla | firefox | 16.0.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 14.0.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | firefox | 26.0 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
| mozilla | firefox | 31.0 |
Mozilla Firefox before 36.0 does not properly restrict transitions of JavaScript objects from a non-extensible state to an extensible state, which allows remote attackers to bypass a Caja Compiler sandbox protection mechanism or a Secure EcmaScript sandbox protection mechanism via a crafted web site.
CVSS 2.0
Severity: LOW
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 3.6.27 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 32.0 |
| mozilla | firefox | 3.5.1 |
| opensuse | opensuse | 13.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 17.0.4 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox | 27.0.1 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 25.0.1 |
| mozilla | firefox | 18.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 29.0.1 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 17.0.6 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 16.0.2 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 27.0 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 16.0 |
| mozilla | firefox | 3.6.24 |
| mozilla | firefox | 10.0.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 29.0 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 17.0.2 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 23.0.1 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 22.0 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 10.0.10 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 18.0.2 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 17.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 10.0.8 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 28.0 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.6.26 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 3.6.25 |
| mozilla | firefox | 17.0.11 |
| mozilla | firefox | 10.0.7 |
| mozilla | firefox | 0.9.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 25.0 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 14.0 |
| mozilla | firefox | 3.0.18 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 17.0.10 |
| mozilla | firefox | 33.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 10.0.9 |
| mozilla | firefox | 10.0.12 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 21.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 34.0.5 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 10.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 24.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 3.6.28 |
| mozilla | firefox | 24.0 |
| mozilla | firefox | 3.0.19 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 15.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 13.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| canonical | ubuntu_linux | 14.10 |
| mozilla | firefox | 3.0.4 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 17.0.9 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 17.0.8 |
| mozilla | firefox | 15.0 |
| mozilla | firefox | 18.0 |
| mozilla | firefox | 10.0.5 |
| mozilla | firefox | 16.0.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 14.0.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | firefox | 26.0 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
| mozilla | firefox | 31.0 |
Mozilla Firefox before 36.0 allows user-assisted remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 3.6.27 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 32.0 |
| mozilla | firefox | 3.5.1 |
| opensuse | opensuse | 13.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 17.0.4 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox | 27.0.1 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 25.0.1 |
| mozilla | firefox | 18.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 29.0.1 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 17.0.6 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 16.0.2 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 27.0 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 16.0 |
| mozilla | firefox | 3.6.24 |
| mozilla | firefox | 10.0.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 29.0 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 17.0.2 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 23.0.1 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 22.0 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 10.0.10 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 18.0.2 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 17.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 10.0.8 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 28.0 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.6.26 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 3.6.25 |
| mozilla | firefox | 17.0.11 |
| mozilla | firefox | 10.0.7 |
| mozilla | firefox | 0.9.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 25.0 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 14.0 |
| mozilla | firefox | 3.0.18 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 17.0.10 |
| mozilla | firefox | 33.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 10.0.9 |
| mozilla | firefox | 10.0.12 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 21.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 34.0.5 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 10.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 24.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 3.6.28 |
| mozilla | firefox | 24.0 |
| mozilla | firefox | 3.0.19 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 15.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 13.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| canonical | ubuntu_linux | 14.10 |
| mozilla | firefox | 3.0.4 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 17.0.9 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 17.0.8 |
| mozilla | firefox | 15.0 |
| mozilla | firefox | 18.0 |
| mozilla | firefox | 10.0.5 |
| mozilla | firefox | 16.0.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 14.0.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | firefox | 26.0 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
| mozilla | firefox | 31.0 |
The Form Autocompletion feature in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to read arbitrary files via crafted JavaScript code.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 3.6.27 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox_esr | 31.5 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 32.0 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 17.0.4 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 27.0.1 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 25.0.1 |
| mozilla | firefox | 18.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 29.0.1 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 17.0.6 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 16.0.2 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 27.0 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 16.0 |
| mozilla | firefox | 3.6.24 |
| mozilla | firefox | 10.0.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 29.0 |
| mozilla | firefox | 0.7 |
| mozilla | firefox_esr | 31.1 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 17.0.2 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox_esr | 31.3 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 23.0.1 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 22.0 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 10.0.10 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 18.0.2 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 17.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 10.0.8 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 28.0 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.6.26 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 3.6.25 |
| mozilla | firefox | 17.0.11 |
| mozilla | firefox | 10.0.7 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 25.0 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 31.0 |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 14.0 |
| mozilla | firefox | 3.0.18 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 17.0.10 |
| mozilla | firefox | 33.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 10.0.9 |
| mozilla | firefox | 10.0.12 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 21.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 34.0.5 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 10.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 24.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 3.6.28 |
| mozilla | firefox | 24.0 |
| mozilla | firefox | 3.0.19 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | thunderbird | 31.3 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox_esr | 31.2 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 15.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 13.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox_esr | 31.4 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 17.0.9 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | thunderbird | 31.2 |
| mozilla | firefox | 17.0.8 |
| mozilla | firefox | 15.0 |
| mozilla | firefox | 18.0 |
| mozilla | firefox | 10.0.5 |
| mozilla | firefox | 16.0.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 14.0.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | firefox | 26.0 |
| mozilla | thunderbird | 31.1.2 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
| mozilla | firefox | 31.0 |
Multiple use-after-free vulnerabilities in OpenType Sanitiser, as used in Mozilla Firefox before 36.0, might allow remote attackers to trigger problematic Developer Console information or possibly have unspecified other impact by leveraging incorrect macro expansion, related to the ots::ots_gasp_parse function.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 3.6.27 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 32.0 |
| mozilla | firefox | 3.5.1 |
| opensuse | opensuse | 13.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 17.0.4 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox | 27.0.1 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 25.0.1 |
| mozilla | firefox | 18.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 29.0.1 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 17.0.6 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 16.0.2 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 27.0 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 16.0 |
| mozilla | firefox | 3.6.24 |
| mozilla | firefox | 10.0.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 29.0 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 17.0.2 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 23.0.1 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 22.0 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 10.0.10 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 18.0.2 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 17.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 10.0.8 |
| opentype_sanitiser_project | opentype_sanitiser | * |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 28.0 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.6.26 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 3.6.25 |
| mozilla | firefox | 17.0.11 |
| mozilla | firefox | 10.0.7 |
| mozilla | firefox | 0.9.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 25.0 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 14.0 |
| mozilla | firefox | 3.0.18 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 17.0.10 |
| mozilla | firefox | 33.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 10.0.9 |
| mozilla | firefox | 10.0.12 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 21.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 34.0.5 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 10.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 24.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 3.6.28 |
| mozilla | firefox | 24.0 |
| mozilla | firefox | 3.0.19 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 15.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 13.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| canonical | ubuntu_linux | 14.10 |
| mozilla | firefox | 3.0.4 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 17.0.9 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 17.0.8 |
| mozilla | firefox | 15.0 |
| mozilla | firefox | 18.0 |
| mozilla | firefox | 10.0.5 |
| mozilla | firefox | 16.0.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 14.0.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | firefox | 26.0 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
| mozilla | firefox | 31.0 |
The mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 36.0 allows remote attackers to cause a denial of service (out-of-bounds write of zero values, and application crash) via vectors that trigger use of DrawTarget and the Cairo library for image drawing.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 3.6.27 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 32.0 |
| mozilla | firefox | 3.5.1 |
| opensuse | opensuse | 13.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 17.0.4 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox | 27.0.1 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 25.0.1 |
| mozilla | firefox | 18.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 29.0.1 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 17.0.6 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 16.0.2 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 27.0 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 16.0 |
| mozilla | firefox | 3.6.24 |
| mozilla | firefox | 10.0.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 29.0 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 17.0.2 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 23.0.1 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 22.0 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 10.0.10 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 18.0.2 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 17.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 10.0.8 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 28.0 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.6.26 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 3.6.25 |
| mozilla | firefox | 17.0.11 |
| mozilla | firefox | 10.0.7 |
| mozilla | firefox | 0.9.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 25.0 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 14.0 |
| mozilla | firefox | 3.0.18 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 17.0.10 |
| mozilla | firefox | 33.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 10.0.9 |
| mozilla | firefox | 10.0.12 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 21.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 34.0.5 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 10.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 24.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 3.6.28 |
| mozilla | firefox | 24.0 |
| mozilla | firefox | 3.0.19 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 15.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 13.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| canonical | ubuntu_linux | 14.10 |
| mozilla | firefox | 3.0.4 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 17.0.9 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 17.0.8 |
| mozilla | firefox | 15.0 |
| mozilla | firefox | 18.0 |
| mozilla | firefox | 10.0.5 |
| mozilla | firefox | 16.0.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 14.0.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | firefox | 26.0 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
| mozilla | firefox | 31.0 |
Stack-based buffer underflow in the mozilla::MP3FrameParser::ParseBuffer function in Mozilla Firefox before 36.0 allows remote attackers to obtain sensitive information from process memory via a malformed MP3 file that improperly interacts with memory allocation during playback.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 3.6.27 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 32.0 |
| mozilla | firefox | 3.5.1 |
| opensuse | opensuse | 13.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 17.0.4 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox | 27.0.1 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 25.0.1 |
| mozilla | firefox | 18.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 29.0.1 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 17.0.6 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 16.0.2 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 27.0 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 16.0 |
| mozilla | firefox | 3.6.24 |
| mozilla | firefox | 10.0.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 29.0 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 17.0.2 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 23.0.1 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 22.0 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 10.0.10 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 18.0.2 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 17.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 10.0.8 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 28.0 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.6.26 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 3.6.25 |
| mozilla | firefox | 17.0.11 |
| mozilla | firefox | 10.0.7 |
| mozilla | firefox | 0.9.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 25.0 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 14.0 |
| mozilla | firefox | 3.0.18 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 17.0.10 |
| mozilla | firefox | 33.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 10.0.9 |
| mozilla | firefox | 10.0.12 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 21.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 34.0.5 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 10.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 24.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 3.6.28 |
| mozilla | firefox | 24.0 |
| mozilla | firefox | 3.0.19 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 15.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 13.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| canonical | ubuntu_linux | 14.10 |
| mozilla | firefox | 3.0.4 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 17.0.9 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 17.0.8 |
| mozilla | firefox | 15.0 |
| mozilla | firefox | 18.0 |
| mozilla | firefox | 10.0.5 |
| mozilla | firefox | 16.0.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 14.0.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | firefox | 26.0 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
| mozilla | firefox | 31.0 |
The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read of heap memory) via a crafted Cascading Style Sheets (CSS) token sequence that triggers a restyle or reflow operation.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 3.6.27 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 32.0 |
| mozilla | firefox | 3.5.1 |
| opensuse | opensuse | 13.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 17.0.4 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox | 27.0.1 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 25.0.1 |
| mozilla | firefox | 18.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 29.0.1 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 17.0.6 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 16.0.2 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 27.0 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 16.0 |
| mozilla | firefox | 3.6.24 |
| mozilla | firefox | 10.0.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 29.0 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 17.0.2 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 23.0.1 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 22.0 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 10.0.10 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 18.0.2 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 17.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 10.0.8 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 28.0 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.6.26 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 3.6.25 |
| mozilla | firefox | 17.0.11 |
| mozilla | firefox | 10.0.7 |
| mozilla | firefox | 0.9.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 25.0 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 14.0 |
| mozilla | firefox | 3.0.18 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 17.0.10 |
| mozilla | firefox | 33.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 10.0.9 |
| mozilla | firefox | 10.0.12 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 21.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 34.0.5 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 10.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 24.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 3.6.28 |
| mozilla | firefox | 24.0 |
| mozilla | firefox | 3.0.19 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 15.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 13.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| canonical | ubuntu_linux | 14.10 |
| mozilla | firefox | 3.0.4 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 17.0.9 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 17.0.8 |
| mozilla | firefox | 15.0 |
| mozilla | firefox | 18.0 |
| mozilla | firefox | 10.0.5 |
| mozilla | firefox | 16.0.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 14.0.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | firefox | 26.0 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
| mozilla | firefox | 31.0 |
Heap-based buffer overflow in the mozilla::gfx::CopyRect function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to obtain sensitive information from uninitialized process memory via a malformed SVG graphic.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 3.6.27 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox_esr | 31.5 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 32.0 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 17.0.4 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 27.0.1 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 25.0.1 |
| mozilla | firefox | 18.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 29.0.1 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 17.0.6 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 16.0.2 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 27.0 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 16.0 |
| mozilla | firefox | 3.6.24 |
| mozilla | firefox | 10.0.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 29.0 |
| mozilla | firefox | 0.7 |
| mozilla | firefox_esr | 31.1 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 17.0.2 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox_esr | 31.3 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 23.0.1 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 22.0 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 10.0.10 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 18.0.2 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 17.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 10.0.8 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 28.0 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.6.26 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 3.6.25 |
| mozilla | firefox | 17.0.11 |
| mozilla | firefox | 10.0.7 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 25.0 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 31.0 |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 14.0 |
| mozilla | firefox | 3.0.18 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 17.0.10 |
| mozilla | firefox | 33.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 10.0.9 |
| mozilla | firefox | 10.0.12 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 21.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 34.0.5 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 10.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 24.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 3.6.28 |
| mozilla | firefox | 24.0 |
| mozilla | firefox | 3.0.19 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | thunderbird | 31.3 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox_esr | 31.2 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 15.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 13.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox_esr | 31.4 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 17.0.9 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | thunderbird | 31.2 |
| mozilla | firefox | 17.0.8 |
| mozilla | firefox | 15.0 |
| mozilla | firefox | 18.0 |
| mozilla | firefox | 10.0.5 |
| mozilla | firefox | 16.0.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 14.0.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | firefox | 26.0 |
| mozilla | thunderbird | 31.1.2 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
| mozilla | firefox | 31.0 |
Double free vulnerability in the nsXMLHttpRequest::GetResponse function in Mozilla Firefox before 36.0, when a nonstandard memory allocator is used, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted JavaScript code that makes an XMLHttpRequest call with zero bytes of data.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 3.6.27 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 32.0 |
| mozilla | firefox | 3.5.1 |
| opensuse | opensuse | 13.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 17.0.4 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 27.0.1 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 25.0.1 |
| mozilla | firefox | 18.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 29.0.1 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 17.0.6 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 16.0.2 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 27.0 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 16.0 |
| mozilla | firefox | 3.6.24 |
| mozilla | firefox | 10.0.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 29.0 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 17.0.2 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 23.0.1 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 22.0 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 10.0.10 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 18.0.2 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 17.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 10.0.8 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 28.0 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.6.26 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 3.6.25 |
| mozilla | firefox | 17.0.11 |
| mozilla | firefox | 10.0.7 |
| mozilla | firefox | 0.9.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 25.0 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 14.0 |
| mozilla | firefox | 3.0.18 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 17.0.10 |
| mozilla | firefox | 33.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 10.0.9 |
| mozilla | firefox | 10.0.12 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 21.0 |
| oracle | solaris | 11.3 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 34.0.5 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 10.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 24.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 3.6.28 |
| mozilla | firefox | 24.0 |
| mozilla | firefox | 3.0.19 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 15.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 13.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 17.0.9 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 17.0.8 |
| mozilla | firefox | 15.0 |
| mozilla | firefox | 18.0 |
| mozilla | firefox | 10.0.5 |
| mozilla | firefox | 16.0.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 14.0.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | firefox | 26.0 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
| mozilla | firefox | 31.0 |
Buffer overflow in libstagefright in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code via a crafted MP4 video that is improperly handled during playback.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 3.6.27 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 32.0 |
| mozilla | firefox | 3.5.1 |
| opensuse | opensuse | 13.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 17.0.4 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox | 27.0.1 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 25.0.1 |
| mozilla | firefox | 18.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 29.0.1 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 17.0.6 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 16.0.2 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 27.0 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 16.0 |
| mozilla | firefox | 3.6.24 |
| mozilla | firefox | 10.0.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 29.0 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 17.0.2 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 23.0.1 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 22.0 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 10.0.10 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 18.0.2 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 17.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 10.0.8 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 28.0 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.6.26 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 3.6.25 |
| mozilla | firefox | 17.0.11 |
| mozilla | firefox | 10.0.7 |
| mozilla | firefox | 0.9.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 25.0 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 14.0 |
| mozilla | firefox | 3.0.18 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 17.0.10 |
| mozilla | firefox | 33.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 10.0.9 |
| mozilla | firefox | 10.0.12 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 21.0 |
| oracle | solaris | 11.3 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 34.0.5 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 10.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 24.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 3.6.28 |
| mozilla | firefox | 24.0 |
| mozilla | firefox | 3.0.19 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 15.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 13.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| canonical | ubuntu_linux | 14.10 |
| mozilla | firefox | 3.0.4 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 17.0.9 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 17.0.8 |
| mozilla | firefox | 15.0 |
| mozilla | firefox | 18.0 |
| mozilla | firefox | 10.0.5 |
| mozilla | firefox | 16.0.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 14.0.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | firefox | 26.0 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
| mozilla | firefox | 31.0 |
The WebGL implementation in Mozilla Firefox before 36.0 does not properly allocate memory for copying an unspecified string to a shader's compilation log, which allows remote attackers to cause a denial of service (application crash) via crafted WebGL content.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 3.6.27 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 32.0 |
| mozilla | firefox | 3.5.1 |
| opensuse | opensuse | 13.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 17.0.4 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox | 27.0.1 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 25.0.1 |
| mozilla | firefox | 18.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 29.0.1 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 17.0.6 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 16.0.2 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 27.0 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 16.0 |
| mozilla | firefox | 3.6.24 |
| mozilla | firefox | 10.0.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 29.0 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 17.0.2 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 23.0.1 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 22.0 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 10.0.10 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 18.0.2 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 17.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 10.0.8 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 28.0 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.6.26 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 3.6.25 |
| mozilla | firefox | 17.0.11 |
| mozilla | firefox | 10.0.7 |
| mozilla | firefox | 0.9.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 25.0 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 14.0 |
| mozilla | firefox | 3.0.18 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 17.0.10 |
| mozilla | firefox | 33.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 10.0.9 |
| mozilla | firefox | 10.0.12 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 21.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 34.0.5 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 10.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 24.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 3.6.28 |
| mozilla | firefox | 24.0 |
| mozilla | firefox | 3.0.19 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 15.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 13.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| canonical | ubuntu_linux | 14.10 |
| mozilla | firefox | 3.0.4 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 17.0.9 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 17.0.8 |
| mozilla | firefox | 15.0 |
| mozilla | firefox | 18.0 |
| mozilla | firefox | 10.0.5 |
| mozilla | firefox | 16.0.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 14.0.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | firefox | 26.0 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
| mozilla | firefox | 31.0 |
Use-after-free vulnerability in the mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted content that is improperly handled during IndexedDB index creation.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 3.6.27 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox_esr | 31.5 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 32.0 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 17.0.4 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox | 27.0.1 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 25.0.1 |
| mozilla | firefox | 18.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 29.0.1 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 17.0.6 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 16.0.2 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 27.0 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 16.0 |
| mozilla | firefox | 3.6.24 |
| mozilla | firefox | 10.0.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 29.0 |
| mozilla | firefox | 0.7 |
| mozilla | firefox_esr | 31.1 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 17.0.3 |
| redhat | enterprise_linux | 6.0 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 17.0.2 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox_esr | 31.3 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 23.0.1 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 22.0 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 10.0.10 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 18.0.2 |
| mozilla | firefox | 3.5.10 |
| redhat | enterprise_linux | 5 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 17.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 10.0.8 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 28.0 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.6.26 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 3.6.25 |
| mozilla | firefox | 17.0.11 |
| mozilla | firefox | 10.0.7 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 25.0 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 31.0 |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 14.0 |
| mozilla | firefox | 3.0.18 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 17.0.10 |
| mozilla | firefox | 33.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 10.0.9 |
| mozilla | firefox | 10.0.12 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 21.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 34.0.5 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 10.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 24.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 3.6.28 |
| mozilla | firefox | 24.0 |
| mozilla | firefox | 3.0.19 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | thunderbird | 31.3 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox_esr | 31.2 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 15.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 13.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| canonical | ubuntu_linux | 14.10 |
| mozilla | firefox | 3.0.4 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox_esr | 31.4 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 17.0.9 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | thunderbird | 31.2 |
| mozilla | firefox | 17.0.8 |
| mozilla | firefox | 15.0 |
| mozilla | firefox | 18.0 |
| mozilla | firefox | 10.0.5 |
| mozilla | firefox | 16.0.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 14.0.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | firefox | 26.0 |
| mozilla | thunderbird | 31.1.2 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
| mozilla | firefox | 31.0 |
Mozilla Firefox before 36.0 does not properly recognize the equivalence of domain names with and without a trailing . (dot) character, which allows man-in-the-middle attackers to bypass the HPKP and HSTS protection mechanisms by constructing a URL with this character and leveraging access to an X.509 certificate for a domain with this character.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-254,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 3.6.27 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 32.0 |
| mozilla | firefox | 3.5.1 |
| opensuse | opensuse | 13.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 17.0.4 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox | 27.0.1 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 25.0.1 |
| mozilla | firefox | 18.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 29.0.1 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 17.0.6 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 16.0.2 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 27.0 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 16.0 |
| mozilla | firefox | 3.6.24 |
| mozilla | firefox | 10.0.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 29.0 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 17.0.2 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 23.0.1 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 22.0 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 10.0.10 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 18.0.2 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 17.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 10.0.8 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 28.0 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.6.26 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 3.6.25 |
| mozilla | firefox | 17.0.11 |
| mozilla | firefox | 10.0.7 |
| mozilla | firefox | 0.9.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 25.0 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 14.0 |
| mozilla | firefox | 3.0.18 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 17.0.10 |
| mozilla | firefox | 33.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 10.0.9 |
| mozilla | firefox | 10.0.12 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 21.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 34.0.5 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 10.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 24.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 3.6.28 |
| mozilla | firefox | 24.0 |
| mozilla | firefox | 3.0.19 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 15.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 13.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| canonical | ubuntu_linux | 14.10 |
| mozilla | firefox | 3.0.4 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 17.0.9 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 17.0.8 |
| mozilla | firefox | 15.0 |
| mozilla | firefox | 18.0 |
| mozilla | firefox | 10.0.5 |
| mozilla | firefox | 16.0.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 14.0.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | firefox | 26.0 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
| mozilla | firefox | 31.0 |
Multiple untrusted search path vulnerabilities in updater.exe in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 on Windows, when the Maintenance Service is not used, allow local users to gain privileges via a Trojan horse DLL in (1) the current working directory or (2) a temporary directory, as demonstrated by bcrypt.dll.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 3.6.27 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox_esr | 31.5 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 32.0 |
| mozilla | firefox | 3.5.1 |
| opensuse | opensuse | 13.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 17.0.4 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 27.0.1 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 25.0.1 |
| mozilla | firefox | 18.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 29.0.1 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 17.0.6 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 16.0.2 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 27.0 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 16.0 |
| mozilla | firefox | 3.6.24 |
| mozilla | firefox | 10.0.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 29.0 |
| mozilla | firefox | 0.7 |
| mozilla | firefox_esr | 31.1 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 17.0.2 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox_esr | 31.3 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 23.0.1 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 22.0 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 10.0.10 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 18.0.2 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 17.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 10.0.8 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 28.0 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.6.26 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 3.6.25 |
| mozilla | firefox | 17.0.11 |
| mozilla | firefox | 10.0.7 |
| mozilla | firefox | 0.9.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 25.0 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 31.0 |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 14.0 |
| mozilla | firefox | 3.0.18 |
| opensuse | evergreen | 11.4 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 17.0.10 |
| mozilla | firefox | 33.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 10.0.9 |
| mozilla | firefox | 10.0.12 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 21.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 34.0.5 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 10.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 24.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 3.6.28 |
| mozilla | firefox | 24.0 |
| mozilla | firefox | 3.0.19 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | thunderbird | 31.3 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox_esr | 31.2 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 15.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 13.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox_esr | 31.4 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 17.0.9 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | thunderbird | 31.2 |
| mozilla | firefox | 17.0.8 |
| mozilla | firefox | 15.0 |
| mozilla | firefox | 18.0 |
| mozilla | firefox | 10.0.5 |
| mozilla | firefox | 16.0.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 14.0.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | firefox | 26.0 |
| mozilla | thunderbird | 31.1.2 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
| mozilla | firefox | 31.0 |
The WebRTC subsystem in Mozilla Firefox before 36.0 recognizes turns: and stuns: URIs but accesses the TURN or STUN server without using TLS, which makes it easier for man-in-the-middle attackers to discover credentials by spoofing a server and completing a brute-force attack within a short time window.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 3.6.27 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 32.0 |
| mozilla | firefox | 3.5.1 |
| opensuse | opensuse | 13.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 17.0.4 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox | 27.0.1 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 25.0.1 |
| mozilla | firefox | 18.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 29.0.1 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 17.0.6 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 16.0.2 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 27.0 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 16.0 |
| mozilla | firefox | 3.6.24 |
| mozilla | firefox | 10.0.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 29.0 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 17.0.2 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 23.0.1 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 22.0 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 10.0.10 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 18.0.2 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 17.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 10.0.8 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 28.0 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.6.26 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 3.6.25 |
| mozilla | firefox | 17.0.11 |
| mozilla | firefox | 10.0.7 |
| mozilla | firefox | 0.9.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 25.0 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 14.0 |
| mozilla | firefox | 3.0.18 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 17.0.10 |
| mozilla | firefox | 33.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 10.0.9 |
| mozilla | firefox | 10.0.12 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 21.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 34.0.5 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 10.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 24.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 3.6.28 |
| mozilla | firefox | 24.0 |
| mozilla | firefox | 3.0.19 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 15.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 13.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| canonical | ubuntu_linux | 14.10 |
| mozilla | firefox | 3.0.4 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 17.0.9 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 17.0.8 |
| mozilla | firefox | 15.0 |
| mozilla | firefox | 18.0 |
| mozilla | firefox | 10.0.5 |
| mozilla | firefox | 16.0.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 14.0.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | firefox | 26.0 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
| mozilla | firefox | 31.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 36.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 3.6.27 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 32.0 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 17.0.4 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 27.0.1 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 25.0.1 |
| mozilla | firefox | 18.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 29.0.1 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 17.0.6 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 16.0.2 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 27.0 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 16.0 |
| mozilla | firefox | 3.6.24 |
| mozilla | firefox | 10.0.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 29.0 |
| mozilla | firefox | 0.7 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 17.0.2 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 23.0.1 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 22.0 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 10.0.10 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 18.0.2 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 17.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 10.0.8 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 28.0 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.6.26 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 3.6.25 |
| mozilla | firefox | 17.0.11 |
| mozilla | firefox | 10.0.7 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 25.0 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 14.0 |
| mozilla | firefox | 3.0.18 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 17.0.10 |
| mozilla | firefox | 33.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 10.0.9 |
| mozilla | firefox | 10.0.12 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 21.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 34.0.5 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 10.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 24.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 3.6.28 |
| mozilla | firefox | 24.0 |
| mozilla | firefox | 3.0.19 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 15.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 13.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 17.0.9 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 17.0.8 |
| mozilla | firefox | 15.0 |
| mozilla | firefox | 18.0 |
| mozilla | firefox | 10.0.5 |
| mozilla | firefox | 16.0.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 14.0.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | firefox | 26.0 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
| mozilla | firefox | 31.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.8 |
| mozilla | firefox | 3.6.10 |
| mozilla | firefox | 20.0 |
| mozilla | firefox | 3.5.7 |
| mozilla | firefox | 3.6.23 |
| mozilla | firefox | 2.0.0.6 |
| mozilla | firefox | 2.0.0.17 |
| mozilla | firefox | 6.0 |
| mozilla | firefox | 3.5.16 |
| mozilla | firefox | 3.6.27 |
| mozilla | firefox | 1.0.3 |
| mozilla | firefox | 3.5.18 |
| mozilla | firefox | 1.4.1 |
| mozilla | firefox_esr | 31.5 |
| mozilla | firefox | 0.1 |
| mozilla | firefox | 19.0.2 |
| mozilla | firefox | 32.0 |
| mozilla | firefox | 3.5.1 |
| mozilla | firefox | 11.0 |
| mozilla | firefox | 3.0.15 |
| mozilla | firefox | 17.0.4 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 2.0.0.4 |
| mozilla | firefox | 2.0.0.8 |
| mozilla | firefox | 1.5.1 |
| mozilla | firefox | 2.0.0.15 |
| mozilla | firefox | 27.0.1 |
| mozilla | firefox | 7.0.1 |
| mozilla | firefox | 25.0.1 |
| mozilla | firefox | 18.0.1 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 2.0.0.13 |
| mozilla | firefox | 29.0.1 |
| mozilla | firefox | 0.5 |
| mozilla | firefox | 2.0.0.11 |
| mozilla | firefox | 17.0.6 |
| mozilla | firefox | 2.0.0.16 |
| mozilla | firefox | 16.0.2 |
| mozilla | firefox | 2.0.0.9 |
| mozilla | thunderbird | * |
| mozilla | firefox | 3.5.15 |
| mozilla | firefox | 27.0 |
| mozilla | firefox | 1.5.0.12 |
| mozilla | firefox | 0.7.1 |
| mozilla | firefox | 3.0.10 |
| mozilla | firefox | 3.5.19 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 16.0 |
| mozilla | firefox | 3.6.24 |
| mozilla | firefox | 10.0.3 |
| mozilla | firefox | 1.5.5 |
| mozilla | firefox | 0.6 |
| mozilla | firefox | 29.0 |
| mozilla | firefox | 0.7 |
| mozilla | firefox_esr | 31.1 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.5.0.10 |
| mozilla | firefox | 17.0.3 |
| mozilla | firefox | 8.0 |
| mozilla | firefox | 12.0 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 3.6.16 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 9.0.1 |
| mozilla | firefox | 17.0.1 |
| mozilla | firefox | 3.6.20 |
| mozilla | firefox | 17.0.2 |
| mozilla | firefox | 2.0.0.5 |
| mozilla | firefox_esr | 31.3 |
| mozilla | firefox | 2.0.0.3 |
| mozilla | firefox | 8.0.1 |
| mozilla | firefox | 23.0.1 |
| mozilla | firefox | 3.5.6 |
| mozilla | firefox | 20.0.1 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 3.0.11 |
| mozilla | firefox | 9.0 |
| mozilla | firefox | 3.5.12 |
| mozilla | firefox | 22.0 |
| mozilla | firefox | 10.0.1 |
| mozilla | firefox | 10.0.10 |
| mozilla | firefox | 2.0.0.12 |
| mozilla | firefox | 18.0.2 |
| mozilla | firefox | 3.5.10 |
| mozilla | firefox | 1.5.0.9 |
| mozilla | firefox | 3.6.19 |
| mozilla | firefox | 24.1.1 |
| mozilla | firefox | 0.3 |
| mozilla | firefox | 23.0 |
| mozilla | firefox | 3.6.15 |
| mozilla | firefox | 19.0 |
| mozilla | firefox | 1.8 |
| mozilla | firefox | 4.0.1 |
| mozilla | firefox | 0.2 |
| mozilla | firefox | 2.0.0.14 |
| mozilla | firefox | 3.5.5 |
| mozilla | firefox | 17.0.5 |
| mozilla | firefox | 2.0.0.20 |
| mozilla | firefox | 10.0.8 |
| mozilla | firefox | 3.5.9 |
| mozilla | firefox | 28.0 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 2.0.0.19 |
| mozilla | firefox | 3.6.26 |
| mozilla | firefox | 3.5.2 |
| mozilla | firefox | * |
| mozilla | firefox | 0.6.1 |
| mozilla | firefox | 3.6.25 |
| mozilla | firefox | 17.0.11 |
| mozilla | firefox | 10.0.7 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 3.6.14 |
| mozilla | firefox | 3.0.7 |
| mozilla | firefox | 3.0.16 |
| mozilla | firefox | 19.0.1 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 2.0.0.2 |
| mozilla | firefox | 3.6.9 |
| mozilla | firefox | 3.6.4 |
| mozilla | firefox | 25.0 |
| mozilla | firefox | 3.5.8 |
| mozilla | firefox | 3.0.8 |
| mozilla | thunderbird | 31.0 |
| mozilla | firefox | 30.0 |
| mozilla | firefox | 3.5.14 |
| mozilla | firefox | 10.0.2 |
| mozilla | firefox | 3.5.17 |
| mozilla | firefox | 3.0.6 |
| mozilla | firefox | 7.0 |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 14.0 |
| mozilla | firefox | 3.0.18 |
| mozilla | firefox | 1.5.0.11 |
| mozilla | firefox | 3.0.1 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 3.6.22 |
| mozilla | firefox | 17.0.10 |
| mozilla | firefox | 33.0 |
| mozilla | firefox | 5.0.1 |
| mozilla | firefox | 3.6.17 |
| mozilla | firefox | 10.0.9 |
| mozilla | firefox | 10.0.12 |
| mozilla | firefox | 3.6.13 |
| mozilla | firefox | 21.0 |
| mozilla | firefox | 3.5.13 |
| mozilla | firefox | 1.5.4 |
| mozilla | firefox | 3.0.3 |
| mozilla | firefox | 3.5.11 |
| mozilla | firefox | 34.0.5 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 17.0 |
| mozilla | firefox | 5.0 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.8 |
| mozilla | firefox | 10.0.11 |
| mozilla | firefox | 3.0.14 |
| mozilla | firefox | 4.0 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 24.1 |
| mozilla | firefox | 1.5.2 |
| mozilla | firefox | 3.6.6 |
| mozilla | firefox | 3.6.28 |
| mozilla | firefox | 24.0 |
| mozilla | firefox | 3.0.19 |
| mozilla | firefox | 2.0.0.10 |
| mozilla | firefox | 3.6.8 |
| mozilla | firefox | 3.6.11 |
| mozilla | firefox | 3.6.3 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 3.0.2 |
| mozilla | firefox | 3.0 |
| mozilla | firefox | 2.0.0.18 |
| mozilla | thunderbird | 31.3 |
| mozilla | firefox | 3.6.12 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox_esr | 31.2 |
| mozilla | firefox | 10.0 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.5.6 |
| mozilla | firefox | 3.6.18 |
| mozilla | firefox | 15.0.1 |
| mozilla | firefox | 3.6.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.8 |
| mozilla | firefox | 3.6.7 |
| mozilla | firefox | 3.0.17 |
| mozilla | firefox | 13.0.1 |
| mozilla | firefox | 3.0.9 |
| mozilla | firefox | 13.0 |
| mozilla | firefox | 3.0.12 |
| mozilla | firefox | 3.6 |
| mozilla | firefox | 2.0.0.7 |
| mozilla | firefox | 3.5 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 3.6.21 |
| mozilla | firefox | 3.0.4 |
| mozilla | firefox | 1.5.0.7 |
| mozilla | firefox | 17.0.7 |
| mozilla | firefox | 3.5.3 |
| mozilla | firefox | 2.0 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 10.0.6 |
| mozilla | firefox | 1.5.3 |
| mozilla | firefox_esr | 31.4 |
| mozilla | firefox | 3.5.4 |
| mozilla | firefox | 17.0.9 |
| mozilla | firefox | 3.0.5 |
| mozilla | firefox | 0.9.2 |
| mozilla | thunderbird | 31.2 |
| mozilla | firefox | 17.0.8 |
| mozilla | firefox | 15.0 |
| mozilla | firefox | 18.0 |
| mozilla | firefox | 10.0.5 |
| mozilla | firefox | 16.0.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 6.0.1 |
| mozilla | firefox | 0.4 |
| mozilla | firefox | 14.0.1 |
| mozilla | firefox | 2.0.0.1 |
| mozilla | firefox | 10.0.4 |
| mozilla | firefox | 26.0 |
| mozilla | thunderbird | 31.1.2 |
| mozilla | firefox | 1.5.7 |
| mozilla | firefox | 6.0.2 |
| mozilla | firefox | 3.0.13 |
| mozilla | firefox | 31.0 |
Race condition in the AsyncPaintWaitEvent::AsyncPaintWaitEvent function in Mozilla Firefox before 37.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via a crafted plugin that does not properly complete initialization.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 31.2 |
| mozilla | firefox_esr | 31.4 |
| mozilla | firefox_esr | 31.5.3 |
| mozilla | firefox_esr | 31.3 |
| mozilla | firefox | 31.3.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 31.5.1 |
| mozilla | firefox_esr | 31.5 |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 31.5.2 |
| mozilla | firefox_esr | 31.1.0 |
| mozilla | firefox_esr | 31.5.1 |
| novell | suse_linux_enterprise_desktop | 12.0 |
| mozilla | firefox_esr | 31.3.0 |
| mozilla | firefox_esr | 31.5.2 |
| novell | suse_linux_enterprise_software_development_kit | 12.0 |
| mozilla | firefox | 31.5.3 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox_esr | 31.6.0 |
| novell | suse_linux_enterprise_server | 12.0 |
| mozilla | firefox_esr | 31.0 |
| mozilla | firefox_esr | 31.1.1 |
| mozilla | firefox_esr | 31.1 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| novell | suse_linux_enterprise_desktop | 12.0 |
| mozilla | firefox | * |
| novell | suse_linux_enterprise_server | 12.0 |
| novell | suse_linux_enterprise_software_development_kit | 12.0 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
Heap-based buffer overflow in the SVGTextFrame class in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code via crafted SVG graphics data in conjunction with a crafted Cascading Style Sheets (CSS) token sequence.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 31.2 |
| mozilla | firefox_esr | 31.4 |
| mozilla | firefox_esr | 31.5.3 |
| mozilla | firefox_esr | 31.3 |
| mozilla | firefox | 31.3.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 31.5.1 |
| mozilla | firefox_esr | 31.5 |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 31.5.2 |
| mozilla | firefox_esr | 31.1.0 |
| mozilla | firefox_esr | 31.5.1 |
| novell | suse_linux_enterprise_desktop | 12.0 |
| mozilla | firefox_esr | 31.3.0 |
| mozilla | firefox_esr | 31.5.2 |
| novell | suse_linux_enterprise_software_development_kit | 12.0 |
| mozilla | firefox | 31.5.3 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox_esr | 31.6.0 |
| novell | suse_linux_enterprise_server | 12.0 |
| mozilla | firefox_esr | 31.0 |
| mozilla | firefox_esr | 31.1.1 |
| mozilla | firefox_esr | 31.1 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
Mozilla Firefox before 38.0 does not recognize a referrer policy delivered by a referrer META element in cases of context-menu navigation and middle-click navigation, which allows remote attackers to obtain sensitive information by reading web-server Referer logs that contain private data in a URL, as demonstrated by a private path component.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
The asm.js implementation in Mozilla Firefox before 38.0 does not properly determine heap lengths during identification of cases in which bounds checking may be safely skipped, which allows remote attackers to trigger out-of-bounds write operations and possibly execute arbitrary code, or trigger out-of-bounds read operations and possibly obtain sensitive information from process memory, via crafted JavaScript.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
Use-after-free vulnerability in the SetBreaks function in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a document containing crafted text in conjunction with a Cascading Style Sheets (CSS) token sequence containing properties related to vertical text.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 31.2 |
| mozilla | firefox_esr | 31.4 |
| mozilla | firefox_esr | 31.5.3 |
| mozilla | firefox_esr | 31.3 |
| mozilla | firefox | 31.3.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 31.5.1 |
| mozilla | firefox_esr | 31.5 |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 31.5.2 |
| mozilla | firefox_esr | 31.1.0 |
| mozilla | firefox_esr | 31.5.1 |
| novell | suse_linux_enterprise_desktop | 12.0 |
| mozilla | firefox_esr | 31.3.0 |
| mozilla | firefox_esr | 31.5.2 |
| novell | suse_linux_enterprise_software_development_kit | 12.0 |
| mozilla | firefox | 31.5.3 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox_esr | 31.6.0 |
| novell | suse_linux_enterprise_server | 12.0 |
| mozilla | firefox_esr | 31.0 |
| mozilla | firefox_esr | 31.1.1 |
| mozilla | firefox_esr | 31.1 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
Mozilla Firefox before 38.0 on Android does not properly restrict writing URL data to the Android logging system, which allows attackers to obtain sensitive information via a crafted application that has a required permission for reading a log, as demonstrated by the READ_LOGS permission for the mixed-content violation log on Android 4.0 and earlier.
CVSS 2.0
Severity: LOW
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Race condition in the nsThreadManager::RegisterCurrentThread function in Mozilla Firefox before 38.0 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) by leveraging improper Media Decoder Thread creation at the time of a shutdown.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code by providing a large amount of compressed XML data, a related issue to CVE-2015-1283.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 31.2 |
| mozilla | firefox_esr | 31.4 |
| mozilla | firefox_esr | 31.5.3 |
| mozilla | firefox_esr | 31.3 |
| mozilla | firefox | 31.3.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 31.5.1 |
| mozilla | firefox_esr | 31.5 |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 31.5.2 |
| mozilla | firefox_esr | 31.1.0 |
| mozilla | firefox_esr | 31.5.1 |
| novell | suse_linux_enterprise_desktop | 12.0 |
| mozilla | firefox_esr | 31.3.0 |
| mozilla | firefox_esr | 31.5.2 |
| novell | suse_linux_enterprise_software_development_kit | 12.0 |
| mozilla | firefox | 31.5.3 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox_esr | 31.6.0 |
| novell | suse_linux_enterprise_server | 12.0 |
| mozilla | firefox_esr | 31.0 |
| mozilla | firefox_esr | 31.1.1 |
| oracle | solaris | 11.3 |
| mozilla | firefox_esr | 31.1 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
Integer overflow in libstagefright in Mozilla Firefox before 38.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and out-of-bounds read) via an MP4 video file containing invalid metadata.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
The WebChannel.jsm module in Mozilla Firefox before 38.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive webchannel-response data via a crafted web site containing an IFRAME element referencing a different web site that is intended to read this data.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
The update implementation in Mozilla Firefox before 38.0 on Windows does not ensure that the pathname for updater.exe corresponds to the application directory, which might allow local users to gain privileges via a Trojan horse file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-17,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla Network Security Services (NSS) before 3.19, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, Thunderbird before 38.1, and other products, does not properly determine state transitions for the TLS state machine, which allows man-in-the-middle attackers to defeat cryptographic protection mechanisms by blocking messages, as demonstrated by removing a forward-secrecy property by blocking a ServerKeyExchange message, aka a "SMACK SKIP-TLS" issue.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| novell | suse_linux_enterprise_desktop | 12.0 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | network_security_services | 3.19 |
| canonical | ubuntu_linux | 15.04 |
| novell | suse_linux_enterprise_software_development_kit | 12.0 |
| canonical | ubuntu_linux | 14.10 |
| canonical | ubuntu_linux | 14.04 |
| debian | debian_linux | 7.0 |
| novell | suse_linux_enterprise_server | 11 |
| oracle | vm_server | 3.2 |
| novell | suse_linux_enterprise_server | 12.0 |
| oracle | solaris | 11.3 |
| debian | debian_linux | 8.0 |
Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttpRequest object to a shared worker.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 31.2 |
| mozilla | firefox_esr | 31.4 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox_esr | 31.5.3 |
| mozilla | firefox_esr | 31.3 |
| mozilla | firefox | 31.3.0 |
| mozilla | firefox | * |
| mozilla | firefox | 31.5.1 |
| mozilla | firefox_esr | 31.5 |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 31.5.2 |
| mozilla | firefox_esr | 31.1.0 |
| mozilla | firefox_esr | 31.5.1 |
| novell | suse_linux_enterprise_desktop | 12.0 |
| mozilla | firefox_esr | 31.3.0 |
| mozilla | firefox_esr | 31.7.0 |
| mozilla | firefox_esr | 31.5.2 |
| novell | suse_linux_enterprise_software_development_kit | 12.0 |
| mozilla | firefox | 31.5.3 |
| mozilla | firefox | 38.0 |
| mozilla | firefox_esr | 31.6.0 |
| novell | suse_linux_enterprise_server | 11 |
| novell | suse_linux_enterprise_server | 12.0 |
| mozilla | firefox_esr | 31.0 |
| mozilla | firefox_esr | 31.1.1 |
| oracle | solaris | 11.3 |
| mozilla | firefox_esr | 31.1 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 31.2 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | 31.4 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox_esr | 31.5.3 |
| mozilla | firefox_esr | 31.3 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | 31.3.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 31.5.1 |
| mozilla | firefox_esr | 31.5 |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 31.5.2 |
| mozilla | firefox_esr | 31.1.0 |
| mozilla | firefox_esr | 31.5.1 |
| novell | suse_linux_enterprise_desktop | 12.0 |
| mozilla | firefox_esr | 31.3.0 |
| mozilla | firefox_esr | 31.7.0 |
| mozilla | firefox_esr | 31.5.2 |
| canonical | ubuntu_linux | 15.04 |
| novell | suse_linux_enterprise_software_development_kit | 12.0 |
| mozilla | firefox | 31.5.3 |
| canonical | ubuntu_linux | 14.10 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 38.0 |
| mozilla | firefox_esr | 31.6.0 |
| novell | suse_linux_enterprise_server | 11 |
| novell | suse_linux_enterprise_server | 12.0 |
| mozilla | firefox_esr | 31.0 |
| mozilla | firefox_esr | 31.1.1 |
| oracle | solaris | 11.3 |
| mozilla | firefox_esr | 31.1 |
| debian | debian_linux | 8.0 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 31.2 |
| mozilla | firefox_esr | 31.4 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox_esr | 31.5.3 |
| mozilla | firefox_esr | 31.3 |
| mozilla | firefox | 31.3.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 31.5.1 |
| mozilla | firefox_esr | 31.5 |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 31.5.2 |
| mozilla | firefox_esr | 31.1.0 |
| mozilla | firefox_esr | 31.5.1 |
| novell | suse_linux_enterprise_desktop | 12.0 |
| mozilla | firefox_esr | 31.3.0 |
| mozilla | firefox_esr | 31.7.0 |
| mozilla | firefox_esr | 31.5.2 |
| novell | suse_linux_enterprise_software_development_kit | 12.0 |
| mozilla | firefox | 31.5.3 |
| mozilla | firefox | 38.0 |
| mozilla | firefox_esr | 31.6.0 |
| novell | suse_linux_enterprise_server | 11 |
| novell | suse_linux_enterprise_server | 12.0 |
| mozilla | firefox_esr | 31.0 |
| mozilla | firefox_esr | 31.1.1 |
| oracle | solaris | 11.3 |
| mozilla | firefox_esr | 31.1 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| novell | suse_linux_enterprise_desktop | 12.0 |
| novell | suse_linux_enterprise_server | 11 |
| mozilla | firefox | * |
| novell | suse_linux_enterprise_server | 12.0 |
| oracle | solaris | 11.3 |
| novell | suse_linux_enterprise_software_development_kit | 12.0 |
Mozilla Firefox 38.0 and Firefox ESR 38.0 allow user-assisted remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions. NOTE: this vulnerability exists because of a CVE-2015-0821 regression.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 38.0 |
The IndexedDatabaseManager class in the IndexedDB implementation in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 misinterprets an unspecified IDBDatabase field as a pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors, related to a "type confusion" issue.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 31.5.1 |
| novell | suse_linux_enterprise_desktop | 12.0 |
| mozilla | firefox_esr | 31.2 |
| mozilla | firefox_esr | 31.7.0 |
| mozilla | firefox_esr | 31.4 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 31.5.3 |
| mozilla | firefox | 38.0 |
| mozilla | firefox_esr | 31.3 |
| mozilla | firefox_esr | 31.6.0 |
| mozilla | firefox | 31.3.0 |
| novell | suse_linux_enterprise_server | 11 |
| mozilla | firefox | * |
| novell | suse_linux_enterprise_server | 12.0 |
| mozilla | firefox | 31.5.1 |
| oracle | solaris | 11.3 |
| mozilla | firefox_esr | 31.5 |
| mozilla | firefox_esr | 31.1 |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.5.2 |
| mozilla | firefox | 31.0 |
The AudioParamTimeline::AudioNodeInputValue function in the Web Audio implementation in Mozilla Firefox before 39.0 and Firefox ESR 38.x before 38.1 does not properly calculate an oscillator rendering range, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 31.5.1 |
| mozilla | firefox_esr | 31.2 |
| mozilla | firefox_esr | 31.7.0 |
| mozilla | firefox_esr | 31.4 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 31.5.3 |
| mozilla | firefox | 38.0 |
| mozilla | firefox_esr | 31.3 |
| mozilla | firefox_esr | 31.6.0 |
| mozilla | firefox | 31.3.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 31.5.1 |
| oracle | solaris | 11.3 |
| mozilla | firefox_esr | 31.5 |
| mozilla | firefox_esr | 31.1 |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.5.2 |
| mozilla | firefox | 31.0 |
Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and other products, does not properly perform Elliptical Curve Cryptography (ECC) multiplications, which makes it easier for remote attackers to spoof ECDSA signatures via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 7.0 |
| novell | suse_linux_enterprise_desktop | 12.0 |
| novell | suse_linux_enterprise_server | 11 |
| oracle | vm_server | 3.2 |
| novell | suse_linux_enterprise_server | 12.0 |
| oracle | solaris | 11.3 |
| novell | suse_linux_enterprise_software_development_kit | 12.0 |
| mozilla | network_security_services | * |
| debian | debian_linux | 8.0 |
Use-after-free vulnerability in the CSPService::ShouldLoad function in the microtask implementation in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allows remote attackers to execute arbitrary code by leveraging client-side JavaScript that triggers removal of a DOM object on the basis of a Content Policy.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 31.5.1 |
| mozilla | firefox_esr | 31.2 |
| mozilla | firefox_esr | 31.7.0 |
| mozilla | firefox_esr | 31.4 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 31.5.3 |
| mozilla | firefox | 38.0 |
| mozilla | firefox_esr | 31.3 |
| mozilla | firefox_esr | 31.6.0 |
| mozilla | firefox | 31.3.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 31.5.1 |
| oracle | solaris | 11.3 |
| mozilla | firefox_esr | 31.5 |
| mozilla | firefox_esr | 31.1 |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.5.2 |
| mozilla | firefox | 31.0 |
Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttpRequest object to a dedicated worker.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 31.5.1 |
| novell | suse_linux_enterprise_desktop | 12.0 |
| mozilla | firefox_esr | 31.2 |
| mozilla | firefox_esr | 31.7.0 |
| mozilla | firefox_esr | 31.4 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 31.5.3 |
| mozilla | firefox | 38.0 |
| mozilla | firefox_esr | 31.3 |
| novell | suse_linux_enterprise_desktop | 11 |
| mozilla | firefox_esr | 31.6.0 |
| mozilla | firefox | 31.3.0 |
| mozilla | firefox | * |
| novell | suse_linux_enterprise_server | 12.0 |
| mozilla | firefox | 31.5.1 |
| oracle | solaris | 11.3 |
| mozilla | firefox_esr | 31.5 |
| mozilla | firefox_esr | 31.1 |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.5.2 |
| mozilla | firefox | 31.0 |
The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-17,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 31.2 |
| canonical | ubuntu_linux | 12.04 |
| suse | linux_enterprise_desktop | 12 |
| mozilla | firefox_esr | 31.4 |
| mozilla | firefox_esr | 38.0 |
| suse | linux_enterprise_software_development_kit | 12 |
| mozilla | firefox_esr | 31.3 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | 31.3.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 31.5.1 |
| mozilla | firefox_esr | 31.5 |
| suse | suse_linux_enterprise_server | 12 |
| mozilla | firefox | 31.1.1 |
| suse | linux_enterprise_server | 11 |
| mozilla | firefox | 31.5.2 |
| mozilla | firefox_esr | 31.5.1 |
| mozilla | firefox_esr | 31.7.0 |
| canonical | ubuntu_linux | 15.04 |
| mozilla | firefox | 31.5.3 |
| canonical | ubuntu_linux | 14.10 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 38.0 |
| mozilla | firefox_esr | 31.6.0 |
| oracle | solaris | 11.3 |
| mozilla | firefox_esr | 31.1 |
| debian | debian_linux | 8.0 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
nsZipArchive.cpp in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-17,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 31.2 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | 31.4 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox_esr | 31.5.3 |
| mozilla | firefox_esr | 31.3 |
| mozilla | firefox | 31.3.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 31.5.1 |
| mozilla | firefox_esr | 31.5 |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 31.5.2 |
| mozilla | firefox_esr | 31.1.0 |
| mozilla | firefox_esr | 31.5.1 |
| novell | suse_linux_enterprise_desktop | 12.0 |
| mozilla | firefox_esr | 31.3.0 |
| mozilla | firefox_esr | 31.7.0 |
| mozilla | firefox_esr | 31.5.2 |
| canonical | ubuntu_linux | 15.04 |
| novell | suse_linux_enterprise_software_development_kit | 12.0 |
| mozilla | firefox | 31.5.3 |
| canonical | ubuntu_linux | 14.10 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 38.0 |
| mozilla | firefox_esr | 31.6.0 |
| novell | suse_linux_enterprise_server | 11 |
| novell | suse_linux_enterprise_server | 12.0 |
| mozilla | firefox_esr | 31.0 |
| mozilla | firefox_esr | 31.1.1 |
| oracle | solaris | 11.3 |
| mozilla | firefox_esr | 31.1 |
| debian | debian_linux | 8.0 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
The nsZipArchive::BuildFileList function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-17,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 31.2 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | 31.4 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox_esr | 31.5.3 |
| mozilla | firefox_esr | 31.3 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | 31.3.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 31.5.1 |
| mozilla | firefox_esr | 31.5 |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 31.5.2 |
| mozilla | firefox_esr | 31.1.0 |
| mozilla | firefox_esr | 31.5.1 |
| novell | suse_linux_enterprise_desktop | 12.0 |
| mozilla | firefox_esr | 31.3.0 |
| mozilla | firefox_esr | 31.7.0 |
| mozilla | firefox_esr | 31.5.2 |
| canonical | ubuntu_linux | 15.04 |
| novell | suse_linux_enterprise_software_development_kit | 12.0 |
| mozilla | firefox | 31.5.3 |
| canonical | ubuntu_linux | 14.10 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 38.0 |
| mozilla | firefox_esr | 31.6.0 |
| novell | suse_linux_enterprise_server | 11 |
| novell | suse_linux_enterprise_server | 12.0 |
| mozilla | firefox_esr | 31.0 |
| mozilla | firefox_esr | 31.1.1 |
| oracle | solaris | 11.3 |
| mozilla | firefox_esr | 31.1 |
| debian | debian_linux | 8.0 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-17,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 31.2 |
| canonical | ubuntu_linux | 12.04 |
| suse | linux_enterprise_desktop | 12 |
| mozilla | firefox_esr | 31.4 |
| mozilla | firefox_esr | 38.0 |
| suse | linux_enterprise_software_development_kit | 12 |
| mozilla | firefox_esr | 31.3 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | 31.3.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 31.5.1 |
| mozilla | firefox_esr | 31.5 |
| suse | suse_linux_enterprise_server | 12 |
| mozilla | firefox | 31.1.1 |
| suse | linux_enterprise_server | 11 |
| mozilla | firefox | 31.5.2 |
| mozilla | firefox_esr | 31.5.1 |
| mozilla | firefox_esr | 31.7.0 |
| canonical | ubuntu_linux | 15.04 |
| mozilla | firefox | 31.5.3 |
| canonical | ubuntu_linux | 14.10 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 38.0 |
| mozilla | firefox_esr | 31.6.0 |
| oracle | solaris | 11.3 |
| mozilla | firefox_esr | 31.1 |
| debian | debian_linux | 8.0 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-17,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 31.2 |
| canonical | ubuntu_linux | 12.04 |
| suse | linux_enterprise_desktop | 12 |
| mozilla | firefox_esr | 31.4 |
| mozilla | firefox_esr | 38.0 |
| suse | linux_enterprise_software_development_kit | 12 |
| mozilla | firefox_esr | 31.3 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | 31.3.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 31.5.1 |
| mozilla | firefox_esr | 31.5 |
| suse | suse_linux_enterprise_server | 12 |
| mozilla | firefox | 31.1.1 |
| suse | linux_enterprise_server | 11 |
| mozilla | firefox | 31.5.2 |
| mozilla | firefox_esr | 31.5.1 |
| mozilla | firefox_esr | 31.7.0 |
| canonical | ubuntu_linux | 15.04 |
| mozilla | firefox | 31.5.3 |
| canonical | ubuntu_linux | 14.10 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 38.0 |
| mozilla | firefox_esr | 31.6.0 |
| oracle | solaris | 11.3 |
| mozilla | firefox_esr | 31.1 |
| debian | debian_linux | 8.0 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
The ArrayBufferBuilder::append function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which has unspecified impact and attack vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 31.2 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | 31.4 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox_esr | 31.5.3 |
| mozilla | firefox_esr | 31.3 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | 31.3.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 31.5.1 |
| mozilla | firefox_esr | 31.5 |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 31.5.2 |
| mozilla | firefox_esr | 31.1.0 |
| mozilla | firefox_esr | 31.5.1 |
| novell | suse_linux_enterprise_desktop | 12.0 |
| mozilla | firefox_esr | 31.3.0 |
| mozilla | firefox_esr | 31.7.0 |
| mozilla | firefox_esr | 31.5.2 |
| canonical | ubuntu_linux | 15.04 |
| novell | suse_linux_enterprise_software_development_kit | 12.0 |
| mozilla | firefox | 31.5.3 |
| canonical | ubuntu_linux | 14.10 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 38.0 |
| mozilla | firefox_esr | 31.6.0 |
| novell | suse_linux_enterprise_server | 11 |
| novell | suse_linux_enterprise_server | 12.0 |
| mozilla | firefox_esr | 31.0 |
| mozilla | firefox_esr | 31.1.1 |
| oracle | solaris | 11.3 |
| mozilla | firefox_esr | 31.1 |
| debian | debian_linux | 8.0 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
Buffer overflow in the nsXMLHttpRequest::AppendToResponseText function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 might allow remote attackers to cause a denial of service or have unspecified other impact via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 31.2 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | 31.4 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox_esr | 31.5.3 |
| mozilla | firefox_esr | 31.3 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | 31.3.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 31.5.1 |
| mozilla | firefox_esr | 31.5 |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 31.5.2 |
| mozilla | firefox_esr | 31.1.0 |
| mozilla | firefox_esr | 31.5.1 |
| novell | suse_linux_enterprise_desktop | 12.0 |
| mozilla | firefox_esr | 31.3.0 |
| mozilla | firefox_esr | 31.7.0 |
| mozilla | firefox_esr | 31.5.2 |
| canonical | ubuntu_linux | 15.04 |
| novell | suse_linux_enterprise_software_development_kit | 12.0 |
| mozilla | firefox | 31.5.3 |
| canonical | ubuntu_linux | 14.10 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 38.0 |
| mozilla | firefox_esr | 31.6.0 |
| novell | suse_linux_enterprise_server | 11 |
| novell | suse_linux_enterprise_server | 12.0 |
| mozilla | firefox_esr | 31.0 |
| mozilla | firefox_esr | 31.1.1 |
| oracle | solaris | 11.3 |
| mozilla | firefox_esr | 31.1 |
| debian | debian_linux | 8.0 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 do not enforce key pinning upon encountering an X.509 certificate problem that generates a user dialog, which allows user-assisted man-in-the-middle attackers to bypass intended access restrictions by triggering a (1) expired certificate or (2) mismatched hostname for a domain with pinning enabled.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 31.5.1 |
| mozilla | firefox_esr | 31.2 |
| mozilla | firefox_esr | 31.7.0 |
| mozilla | firefox_esr | 31.4 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 31.5.3 |
| mozilla | firefox | 38.0 |
| mozilla | firefox_esr | 31.3 |
| mozilla | firefox_esr | 31.6.0 |
| mozilla | firefox | 31.3.0 |
| mozilla | firefox | * |
| mozilla | firefox | 31.5.1 |
| oracle | solaris | 11.3 |
| mozilla | firefox_esr | 31.5 |
| mozilla | firefox_esr | 31.1 |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.5.2 |
| mozilla | firefox | 31.0 |
Mozilla Firefox before 39.0 on OS X includes native key press information during the logging of crashes, which allows remote attackers to obtain sensitive information by leveraging access to a crash-reporting data stream.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| oracle | solaris | 11.3 |
PDF.js in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 enables excessive privileges for internal Workers, which might allow remote attackers to execute arbitrary code by leveraging a Same Origin Policy bypass.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-17,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 31.2 |
| mozilla | firefox_esr | 31.4 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox_esr | 31.5.3 |
| mozilla | firefox_esr | 31.3 |
| mozilla | firefox | 31.3.0 |
| mozilla | firefox | * |
| mozilla | firefox | 31.5.1 |
| mozilla | firefox_esr | 31.5 |
| mozilla | firefox | 31.1.1 |
| mozilla | firefox | 31.5.2 |
| mozilla | firefox_esr | 31.1.0 |
| mozilla | firefox_esr | 31.5.1 |
| novell | suse_linux_enterprise_desktop | 12.0 |
| mozilla | firefox_esr | 31.3.0 |
| mozilla | firefox_esr | 31.7.0 |
| mozilla | firefox_esr | 31.5.2 |
| novell | suse_linux_enterprise_software_development_kit | 12.0 |
| mozilla | firefox | 31.5.3 |
| mozilla | firefox | 38.0 |
| mozilla | firefox_esr | 31.6.0 |
| novell | suse_linux_enterprise_server | 11 |
| novell | suse_linux_enterprise_server | 12.0 |
| mozilla | firefox_esr | 31.0 |
| mozilla | firefox_esr | 31.1.1 |
| oracle | solaris | 11.3 |
| mozilla | firefox_esr | 31.1 |
| mozilla | firefox | 31.1.0 |
| mozilla | firefox | 31.0 |
Cross-site scripting (XSS) vulnerability in the Search app in Gaia in Mozilla Firefox OS before 2.2 allows remote attackers to inject arbitrary HTML via a crafted search link that is mishandled after re-opening the browser or opening the tab view.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_os | * |
Multiple cross-site scripting (XSS) vulnerabilities in the Search app in Gaia in Mozilla Firefox OS before 2.2 allow remote attackers to inject arbitrary HTML via the (1) name or (2) title field in card content associated with a search link that is mishandled after a HOME button press or a Show Windows action, as demonstrated by embedding an arbitrary application or spoofing the account-creation page.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_os | * |
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 12.04 |
| suse | linux_enterprise_desktop | 12 |
| chrome | - | |
| oracle | jrockit | r28.3.6 |
| opera | opera_browser | - |
| oracle | jre | 1.8.0 |
| suse | linux_enterprise_software_development_kit | 12 |
| mozilla | firefox_esr | 38.1.0 |
| debian | debian_linux | 7.0 |
| mozilla | thunderbird | 38.1 |
| oracle | jdk | 1.8.0 |
| microsoft | internet_explorer | - |
| mozilla | seamonkey | 2.35 |
| suse | suse_linux_enterprise_server | 12 |
| apple | mac_os_x | * |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | - |
| oracle | sparc-opl_service_processor | * |
| oracle | jre | 1.6.0 |
| oracle | jdk | 1.6.0 |
| hp | hp-ux | b.11.31 |
| mozilla | network_security_services | 3.19 |
| apple | safari | - |
| canonical | ubuntu_linux | 15.04 |
| canonical | ubuntu_linux | 14.10 |
| apple | iphone_os | * |
| ibm | content_manager | 8.5 |
| canonical | ubuntu_linux | 14.04 |
| openssl | openssl | * |
| suse | linux_enterprise_server | 11.0 |
| mozilla | firefox_esr | 31.8 |
| oracle | jre | 1.7.0 |
| mozilla | firefox | 39.0 |
| oracle | jdk | 1.7.0 |
| debian | debian_linux | 8.0 |
| mozilla | thunderbird | 31.8 |
| mozilla | firefox_os | 2.2 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 15.04 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 38.0 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| mozilla | firefox | 38.1.0 |
| debian | debian_linux | 8.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 40.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 15.04 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| canonical | ubuntu_linux | 14.04 |
The mozilla::AudioSink function in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 mishandles inconsistent sample formats within MP3 audio data, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a malformed file.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 15.04 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.1.0 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 38.0 |
Mozilla Firefox before 41.0 on Android allows user-assisted remote attackers to spoof address-bar attributes by leveraging lack of navigation after a paste of a URL with a nonstandard scheme, as demonstrated by spoofing an SSL attribute.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-254,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Use-after-free vulnerability in the MediaStream playback feature in Mozilla Firefox before 40.0 allows remote attackers to execute arbitrary code via unspecified use of the Web Audio API.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 15.04 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| canonical | ubuntu_linux | 14.04 |
Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 do not impose certain ECMAScript 6 requirements on JavaScript object properties, which allows remote attackers to bypass the Same Origin Policy via the reviver parameter to the JSON.parse method.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 15.04 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.1.0 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 38.0 |
Multiple integer overflows in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to execute arbitrary code via a crafted saio chunk in MPEG-4 video data.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 15.04 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.1.0 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 38.0 |
Integer overflow in the stagefright::SampleTable::isValid function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via crafted MPEG-4 video data with H.264 encoding.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 15.04 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.1.0 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 38.0 |
Race condition in the Mozilla Maintenance Service in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file during an update.
CVSS 2.0
Severity: LOW
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| oracle | solaris | 11.3 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.0 |
mar_read.c in the Updater in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows local users to gain privileges or cause a denial of service (out-of-bounds write) via a crafted name of a Mozilla Archive (aka MAR) file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| oracle | solaris | 11.3 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.0 |
Mozilla Firefox before 40.0 allows man-in-the-middle attackers to bypass a mixed-content protection mechanism via a feed: URL in a POST request.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| oracle | solaris | 11.3 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
The js::jit::AssemblerX86Shared::lock_addl function in the JavaScript implementation in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to cause a denial of service (application crash) by leveraging the use of shared memory and accessing (1) an Atomics object or (2) a SharedArrayBuffer object.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| canonical | ubuntu_linux | 12.04 |
| oracle | solaris | 11.3 |
| canonical | ubuntu_linux | 15.04 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.1.0 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 38.0 |
Heap-based buffer overflow in the resize_context_buffers function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via malformed WebM video data.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| canonical | ubuntu_linux | 12.04 |
| oracle | solaris | 11.3 |
| canonical | ubuntu_linux | 15.04 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.1.0 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 38.0 |
The decrease_ref_count function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via malformed WebM video data.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| canonical | ubuntu_linux | 12.04 |
| oracle | solaris | 11.3 |
| canonical | ubuntu_linux | 15.04 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.1.0 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 38.0 |
The nsTSubstring::ReplacePrep function in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, related to an "overflow."
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_os | * |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 15.04 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | * |
| oracle | solaris | 11.3 |
| mozilla | firefox | 38.1.0 |
Use-after-free vulnerability in the StyleAnimationValue class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 allows remote attackers to have an unspecified impact by leveraging a StyleAnimationValue::operator self assignment.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 15.04 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox_os | 2.1.0 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | * |
| oracle | solaris | 11.3 |
| mozilla | firefox | 38.1.0 |
The nsTArray_Impl class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging a self assignment.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_os | * |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 15.04 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | * |
| oracle | solaris | 11.3 |
| mozilla | firefox | 38.1.0 |
The nsCSPHostSrc::permits function in dom/security/nsCSPUtils.cpp in Mozilla Firefox before 40.0 does not implement the Content Security Policy Level 2 exceptions for the blob, data, and filesystem URL schemes during wildcard source-expression matching, which might make it easier for remote attackers to conduct cross-site scripting (XSS) attacks by leveraging unexpected policy-enforcement behavior.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| canonical | ubuntu_linux | 12.04 |
| oracle | solaris | 11.3 |
| canonical | ubuntu_linux | 15.04 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| canonical | ubuntu_linux | 14.04 |
Use-after-free vulnerability in the XMLHttpRequest::Open implementation in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 might allow remote attackers to execute arbitrary code via a SharedWorker object that makes recursive calls to the open method of an XMLHttpRequest object.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| canonical | ubuntu_linux | 12.04 |
| oracle | solaris | 11.3 |
| canonical | ubuntu_linux | 15.04 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.1.0 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 38.0 |
Heap-based buffer overflow in the stagefright::ESDS::parseESDescriptor function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via an invalid size field in an esds chunk in MPEG-4 video data, a related issue to CVE-2015-1539.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| canonical | ubuntu_linux | 12.04 |
| oracle | solaris | 11.3 |
| canonical | ubuntu_linux | 15.04 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.1.0 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 38.0 |
Mozilla Firefox OS before 2.2 does not require the wifi-manage privilege for reading a Wi-Fi system message, which allows attackers to obtain potentially sensitive information via a crafted app.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_os | * |
The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,CWE-346,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 12.04 |
| redhat | enterprise_linux_eus | 7.1 |
| suse | linux_enterprise_desktop | 12 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | 38.0 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| redhat | enterprise_linux_eus | 7.4 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_eus | 7.7 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| suse | linux_enterprise_software_development_kit | 12 |
| mozilla | firefox_esr | 38.1.0 |
| redhat | enterprise_linux_server_aus | 7.7 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| suse | linux_enterprise_debuginfo | 11 |
| redhat | enterprise_linux_eus | 7.3 |
| redhat | enterprise_linux_workstation | 6.0 |
| suse | linux_enterprise_desktop | 11 |
| suse | linux_enterprise_server | 11 |
| redhat | enterprise_linux_server_tus | 7.3 |
| mozilla | firefox_esr | 38.0.1 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_eus | 7.5 |
| redhat | enterprise_linux_desktop | 6.0 |
| suse | linux_enterprise_software_development_kit | 11 |
| novell | suse_linux_enterprise_desktop | 12.0 |
| mozilla | firefox_os | * |
| redhat | enterprise_linux_eus | 6.7 |
| mozilla | firefox_esr | 38.0.5 |
| canonical | ubuntu_linux | 15.04 |
| novell | suse_linux_enterprise_software_development_kit | 12.0 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| suse | linux_enterprise_server | 12 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_workstation | 7.0 |
| novell | suse_linux_enterprise_server | 12.0 |
| oracle | solaris | 11.3 |
| redhat | enterprise_linux_server_tus | 7.7 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_eus | 7.2 |
| redhat | enterprise_linux_eus | 7.6 |
Multiple integer overflows in libstagefright in Mozilla Firefox before 38.0 allow remote attackers to execute arbitrary code via crafted sample metadata in an MPEG-4 video file, a related issue to CVE-2015-1538.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| oracle | solaris | 11.3 |
Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets (CSS) token sequences for a CANVAS element.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 40.0.2 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.0 |
The add-on installation feature in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to bypass an intended user-confirmation requirement by constructing a crafted data: URL and triggering navigation to an arbitrary http: or https: URL at a certain early point in the installation process.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-254,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.0 |
Util.pm in Bugzilla 2.x, 3.x, and 4.x before 4.2.15, 4.3.x and 4.4.x before 4.4.10, and 5.x before 5.0.1 mishandles long e-mail addresses during account registration, which allows remote attackers to obtain the default privileges for an arbitrary domain name by placing that name in a substring of an address, as demonstrated by truncation of an @mozilla.com.example.com address to an @mozilla.com address.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.0.0 |
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 2.23.4 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 2.2 |
| mozilla | bugzilla | 4.4.2 |
| mozilla | bugzilla | 3.3 |
| mozilla | bugzilla | 4.3.2 |
| mozilla | bugzilla | 3.2.9 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 3.6.10 |
| mozilla | bugzilla | 4.4.4 |
| mozilla | bugzilla | 3.1.3 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 3.0.11 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 3.6.8 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 4.2.1 |
| mozilla | bugzilla | 4.1.1 |
| mozilla | bugzilla | 3.0.9 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 4.4.5 |
| mozilla | bugzilla | 2.21.1 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 3.6.9 |
| mozilla | bugzilla | 4.3.1 |
| mozilla | bugzilla | 3.4.10 |
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 3.0.1 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 4.2.8 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 3.2.8 |
| mozilla | bugzilla | 4.1.2 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 4.0.8 |
| mozilla | bugzilla | 4.4.1 |
| mozilla | bugzilla | 3.0.4 |
| mozilla | bugzilla | 3.2.1 |
| mozilla | bugzilla | 4.4 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 3.0.5 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 4.0.3 |
| mozilla | bugzilla | 3.0.10 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.18.5 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 3.0 |
| mozilla | bugzilla | 4.2.6 |
| mozilla | bugzilla | 4.0.16 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 3.5.3 |
| mozilla | bugzilla | 3.0.3 |
| mozilla | bugzilla | 4.3 |
| mozilla | bugzilla | 3.5 |
| mozilla | bugzilla | 3.3.3 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 4.0.13 |
| mozilla | bugzilla | 4.1 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 3.4.11 |
| mozilla | bugzilla | 3.4.13 |
| mozilla | bugzilla | 4.2.12 |
| mozilla | bugzilla | 2.23.1 |
| mozilla | bugzilla | 4.4.6 |
| mozilla | bugzilla | 2.23.3 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.23.2 |
| mozilla | bugzilla | 2.18.6 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 3.0.2 |
| mozilla | bugzilla | 3.0.8 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.20.7 |
| mozilla | bugzilla | 3.6.4 |
| mozilla | bugzilla | 3.4.12 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 4.0.12 |
| mozilla | bugzilla | 3.6.7 |
| mozilla | bugzilla | 2.18.4 |
| mozilla | bugzilla | 2.20.6 |
| mozilla | bugzilla | 4.0.10 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.0.7 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.1.0 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 2.0 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.16.11 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 4.0.6 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 3.6.0 |
| mozilla | bugzilla | 3.6.11 |
| mozilla | bugzilla | 3.6.6 |
| mozilla | bugzilla | 4.0.11 |
| mozilla | bugzilla | 4.4.9 |
| mozilla | bugzilla | 4.0.9 |
| mozilla | bugzilla | 4.1.3 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 3.1.4 |
| mozilla | bugzilla | 2.23 |
| mozilla | bugzilla | 4.0.2 |
| mozilla | bugzilla | 3.3.2 |
| mozilla | bugzilla | 4.2.3 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 3.4 |
| mozilla | bugzilla | 3.7.3 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 3.5.2 |
| mozilla | bugzilla | 5.0 |
| mozilla | bugzilla | 4.0.5 |
| mozilla | bugzilla | 4.2.14 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 4.0.4 |
| mozilla | bugzilla | 3.1.2 |
| mozilla | bugzilla | 4.4.7 |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 4.0.7 |
| mozilla | bugzilla | 4.2.7 |
| mozilla | bugzilla | 2.17.2 |
| mozilla | bugzilla | 3.2.10 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 3.5.1 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 3.4.8 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 4.2.13 |
| mozilla | bugzilla | 2.20.5 |
| mozilla | bugzilla | 2.22.2 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 3.6.5 |
| mozilla | bugzilla | 3.6.13 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 4.2.5 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 4.2.9 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 3.0.6 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 4.2.11 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 3.1.1 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 4.4.3 |
| mozilla | bugzilla | 4.4.8 |
| mozilla | bugzilla | 4.0.1 |
| mozilla | bugzilla | 3.6.12 |
| mozilla | bugzilla | 4.2 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 3.3.1 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 4.3.3 |
| mozilla | bugzilla | 4.2.2 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 3.3.4 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 3.4.9 |
| mozilla | bugzilla | 4.0 |
| mozilla | bugzilla | 4.2.4 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | 38.1.1 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 41.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
js/src/proxy/Proxy.cpp in Mozilla Firefox before 41.0 mishandles certain receiver arguments, which allows remote attackers to bypass intended window access restrictions via a crafted web site.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-254,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The TCP Socket API implementation in Mozilla Firefox before 41.0 mishandles array boundaries that were established with a navigator.mozTCPSocket.open method call and send method calls, which allows remote TCP servers to obtain sensitive information from process memory by reading packet data, as demonstrated by availability of this API in a Firefox OS application.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The lut_inverse_interp16 function in the QCMS library in Mozilla Firefox before 41.0 allows remote attackers to obtain sensitive information or cause a denial of service (buffer over-read and application crash) via crafted attributes in the ICC 4 profile of an image.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
updater.exe in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows allows local users to write to arbitrary files by conducting a junction attack and waiting for an update operation by the Mozilla Maintenance Service.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | 38.1.1 |
Buffer overflow in the vp9_init_context_buffers function in libvpx, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3, allows remote attackers to execute arbitrary code via a crafted VP9 file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | 38.1.1 |
The SavedStacks class in the JavaScript implementation in Mozilla Firefox before 41.0, when the Debugger API is enabled, allows remote attackers to cause a denial of service (getSlotRef assertion failure and application exit) or possibly execute arbitrary code via a crafted web site.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla Firefox before 41.0, when reader mode is enabled, allows remote attackers to spoof the relationship between address-bar URLs and web content via a crafted web site.
CVSS 2.0
Severity: LOW
Problem Type: CWE-254,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Use-after-free vulnerability in the HTMLVideoElement interface in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allows remote attackers to execute arbitrary code via crafted JavaScript code that modifies the URI table of a media element, aka ZDI-CAN-3176.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | 38.1.1 |
Race condition in the WorkerPrivate::NotifyFeatures function in Mozilla Firefox before 41.0 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) by leveraging improper interaction between shared workers and the IndexedDB implementation.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-362,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Heap-based buffer overflow in the nestegg_track_codec_data function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allows remote attackers to execute arbitrary code via a crafted header in a WebM video.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | 38.1.1 |
gfx/2d/DataSurfaceHelpers.cpp in Mozilla Firefox before 41.0 on Linux improperly attempts to use the Cairo library with 32-bit color-depth surface creation followed by 16-bit color-depth surface display, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) by using a CANVAS element to trigger 2D rendering.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | 38.1.1 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 42.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | 38.1.1 |
Mozilla Firefox before 42.0, when NTLM v1 is enabled for HTTP authentication, allows remote attackers to obtain sensitive hostname information by constructing a crafted web site that sends an NTLM request and reads the Workstation field of an NTLM type 3 message.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla Firefox before 41.0 allows remote attackers to bypass certain ECMAScript 5 (aka ES5) API protection mechanisms and modify immutable properties, and consequently execute arbitrary JavaScript code with chrome privileges, via a crafted web page that does not use ES5 APIs.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-254,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
NetworkUtils.cpp in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | 38.1.1 |
The Reader View implementation in Mozilla Firefox before 42.0 has an improper whitelist, which makes it easier for remote attackers to bypass the Content Security Policy (CSP) protection mechanism and conduct cross-site scripting (XSS) attacks via vectors involving SVG animations and the about:reader URL.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow user-assisted remote attackers to bypass intended access restrictions and discover a redirect's target URL via crafted JavaScript code that executes after a drag-and-drop action of an image into a TEXTBOX element.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | 38.1.1 |
Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to bypass CORS preflight protection mechanisms by leveraging (1) duplicate cache-key generation or (2) retrieval of a value from an incorrect HTTP Access-Control-* response header.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-254,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | 38.1.1 |
The ConvertDialogOptions function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | 38.1.1 |
The nsUnicodeToUTF8::GetMaxLength function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an "overflow."
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | 38.1.1 |
Mozilla Firefox OS before 2.2 allows physically proximate attackers to bypass the pass-code protection mechanism and access USB Mass Storage (UMS) media volumes by using the USB interface for a mount operation.
CVSS 2.0
Severity: LOW
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_os | * |
The COPPA error page in the Accounts setup dialog in Mozilla Firefox OS before 2.2 embeds content from an external web server URL into the System process, which allows man-in-the-middle attackers to bypass intended access restrictions by spoofing that server.
CVSS 2.0
Severity: LOW
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_os | * |
Integer signedness error in the SharedBufferManagerParent::RecvAllocateGrallocBuffer function in the buffer-management implementation in the graphics layer in Mozilla Firefox OS before 2.2 might allow attackers to cause a denial of service (memory corruption) via a negative value of a size parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_os | * |
The nsAttrAndChildArray::GrowBy function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an "overflow."
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | 38.1.1 |
The XULContentSinkImpl::AddText function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an "overflow."
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | 38.1.1 |
The AnimationThread function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 uses an incorrect argument to the sscanf function, which might allow remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | 38.1.1 |
The InitTextures function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | 38.1.1 |
The ProgramBinary::linkAttributes function in libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows, mishandles shader access, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted (1) OpenGL or (2) WebGL content.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | 38.1.1 |
The VertexBufferInterface::reserveVertexSpace function in libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows, incorrectly allocates memory for shader attribute arrays, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via crafted (1) OpenGL or (2) WebGL content.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | 38.1.1 |
The ReadbackResultWriterD3D11::Run function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 misinterprets the return value of a function call, which might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | 38.1.1 |
The sec_asn1d_parse_leaf function in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, improperly restricts access to an unspecified data structure, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OCTET STRING data, related to a "use-after-poison" issue.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | network_security_services | 3.20.0 |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.2.1 |
| mozilla | network_security_services | * |
| mozilla | firefox | 38.0 |
| mozilla | firefox | 38.1.1 |
Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OCTET STRING data.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | glassfish_server | 2.1.1 |
| mozilla | network_security_services | 3.20.0 |
| oracle | opensso | 3.0-0.7 |
| oracle | iplanet_web_server | 7.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.2.1 |
| mozilla | network_security_services | * |
| mozilla | firefox | 38.0 |
| mozilla | firefox | * |
| oracle | traffic_director | 11.1.1.7.0 |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.3.0 |
| oracle | traffic_director | 11.1.1.9.0 |
| mozilla | firefox | 38.1.0 |
| oracle | iplanet_web_proxy_server | 4.0 |
| mozilla | firefox | 38.1.1 |
Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape Portable Runtime (NSPR) in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | network_security_services | 3.20.0 |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.2.1 |
| mozilla | network_security_services | * |
| mozilla | firefox | 38.0 |
| mozilla | firefox | 38.1.1 |
The fetch API implementation in Mozilla Firefox before 41.0.2 does not restrict access to the HTTP response body in certain situations where user credentials are supplied but the CORS cross-origin request algorithm is improperly followed, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla Firefox before 42.0 on Android does not ensure that the address bar is restored upon fullscreen-mode exit, which allows remote attackers to spoof the address bar via crafted JavaScript code.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-254,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla Firefox before 42.0 on Android allows user-assisted remote attackers to bypass the Same Origin Policy and trigger (1) a download or (2) cached profile-data reading via a file: URL in a saved HTML document.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The Add-on SDK in Mozilla Firefox before 42.0 misinterprets a "script: false" panel setting, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via inline JavaScript code that is executed within a third-party extension.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-254,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to bypass the Same Origin Policy for an IP address origin, and conduct cross-site scripting (XSS) attacks, by appending whitespace characters to an IP address string.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-254,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | 38.1.1 |
Race condition in the JPEGEncoder function in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via vectors involving a CANVAS element and crafted JavaScript code.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | 38.1.1 |
The Search feature in Mozilla Firefox before 42.0 on Android through 4.4 supports search-engine URL registration through an intent and can access this URL in a privileged context in conjunction with the crash reporter, which allows attackers to read log files and visit file: URLs of HTML documents via a crafted application.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla Firefox before 42.0 on Android improperly restricts URL strings in intents, which allows attackers to conduct cross-site scripting (XSS) attacks via vectors involving an intent: URL and fallback navigation, aka "Universal XSS (UXSS)."
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The accessibility-tools feature in Mozilla Firefox before 42.0 on OS X improperly interacts with the implementation of the TABLE element, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using an NSAccessibilityIndexAttribute value to reference a row index.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-17,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 improperly follow the CORS cross-origin request algorithm for the POST method in situations involving an unspecified Content-Type header manipulation, which allows remote attackers to bypass the Same Origin Policy by leveraging the lack of a preflight-request step.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-254,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | 38.1.1 |
Buffer underflow in libjar in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ZIP archive.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | 38.1.1 |
The URL parsing implementation in Mozilla Firefox before 42.0 improperly recognizes escaped characters in hostnames within Location headers, which allows remote attackers to obtain sensitive information via vectors involving a redirect.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, when a Java plugin is enabled, allow remote attackers to cause a denial of service (incorrect garbage collection and application crash) or possibly execute arbitrary code via a crafted Java applet that deallocates an in-use JavaScript wrapper.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-17,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | 38.1.1 |
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 improperly control the ability of a web worker to create a WebSocket object, which allows remote attackers to bypass intended mixed-content restrictions via crafted JavaScript code.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | 38.1.1 |
Buffer overflow in the rx::TextureStorage11 class in ANGLE, as used in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted texture data.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | 38.1.1 |
The (1) AddWeightedPathSegLists and (2) SVGPathSegListSMILType::Interpolate functions in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lack status checking, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted SVG document.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | 38.1.1 |
The CryptoKey interface implementation in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lacks status checking, which allows attackers to have an unspecified impact via vectors related to a cryptographic key.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-17,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox | 38.1.1 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| fedoraproject | fedora | 22 |
| opensuse | leap | 42.1 |
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.3.0 |
| fedoraproject | fedora | 23 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.1.1 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| fedoraproject | fedora | 23 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| fedoraproject | fedora | 22 |
| opensuse | leap | 42.1 |
Buffer overflow in the DirectWriteFontInfo::LoadFontFamilyData function in gfx/thebes/gfxDWriteFontList.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted font-family name.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| fedoraproject | fedora | 23 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| fedoraproject | fedora | 22 |
| opensuse | leap | 42.1 |
Mozilla Firefox before 43.0 does not properly store the properties of unboxed objects, which allows remote attackers to execute arbitrary code via crafted JavaScript variable assignments.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-17,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 41.0 |
| fedoraproject | fedora | 23 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 41.0.2 |
| fedoraproject | fedora | 22 |
| opensuse | leap | 42.1 |
| mozilla | firefox | 41.0.1 |
Integer underflow in the RTPReceiverVideo::ParseRtpPacket function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 might allow remote attackers to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a crafted WebRTC RTP packet.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| fedoraproject | fedora | 22 |
| opensuse | leap | 42.1 |
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.3.0 |
| fedoraproject | fedora | 23 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.1.1 |
Mozilla Firefox before 43.0 does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that leverages history.back and performance.getEntries calls, a related issue to CVE-2015-1300.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| fedoraproject | fedora | 23 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| fedoraproject | fedora | 22 |
| opensuse | leap | 42.1 |
Mozilla Firefox before 43.0 stores cookies containing vertical tab characters, which allows remote attackers to obtain sensitive information by reading HTTP Cookie headers.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| fedoraproject | fedora | 23 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| fedoraproject | fedora | 22 |
| opensuse | leap | 42.1 |
Use-after-free vulnerability in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering attempted use of a data channel that has been closed by a WebRTC function.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| fedoraproject | fedora | 22 |
| opensuse | leap | 42.1 |
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.3.0 |
| fedoraproject | fedora | 23 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.1.1 |
Mozilla Firefox before 43.0 mishandles the # (number sign) character in a data: URI, which allows remote attackers to spoof web sites via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| fedoraproject | fedora | 23 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| fedoraproject | fedora | 22 |
| opensuse | leap | 42.1 |
Integer overflow in the mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering a graphics operation that requires a large texture allocation.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| fedoraproject | fedora | 22 |
| opensuse | leap | 42.1 |
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.3.0 |
| fedoraproject | fedora | 23 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.1.1 |
Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote attackers to execute arbitrary code via a crafted MP4 video file that triggers a buffer overflow.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| fedoraproject | fedora | 22 |
| opensuse | leap | 42.1 |
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.3.0 |
| fedoraproject | fedora | 23 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.1.1 |
Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to bypass the Same Origin Policy via data: and view-source: URIs.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| fedoraproject | fedora | 22 |
| opensuse | leap | 42.1 |
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.3.0 |
| fedoraproject | fedora | 23 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.1.1 |
The importScripts function in the Web Workers API implementation in Mozilla Firefox before 43.0 allows remote attackers to bypass the Same Origin Policy by triggering use of the no-cors mode in the fetch API to attempt resource access that throws an exception, leading to information disclosure after a rethrow.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| fedoraproject | fedora | 23 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| fedoraproject | fedora | 22 |
| opensuse | leap | 42.1 |
The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the JasPer decoder, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JPEG 2000 image.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| fedoraproject | fedora | 23 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| fedoraproject | fedora | 22 |
| opensuse | leap | 42.1 |
The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the TGA decoder, which allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted Truevision TGA image.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| fedoraproject | fedora | 23 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| fedoraproject | fedora | 22 |
| opensuse | leap | 42.1 |
The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service (integer underflow, assertion failure, and application exit) via a single-byte header frame that triggers incorrect memory allocation.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| fedoraproject | fedora | 23 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| fedoraproject | fedora | 22 |
| opensuse | leap | 42.1 |
The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service (integer underflow, assertion failure, and application exit) via a malformed PushPromise frame that triggers decompressed-buffer length miscalculation and incorrect memory allocation.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| fedoraproject | fedora | 23 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| fedoraproject | fedora | 22 |
| opensuse | leap | 42.1 |
Buffer overflow in the XDRBuffer::grow function in js/src/vm/Xdr.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| fedoraproject | fedora | 23 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| fedoraproject | fedora | 22 |
| opensuse | leap | 42.1 |
Buffer overflow in the nsDeque::GrowCapacity function in xpcom/glue/nsDeque.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a deque size change.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| fedoraproject | fedora | 23 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| fedoraproject | fedora | 22 |
| opensuse | leap | 42.1 |
Integer underflow in the Metadata::setData function in MetaData.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect memory allocation and application crash) via an MP4 video file with crafted covr metadata that triggers a buffer overflow.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| fedoraproject | fedora | 22 |
| opensuse | leap | 42.1 |
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox | 38.3.0 |
| fedoraproject | fedora | 23 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox | 38.1.1 |
The WebExtension APIs in Mozilla Firefox before 43.0 allow remote attackers to gain privileges, and possibly obtain sensitive information or conduct cross-site scripting (XSS) attacks, via a crafted web site.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| fedoraproject | fedora | 23 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| fedoraproject | fedora | 22 |
| opensuse | leap | 42.1 |
Mozilla Firefox before 41.0 does not properly restrict the availability of High Resolution Time API times, which allows remote attackers to track last-level cache access, and consequently obtain sensitive information, via crafted JavaScript code that makes performance.now calls.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-19,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 15.10 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | network_security_services | * |
| mozilla | firefox_esr | 38.1.0 |
| opensuse | leap | 42.1 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| canonical | ubuntu_linux | 15.04 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| canonical | ubuntu_linux | 14.04 |
| mozilla | firefox | 38.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
Cross-site scripting (XSS) vulnerability in showdependencygraph.cgi in Bugzilla 2.x, 3.x, and 4.x before 4.2.16, 4.3.x and 4.4.x before 4.4.11, and 4.5.x and 5.0.x before 5.0.2, when a local dot configuration is used, allows remote attackers to inject arbitrary web script or HTML via a crafted bug summary.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 4.2.15 |
| mozilla | bugzilla | 2.2 |
| mozilla | bugzilla | 4.4.2 |
| mozilla | bugzilla | 3.2.9 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 3.6.10 |
| mozilla | bugzilla | 4.4.4 |
| mozilla | bugzilla | 4.0.14 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 3.0.11 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 3.6.8 |
| mozilla | bugzilla | 3.4.14 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 4.2.1 |
| mozilla | bugzilla | 3.0.9 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 4.4.5 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 3.6.9 |
| mozilla | bugzilla | 3.4.10 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 3.0.1 |
| mozilla | bugzilla | 4.2.8 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 3.2.8 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 4.0.8 |
| mozilla | bugzilla | 4.4.1 |
| mozilla | bugzilla | 3.0.4 |
| mozilla | bugzilla | 3.2.1 |
| mozilla | bugzilla | 4.4 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 3.0.5 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 4.0.3 |
| mozilla | bugzilla | 4.2.10 |
| mozilla | bugzilla | 3.0.10 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.18.5 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 3.0 |
| mozilla | bugzilla | 4.2.6 |
| mozilla | bugzilla | 4.0.16 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 3.0.3 |
| mozilla | bugzilla | 4.0.13 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 3.4.11 |
| mozilla | bugzilla | 3.4.13 |
| mozilla | bugzilla | 4.2.12 |
| mozilla | bugzilla | 4.4.6 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.18.6 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 3.0.2 |
| mozilla | bugzilla | 4.0.15 |
| mozilla | bugzilla | 3.0.8 |
| mozilla | bugzilla | 2.20.7 |
| mozilla | bugzilla | 3.6.4 |
| mozilla | bugzilla | 3.4.12 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 4.0.12 |
| mozilla | bugzilla | 3.6.7 |
| mozilla | bugzilla | 2.18.4 |
| mozilla | bugzilla | 2.20.6 |
| mozilla | bugzilla | 4.0.10 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.0.7 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 2.0 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.16.11 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 4.0.6 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 3.6.11 |
| mozilla | bugzilla | 3.6.6 |
| mozilla | bugzilla | 4.0.11 |
| mozilla | bugzilla | 4.4.9 |
| mozilla | bugzilla | 4.0.9 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 4.0.2 |
| mozilla | bugzilla | 4.2.3 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 3.4 |
| mozilla | bugzilla | 5.0 |
| mozilla | bugzilla | 4.0.17 |
| mozilla | bugzilla | 4.0.5 |
| mozilla | bugzilla | 4.2.14 |
| mozilla | bugzilla | 4.0.4 |
| mozilla | bugzilla | 4.4.7 |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 4.0.7 |
| mozilla | bugzilla | 4.2.7 |
| mozilla | bugzilla | 3.2.10 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 3.4.8 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 4.2.13 |
| mozilla | bugzilla | 2.20.5 |
| mozilla | bugzilla | 2.22.2 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 3.6.5 |
| mozilla | bugzilla | 3.6.13 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 4.2.5 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 4.2.9 |
| mozilla | bugzilla | 4.0.18 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 3.0.6 |
| mozilla | bugzilla | 4.2.11 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 5.0.1 |
| mozilla | bugzilla | 4.4.3 |
| mozilla | bugzilla | 4.4.8 |
| mozilla | bugzilla | 4.0.1 |
| mozilla | bugzilla | 3.6.12 |
| mozilla | bugzilla | 4.2 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 4.2.2 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 4.4.10 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 3.4.9 |
| mozilla | bugzilla | 4.0 |
| mozilla | bugzilla | 4.2.4 |
Template.pm in Bugzilla 2.x, 3.x, and 4.x before 4.2.16, 4.3.x and 4.4.x before 4.4.11, and 4.5.x and 5.0.x before 5.0.2 does not properly construct CSV files, which allows remote attackers to obtain sensitive information by leveraging a web browser that interprets CSV data as JavaScript code.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 4.2.15 |
| mozilla | bugzilla | 2.2 |
| mozilla | bugzilla | 4.4.2 |
| mozilla | bugzilla | 3.2.9 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 3.6.10 |
| mozilla | bugzilla | 4.4.4 |
| mozilla | bugzilla | 4.0.14 |
| mozilla | bugzilla | 2.14.5 |
| mozilla | bugzilla | 3.0.11 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 3.6.8 |
| mozilla | bugzilla | 3.4.14 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 4.2.1 |
| mozilla | bugzilla | 3.0.9 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.14 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 4.4.5 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 3.6.9 |
| mozilla | bugzilla | 3.4.10 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 3.0.1 |
| mozilla | bugzilla | 4.2.8 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 3.2.8 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 4.0.8 |
| mozilla | bugzilla | 4.4.1 |
| mozilla | bugzilla | 3.0.4 |
| mozilla | bugzilla | 3.2.1 |
| mozilla | bugzilla | 4.4 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 3.0.5 |
| mozilla | bugzilla | 2.14.1 |
| mozilla | bugzilla | 4.0.3 |
| mozilla | bugzilla | 4.2.10 |
| mozilla | bugzilla | 3.0.10 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.18.5 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 3.0 |
| mozilla | bugzilla | 4.2.6 |
| mozilla | bugzilla | 4.0.16 |
| mozilla | bugzilla | 2.14.4 |
| mozilla | bugzilla | 3.0.3 |
| mozilla | bugzilla | 4.0.13 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 3.4.11 |
| mozilla | bugzilla | 3.4.13 |
| mozilla | bugzilla | 4.2.12 |
| mozilla | bugzilla | 4.4.6 |
| mozilla | bugzilla | 2.12 |
| mozilla | bugzilla | 2.18.6 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 3.0.2 |
| mozilla | bugzilla | 4.0.15 |
| mozilla | bugzilla | 3.0.8 |
| mozilla | bugzilla | 2.20.7 |
| mozilla | bugzilla | 3.6.4 |
| mozilla | bugzilla | 3.4.12 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 4.0.12 |
| mozilla | bugzilla | 3.6.7 |
| mozilla | bugzilla | 2.18.4 |
| mozilla | bugzilla | 2.20.6 |
| mozilla | bugzilla | 4.0.10 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.0.7 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 2.0 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.16.11 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 4.0.6 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 3.6.11 |
| mozilla | bugzilla | 3.6.6 |
| mozilla | bugzilla | 4.0.11 |
| mozilla | bugzilla | 4.4.9 |
| mozilla | bugzilla | 4.0.9 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 4.0.2 |
| mozilla | bugzilla | 4.2.3 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 3.4 |
| mozilla | bugzilla | 5.0 |
| mozilla | bugzilla | 4.0.17 |
| mozilla | bugzilla | 4.0.5 |
| mozilla | bugzilla | 4.2.14 |
| mozilla | bugzilla | 4.0.4 |
| mozilla | bugzilla | 4.4.7 |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 4.0.7 |
| mozilla | bugzilla | 4.2.7 |
| mozilla | bugzilla | 3.2.10 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 3.4.8 |
| mozilla | bugzilla | 2.10 |
| mozilla | bugzilla | 4.2.13 |
| mozilla | bugzilla | 2.20.5 |
| mozilla | bugzilla | 2.22.2 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 3.6.5 |
| mozilla | bugzilla | 3.6.13 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 4.2.5 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 4.2.9 |
| mozilla | bugzilla | 4.0.18 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 3.0.6 |
| mozilla | bugzilla | 4.2.11 |
| mozilla | bugzilla | 2.14.2 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 5.0.1 |
| mozilla | bugzilla | 4.4.3 |
| mozilla | bugzilla | 4.4.8 |
| mozilla | bugzilla | 4.0.1 |
| mozilla | bugzilla | 3.6.12 |
| mozilla | bugzilla | 4.2 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 4.2.2 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 2.14.3 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 4.4.10 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 3.4.9 |
| mozilla | bugzilla | 4.0 |
| mozilla | bugzilla | 4.2.4 |
Cross-site scripting (XSS) vulnerability in the internationalization feature in the default homescreen app in Mozilla Firefox OS before 2.5 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted web site that is mishandled during "Add to home screen" bookmarking.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_os | * |
Race condition in the lockscreen feature in Mozilla Firefox OS before 2.5 allows physically proximate attackers to bypass an intended passcode requirement via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_os | * |
The lockscreen feature in Mozilla Firefox OS before 2.5 does not properly restrict failed authentication attempts, which makes it easier for physically proximate attackers to obtain access by entering many passcode guesses.
CVSS 2.0
Severity: LOW
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_os | * |
Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| suse | linux_enterprise_software_development_kit | 11 |
| mcafee | policy_auditor | * |
| canonical | ubuntu_linux | 12.04 |
| suse | linux_enterprise_desktop | 12 |
| python | python | * |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| suse | linux_enterprise_server | 12 |
| canonical | ubuntu_linux | 14.04 |
| suse | linux_enterprise_software_development_kit | 12 |
| opensuse | leap | 42.1 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| suse | linux_enterprise_debuginfo | 11 |
| libexpat_project | libexpat | * |
| apple | mac_os_x | * |
| suse | studio_onsite | 1.3 |
| suse | linux_enterprise_server | 11 |
| debian | debian_linux | 8.0 |
Stack-based buffer overflow in the evutil_parse_sockaddr_port function in evutil.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (segmentation fault) via vectors involving a long string in brackets in the ip_as_string argument.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| libevent_project | libevent | * |
| mozilla | firefox | 52.0 |
| debian | debian_linux | 8.0 |
Nunjucks is a full featured templating engine for JavaScript. Versions 2.4.2 and lower have a cross site scripting (XSS) vulnerability in autoescape mode. In autoescape mode, all template vars should automatically be escaped. By using an array for the keys, such as `name[]=<script>alert(1)</script>`, it is possible to bypass autoescaping and inject content into the DOM.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | nunjucks | * |
The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| fedoraproject | fedora | 22 |
| debian | debian_linux | 7.0 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 38.2.0 |
| sil | graphite2 | * |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.5.2 |
| fedoraproject | fedora | 23 |
| mozilla | firefox | 38.4.0 |
| debian | debian_linux | 8.0 |
| mozilla | firefox | 38.5.1 |
Code.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not consider recursive load calls during a size check, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via a crafted Graphite smart font.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| fedoraproject | fedora | 22 |
| debian | debian_linux | 7.0 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | thunderbird | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| sil | graphite2 | 1.2.4 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.5.2 |
| fedoraproject | fedora | 23 |
| mozilla | firefox | 38.4.0 |
| debian | debian_linux | 8.0 |
| mozilla | firefox | 38.5.1 |
The SillMap::readFace function in FeatureMap.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, mishandles a return value, which allows remote attackers to cause a denial of service (missing initialization, NULL pointer dereference, and application crash) via a crafted Graphite smart font.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| fedoraproject | fedora | 22 |
| debian | debian_linux | 7.0 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | thunderbird | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| sil | graphite2 | 1.2.4 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.5.2 |
| fedoraproject | fedora | 23 |
| mozilla | firefox | 38.4.0 |
| debian | debian_linux | 8.0 |
| mozilla | firefox | 38.5.1 |
The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, incorrectly validates a size value, which allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| fedoraproject | fedora | 22 |
| debian | debian_linux | 7.0 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | thunderbird | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| sil | graphite2 | 1.2.4 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.5.2 |
| fedoraproject | fedora | 23 |
| mozilla | firefox | 38.4.0 |
| debian | debian_linux | 8.0 |
| mozilla | firefox | 38.5.1 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.0 |
| mozilla | firefox_esr | 38.1.0 |
| opensuse | leap | 42.1 |
| oracle | linux | 5.0 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to uninitialized memory encountered during brotli data compression, and other vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| opensuse | leap | 42.1 |
Integer overflow in the image-deinterlacing functionality in Mozilla Firefox before 44.0 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted GIF image.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| opensuse | leap | 42.1 |
Buffer overflow in the BufferSubData function in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allows remote attackers to execute arbitrary code via crafted WebGL content.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.0 |
| mozilla | firefox_esr | 38.1.0 |
| opensuse | leap | 42.1 |
| oracle | linux | 5.0 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
The protocol-handler dialog in Mozilla Firefox before 44.0 allows remote attackers to conduct clickjacking attacks via a crafted web site that triggers a single-click action in a situation where a double-click action was intended.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| opensuse | leap | 42.1 |
The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, improperly divides numbers, which might make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging use of the (1) mp_div or (2) mp_exptmod function.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | nss | * |
| opensuse | leap | 42.1 |
Mozilla Firefox before 44.0 stores cookies with names containing vertical tab characters, which allows remote attackers to obtain sensitive information by reading HTTP Cookie headers. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-7208.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| opensuse | leap | 42.1 |
Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via a data: URL that is mishandled during (1) shortcut opening or (2) BOOKMARK intent processing.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-17,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| android | * |
The file-download dialog in Mozilla Firefox before 44.0 on OS X enables a certain button too quickly, which allows remote attackers to conduct clickjacking attacks via a crafted web site that triggers a single-click action in a situation where a double-click action was intended.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| apple | mac_os_x | * |
Mozilla Firefox before 44.0 allows user-assisted remote attackers to spoof a trailing substring in the address bar by leveraging a user's paste of a (1) wyciwyg: URI or (2) resource: URI.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| opensuse | leap | 42.1 |
Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via the scrollTo method.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-17,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 43.0.4 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| android | * | |
| opensuse | leap | 42.1 |
The Buffer11::NativeBuffer11::map function in ANGLE, as used in Mozilla Firefox before 44.0, might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 43.0.4 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| opensuse | leap | 42.1 |
The nsZipArchive function in Mozilla Firefox before 44.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect use of a pointer during processing of a ZIP archive.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 43.0.4 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| opensuse | leap | 42.1 |
The MoofParser::Metadata function in binding/MoofParser.cpp in libstagefright in Mozilla Firefox before 44.0 does not limit the size of read operations, which might allow remote attackers to cause a denial of service (integer overflow and buffer overflow) or possibly have unspecified other impact via crafted metadata.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| opensuse | leap | 42.1 |
Mozilla Firefox 43.x mishandles attempts to connect to the Application Reputation service, which makes it easier for remote attackers to trigger an unintended download by leveraging the absence of reputation data.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-19,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 43.0.3 |
| canonical | ubuntu_linux | 15.10 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 15.04 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 43.0.1 |
| canonical | ubuntu_linux | 14.04 |
| opensuse | leap | 42.1 |
| mozilla | firefox | 43.0 |
| mozilla | firefox | 43.0.4 |
| mozilla | firefox | 43.0.2 |
Mozilla Firefox before 44.0 on Android does not ensure that HTTPS is used for a lightweight-theme installation, which allows man-in-the-middle attackers to replace a theme's images and colors by modifying the client-server data stream.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 43.0.4 |
| android | * |
Mozilla Firefox before 44.0.2 does not properly restrict the interaction between Service Workers and plugins, which allows remote attackers to bypass the Same Origin Policy via a crafted web site that triggers spoofed responses to requests that use NPAPI, as demonstrated by a request for a crossdomain.xml file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | glassfish_server | 2.1.1 |
| oracle | linux | 6 |
| oracle | linux | 7 |
| oracle | iplanet_web_server | 7.0 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | network_security_services | 3.21 |
| mozilla | network_security_services | 3.20 |
| mozilla | firefox_esr | 38.1.0 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| oracle | vm_server | 3.2 |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox_esr | 38.2.1 |
| apple | mac_os_x | * |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| oracle | iplanet_web_proxy_server | 4.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| apple | tvos | * |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| mozilla | network_security_services | 3.20.1 |
| apple | iphone_os | * |
| opensuse | opensuse | 13.1 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| oracle | linux | 5.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | network_security_services | 3.19.2 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.6.1 |
| apple | watchos | * |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
Multiple integer overflows in io/prprf.c in Mozilla Netscape Portable Runtime (NSPR) before 4.12 allow remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long string to a PR_*printf function.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | netscape_portable_runtime | * |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| opensuse | leap | 42.1 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| oracle | linux | 5.0 |
| novell | suse_package_hub_for_suse_linux_enterprise | 12 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to js/src/jit/arm/Assembler-arm.cpp, and unknown other vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| opensuse | leap | 42.1 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| novell | suse_package_hub_for_suse_linux_enterprise | 12 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote attackers to cause a denial of service (data overwrite) or possibly gain privileges by specifying a URL of a local file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| opensuse | leap | 42.1 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| oracle | linux | 5.0 |
| novell | suse_package_hub_for_suse_linux_enterprise | 12 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
Mozilla Firefox before 45.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by reading a Content Security Policy (CSP) violation report that contains path information associated with an IFRAME element.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| novell | suse_package_hub_for_suse_linux_enterprise | 12 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| opensuse | leap | 42.1 |
Mozilla Firefox before 45.0 on Linux, when an Intel video driver is used, allows remote attackers to cause a denial of service (memory consumption or stack memory corruption) by triggering use of a WebGL shader.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| novell | suse_package_hub_for_suse_linux_enterprise | 12 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| opensuse | leap | 42.1 |
Memory leak in libstagefright in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to cause a denial of service (memory consumption) via an MPEG-4 file that triggers a delete operation on an array.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| opensuse | leap | 42.1 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| oracle | linux | 5.0 |
| novell | suse_package_hub_for_suse_linux_enterprise | 12 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
browser/base/content/browser.js in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to spoof the address bar via a javascript: URL.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-254,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| opensuse | opensuse | 13.1 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| oracle | linux | 5.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
The ServiceWorkerManager class in Mozilla Firefox before 45.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via unspecified use of the Clients API.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string parser in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) by leveraging mishandling of end tags, as demonstrated by incorrect SVG processing, aka ZDI-CAN-3545.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| opensuse | leap | 42.1 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| suse | linux_enterprise | 12.0 |
| oracle | linux | 5.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
Use-after-free vulnerability in the nsHTMLDocument::SetBody function in dom/html/nsHTMLDocument.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of a root element, aka ZDI-CAN-3574.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| opensuse | leap | 42.1 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| suse | linux_enterprise | 12.0 |
| oracle | linux | 5.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
Use-after-free vulnerability in the mozilla::DataChannelConnection::Close function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of WebRTC data-channel connections.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| opensuse | opensuse | 13.1 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| oracle | linux | 5.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
The FileReader class in Mozilla Firefox before 45.0 allows local users to gain privileges or cause a denial of service (memory corruption) by changing a file during a FileReader API read operation.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Use-after-free vulnerability in the AtomicBaseIncDec function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging mishandling of XML transformations.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| opensuse | leap | 42.1 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| suse | linux_enterprise | 12.0 |
| oracle | linux | 5.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 mishandle a navigation sequence that returns to the original page, which allows remote attackers to spoof the address bar via vectors involving the history.back method and the location.protocol property.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-254,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| opensuse | opensuse | 13.1 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| oracle | linux | 5.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRuntime.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference and memory corruption) via a crafted NPAPI plugin.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| opensuse | opensuse | 13.1 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| oracle | linux | 5.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
Mozilla Firefox before 45.0 does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that leverages history.back and performance.getEntries calls after restoring a browser session. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-7207.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Integer underflow in Brotli, as used in Mozilla Firefox before 45.0, allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted data with brotli compression.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.6.1, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted Graphite smart font.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox_esr | 38.0.5 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox_esr | 38.1.0 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox_esr | 38.4.0 |
| sil | graphite2 | * |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.5.1 |
| mozilla | firefox | 38.1.1 |
Integer underflow in the srtp_unprotect function in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The I420VideoFrame::CreateFrame function in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows omits an unspecified status check, which might allow remote attackers to cause a denial of service (memory corruption) or possibly have other impact via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Race condition in libvpx in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Race condition in the GetStaticInstance function in the WebRTC implementation in Mozilla Firefox before 45.0 might allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| oracle | linux | 6 |
| oracle | linux | 7 |
| oracle | linux | 5.0 |
The nsScannerString::AppendUnicodeTo function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not verify that memory allocation succeeds, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via crafted Unicode data in an HTML, XML, or SVG document.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| opensuse | leap | 42.1 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| suse | linux_enterprise | 12.0 |
| oracle | linux | 5.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
Multiple race conditions in dom/media/systemservices/CamerasChild.cpp in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| webrtc_project | webrtc | - |
Use-after-free vulnerability in the DesktopDisplayDevice class in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| webrtc_project | webrtc | - |
The Machine::Code::decoder::analysis::set_ref function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a crafted Graphite smart font.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| opensuse | leap | 42.1 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| sil | graphite2 | * |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| suse | linux_enterprise | 12.0 |
| oracle | linux | 5.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
Use-after-free vulnerability in the ssl3_HandleECDHServerKeyExchange function in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact by making an SSL (1) DHE or (2) ECDHE handshake at a time of high memory consumption.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | network_security_services | * |
Use-after-free vulnerability in the PK11_ImportDERPrivateKeyInfoAndReturnKey function in Mozilla Network Security Services (NSS) before 3.21.1, as used in Mozilla Firefox before 45.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted key data with DER encoding.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | network_security_services | * |
The graphite2::TtfUtil::GetTableInfo function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted Graphite smart font.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-19,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| opensuse | leap | 42.1 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| sil | graphite2 | * |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| suse | linux_enterprise | 12.0 |
| oracle | linux | 5.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| opensuse | leap | 42.1 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| sil | graphite2 | * |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| suse | linux_enterprise | 12.0 |
| oracle | linux | 5.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2800.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| opensuse | leap | 42.1 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| sil | graphite2 | * |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| suse | linux_enterprise | 12.0 |
| oracle | linux | 5.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| opensuse | leap | 42.1 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| sil | graphite2 | * |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| suse | linux_enterprise | 12.0 |
| oracle | linux | 5.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| opensuse | leap | 42.1 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| sil | graphite2 | * |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| suse | linux_enterprise | 12.0 |
| oracle | linux | 5.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
The graphite2::FileFace::get_table_fn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted Graphite smart font.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-19,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| opensuse | leap | 42.1 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| sil | graphite2 | * |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| suse | linux_enterprise | 12.0 |
| oracle | linux | 5.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite smart font.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| opensuse | leap | 42.1 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| sil | graphite2 | * |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| suse | linux_enterprise | 12.0 |
| oracle | linux | 5.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
The graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2801.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| opensuse | leap | 42.1 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| sil | graphite2 | * |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| suse | linux_enterprise | 12.0 |
| oracle | linux | 5.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
The graphite2::GlyphCache::Loader::Loader function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| opensuse | leap | 42.1 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| sil | graphite2 | * |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| suse | linux_enterprise | 12.0 |
| oracle | linux | 5.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
Heap-based buffer overflow in the graphite2::Slot::setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite smart font.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| opensuse | leap | 42.1 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| sil | graphite2 | * |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| suse | linux_enterprise | 12.0 |
| oracle | linux | 5.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2792.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| opensuse | leap | 42.1 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| sil | graphite2 | * |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| suse | linux_enterprise | 12.0 |
| oracle | linux | 5.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2797.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| opensuse | leap | 42.1 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| sil | graphite2 | * |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| suse | linux_enterprise | 12.0 |
| oracle | linux | 5.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| opensuse | leap | 42.1 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | firefox | 38.2.0 |
| sil | graphite2 | * |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| suse | linux_enterprise | 12.0 |
| oracle | linux | 5.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
Cross-site scripting (XSS) vulnerability in the dependency graphs in Bugzilla 2.16rc1 through 4.4.11, and 4.5.1 through 5.0.2 allows remote attackers to inject arbitrary web script or HTML.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | 3.4.2 |
| mozilla | bugzilla | 2.2 |
| mozilla | bugzilla | 4.4.2 |
| mozilla | bugzilla | 3.3 |
| mozilla | bugzilla | 3.4.5 |
| mozilla | bugzilla | 4.4.4 |
| mozilla | bugzilla | 3.0.11 |
| mozilla | bugzilla | 2.16.4 |
| mozilla | bugzilla | 3.7 |
| mozilla | bugzilla | 4.2.1 |
| mozilla | bugzilla | 2.18.9 |
| mozilla | bugzilla | 4.1.1 |
| mozilla | bugzilla | 2.21.1 |
| mozilla | bugzilla | 2.16.9 |
| mozilla | bugzilla | 4.3.1 |
| mozilla | bugzilla | 2.16 |
| mozilla | bugzilla | 4.2.8 |
| mozilla | bugzilla | 3.2.8 |
| mozilla | bugzilla | 4.0.8 |
| mozilla | bugzilla | 4.4.1 |
| mozilla | bugzilla | 3.0.4 |
| mozilla | bugzilla | 2.18.2 |
| mozilla | bugzilla | 4.0.3 |
| mozilla | bugzilla | 4.2.10 |
| mozilla | bugzilla | 3.0.10 |
| mozilla | bugzilla | 3.0.3 |
| mozilla | bugzilla | 4.3 |
| mozilla | bugzilla | 3.5 |
| mozilla | bugzilla | 5.0.2 |
| mozilla | bugzilla | 4.1 |
| mozilla | bugzilla | 2.16.3 |
| mozilla | bugzilla | 3.4.3 |
| mozilla | bugzilla | 3.4.13 |
| mozilla | bugzilla | 4.2.12 |
| mozilla | bugzilla | 2.23.3 |
| mozilla | bugzilla | 4.0.15 |
| mozilla | bugzilla | 3.0.8 |
| mozilla | bugzilla | 3.4.12 |
| mozilla | bugzilla | 2.20.2 |
| mozilla | bugzilla | 3.6.7 |
| mozilla | bugzilla | 2.18.4 |
| mozilla | bugzilla | 2.21.2 |
| mozilla | bugzilla | 4.5.5 |
| mozilla | bugzilla | 2.20 |
| mozilla | bugzilla | 2.20.3 |
| mozilla | bugzilla | 4.0.6 |
| mozilla | bugzilla | 2.22.6 |
| mozilla | bugzilla | 4.0.9 |
| mozilla | bugzilla | 4.1.3 |
| mozilla | bugzilla | 2.18.8 |
| mozilla | bugzilla | 4.0.2 |
| mozilla | bugzilla | 4.2.3 |
| mozilla | bugzilla | 3.4 |
| mozilla | bugzilla | 3.5.2 |
| mozilla | bugzilla | 5.0 |
| mozilla | bugzilla | 4.0.17 |
| mozilla | bugzilla | 4.2.14 |
| mozilla | bugzilla | 2.18.6+ |
| mozilla | bugzilla | 4.4.7 |
| mozilla | bugzilla | 3.2 |
| mozilla | bugzilla | 4.0.7 |
| mozilla | bugzilla | 4.2.7 |
| mozilla | bugzilla | 2.17.2 |
| mozilla | bugzilla | 3.2.10 |
| mozilla | bugzilla | 2.17.7 |
| mozilla | bugzilla | 3.4.8 |
| mozilla | bugzilla | 4.2.13 |
| mozilla | bugzilla | 2.22.2 |
| mozilla | bugzilla | 3.6.5 |
| mozilla | bugzilla | 3.6.13 |
| mozilla | bugzilla | 2.19 |
| mozilla | bugzilla | 2.6 |
| mozilla | bugzilla | 2.16.2 |
| mozilla | bugzilla | 4.2.5 |
| mozilla | bugzilla | 2.22.3 |
| mozilla | bugzilla | 4.2.9 |
| mozilla | bugzilla | 3.1.1 |
| mozilla | bugzilla | 3.4.4 |
| mozilla | bugzilla | 4.4.3 |
| mozilla | bugzilla | 4.4.11 |
| mozilla | bugzilla | 2.16.7 |
| mozilla | bugzilla | 2.20.4 |
| mozilla | bugzilla | 4.3.3 |
| mozilla | bugzilla | 4.2.2 |
| mozilla | bugzilla | 3.3.4 |
| mozilla | bugzilla | 2.17.5 |
| mozilla | bugzilla | 3.2.6 |
| mozilla | bugzilla | 2.16.8 |
| mozilla | bugzilla | 3.4.9 |
| mozilla | bugzilla | 4.0 |
| mozilla | bugzilla | 2.18.7 |
| mozilla | bugzilla | 4.2.4 |
| mozilla | bugzilla | 3.0.0 |
| mozilla | bugzilla | 3.4.1 |
| mozilla | bugzilla | 3.6.2 |
| mozilla | bugzilla | 2.23.4 |
| mozilla | bugzilla | 4.2.15 |
| mozilla | bugzilla | 4.3.2 |
| mozilla | bugzilla | 3.2.9 |
| mozilla | bugzilla | 3.6.10 |
| mozilla | bugzilla | 3.1.3 |
| mozilla | bugzilla | 4.0.14 |
| mozilla | bugzilla | 3.6.8 |
| mozilla | bugzilla | 3.4.14 |
| mozilla | bugzilla | 2.18.1 |
| mozilla | bugzilla | 3.6.1 |
| mozilla | bugzilla | 2.17 |
| mozilla | bugzilla | 3.0.9 |
| mozilla | bugzilla | 2.18.3 |
| mozilla | bugzilla | 2.22.4 |
| mozilla | bugzilla | 4.4.5 |
| mozilla | bugzilla | 4.5.4 |
| mozilla | bugzilla | 3.6.9 |
| mozilla | bugzilla | 3.4.10 |
| mozilla | bugzilla | 3.7.2 |
| mozilla | bugzilla | 4.5.6 |
| mozilla | bugzilla | 2.16.6 |
| mozilla | bugzilla | 3.0.1 |
| mozilla | bugzilla | 2.19.1 |
| mozilla | bugzilla | 3.6.3 |
| mozilla | bugzilla | 4.1.2 |
| mozilla | bugzilla | 3.2.4 |
| mozilla | bugzilla | 3.2.1 |
| mozilla | bugzilla | 4.4 |
| mozilla | bugzilla | 2.22.1 |
| mozilla | bugzilla | 3.0.5 |
| mozilla | bugzilla | 2.16.10 |
| mozilla | bugzilla | 2.18.5 |
| mozilla | bugzilla | 2.16.1 |
| mozilla | bugzilla | 2.19.3 |
| mozilla | bugzilla | 3.0 |
| mozilla | bugzilla | 4.2.6 |
| mozilla | bugzilla | 4.0.16 |
| mozilla | bugzilla | 3.5.3 |
| mozilla | bugzilla | 3.3.3 |
| mozilla | bugzilla | 2.19.2 |
| mozilla | bugzilla | 4.0.13 |
| mozilla | bugzilla | 2.9 |
| mozilla | bugzilla | 3.4.11 |
| mozilla | bugzilla | 2.23.1 |
| mozilla | bugzilla | 4.4.6 |
| mozilla | bugzilla | 2.23.2 |
| mozilla | bugzilla | 2.18.6 |
| mozilla | bugzilla | 4.5.1 |
| mozilla | bugzilla | 4.5.2 |
| mozilla | bugzilla | 2.18 |
| mozilla | bugzilla | 3.0.2 |
| mozilla | bugzilla | 2.17.1 |
| mozilla | bugzilla | 2.20.7 |
| mozilla | bugzilla | 3.6.4 |
| mozilla | bugzilla | 2.17.6 |
| mozilla | bugzilla | 4.0.12 |
| mozilla | bugzilla | 2.20.6 |
| mozilla | bugzilla | 4.0.10 |
| mozilla | bugzilla | 3.2.2 |
| mozilla | bugzilla | 3.0.7 |
| mozilla | bugzilla | 3.2.5 |
| mozilla | bugzilla | 3.1.0 |
| mozilla | bugzilla | 3.2.7 |
| mozilla | bugzilla | 2.16.11 |
| mozilla | bugzilla | 3.4.7 |
| mozilla | bugzilla | 3.6.0 |
| mozilla | bugzilla | 3.6.11 |
| mozilla | bugzilla | 3.6.6 |
| mozilla | bugzilla | 4.0.11 |
| mozilla | bugzilla | 4.4.9 |
| mozilla | bugzilla | 2.22.5 |
| mozilla | bugzilla | 3.6 |
| mozilla | bugzilla | 3.1.4 |
| mozilla | bugzilla | 2.23 |
| mozilla | bugzilla | 3.3.2 |
| mozilla | bugzilla | 2.16.5 |
| mozilla | bugzilla | 3.7.3 |
| mozilla | bugzilla | 2.17.4 |
| mozilla | bugzilla | 4.0.5 |
| mozilla | bugzilla | 3.7.1 |
| mozilla | bugzilla | 4.0.4 |
| mozilla | bugzilla | 4.5.3 |
| mozilla | bugzilla | 3.1.2 |
| mozilla | bugzilla | 2.16_rc2 |
| mozilla | bugzilla | 3.5.1 |
| mozilla | bugzilla | 2.22 |
| mozilla | bugzilla | 2.20.5 |
| mozilla | bugzilla | 3.4.6 |
| mozilla | bugzilla | 4.0.18 |
| mozilla | bugzilla | 2.8 |
| mozilla | bugzilla | 3.0.6 |
| mozilla | bugzilla | 2.21 |
| mozilla | bugzilla | 4.2.11 |
| mozilla | bugzilla | 2.4 |
| mozilla | bugzilla | 5.0.1 |
| mozilla | bugzilla | 2.17.3 |
| mozilla | bugzilla | 3.0_rc1 |
| mozilla | bugzilla | 4.4.8 |
| mozilla | bugzilla | 4.0.1 |
| mozilla | bugzilla | 3.6.12 |
| mozilla | bugzilla | 4.2 |
| mozilla | bugzilla | 2.20.1 |
| mozilla | bugzilla | 3.3.1 |
| mozilla | bugzilla | 3.2.3 |
| mozilla | bugzilla | 2.22.7 |
| mozilla | bugzilla | 4.4.10 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | firefox | 38.7.1 |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.5.2 |
| mozilla | firefox | 38.7.0 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
Unspecified vulnerability in the browser engine in Mozilla Firefox ESR 38.x before 38.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | 38.7.1 |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.7.0 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox | 45.0.1 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| debian | debian_linux | 8.0 |
| suse | linux_enterprise | 12.0 |
| opensuse | leap | 42.1 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| opensuse | leap | 42.1 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | firefox | 38.7.1 |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| suse | linux_enterprise | 12.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.7.0 |
| mozilla | firefox | 45.0.1 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
The watch implementation in the JavaScript engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code or cause a denial of service (generation-count overflow, out-of-bounds HashMap write access, and application crash) via a crafted web site.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | firefox | 38.7.1 |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.7.0 |
| mozilla | firefox | 45.0.1 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
The Mozilla Maintenance Service updater in Mozilla Firefox before 46.0 on Windows allows user-assisted remote attackers to delete arbitrary files by leveraging certain local file execution.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla Firefox before 46.0 on Android before 5.0 allows attackers to bypass intended Signature access requirements via a crafted application that leverages content-provider permissions, as demonstrated by reading the browser history or a saved password.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Use-after-free vulnerability in the ServiceWorkerInfo class in the Service Worker subsystem in Mozilla Firefox before 46.0 allows remote attackers to execute arbitrary code via vectors related to the BeginReading method.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Race condition in the get implementation in the ServiceWorkerManager class in the Service Worker subsystem in Mozilla Firefox before 46.0 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted web site.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla Firefox before 46.0 on Android does not properly restrict JavaScript access to orientation and motion data, which allows remote attackers to obtain sensitive information about a device's physical environment, and possibly discover PIN values, via a crafted web site, a similar issue to CVE-2016-1780.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Heap-based buffer overflow in the stagefright::SampleTable::parseSampleCencInfo function in libstagefright in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code via crafted CENC offsets that lead to mismanagement of the sizes table.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | 38.0 |
| mozilla | firefox | 38.0.1 |
| mozilla | firefox | 38.0.5 |
| mozilla | firefox_esr | 38.1.0 |
| mozilla | firefox_esr | 38.3.0 |
| mozilla | firefox | * |
| mozilla | firefox | 38.7.1 |
| mozilla | firefox | 38.2.0 |
| mozilla | firefox_esr | 38.2.1 |
| mozilla | firefox_esr | 38.1.1 |
| mozilla | firefox_esr | 38.2.0 |
| mozilla | firefox | 38.1.0 |
| mozilla | firefox_esr | 38.0.1 |
| mozilla | firefox | 38.1.1 |
| mozilla | firefox | 38.6.0 |
| mozilla | firefox | 38.5.0 |
| mozilla | firefox_esr | 38.0.5 |
| mozilla | firefox | 38.2.1 |
| mozilla | firefox | 38.0 |
| mozilla | firefox_esr | 38.4.0 |
| mozilla | firefox | 38.3.0 |
| mozilla | firefox | 38.7.0 |
| mozilla | firefox | 45.0.1 |
| mozilla | firefox | 38.6.1 |
| mozilla | firefox | 38.4.0 |
| mozilla | firefox | 38.5.1 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| novell | suse_linux_enterprise_desktop | 12.0 |
| canonical | ubuntu_linux | 15.10 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox_esr | * |
| novell | suse_linux_enterprise_software_development_kit | 12.0 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| canonical | ubuntu_linux | 14.04 |
| opensuse | leap | 42.1 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| novell | suse_linux_enterprise_server | 12.0 |
Mozilla Firefox before 46.0 allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via the multipart/x-mixed-replace content type.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The WebExtension sandbox feature in browser/components/extensions/ext-tabs.js in Mozilla Firefox before 46.0 does not properly restrict principal inheritance during chrome.tabs.create and chrome.tabs.update API calls, which allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted extension that accesses a (1) javascript: or (2) data: URL.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 15.10 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox | 45.1.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.2 |
| redhat | enterprise_linux_for_scientific_computing | 6.0 |
| redhat | enterprise_linux_for_power_little_endian_eus | 7.2 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_for_power_big_endian | 7.0 |
| opensuse | leap | 42.1 |
| mozilla | firefox | 45.1.1 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_for_ibm_z_systems | 5.0 |
| mozilla | firefox_esr | 45.1.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_for_power_big_endian | 5.0 |
| redhat | enterprise_linux_for_ibm_z_systems | 6.0 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_desktop | 6.0 |
| novell | suse_linux_enterprise_desktop | 12.0 |
| redhat | enterprise_linux_for_power_little_endian | 7.0 |
| redhat | enterprise_linux_for_power_big_endian | 6.0 |
| redhat | enterprise_linux_for_power_big_endian_eus | 7.2 |
| novell | suse_linux_enterprise_software_development_kit | 12.0 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.2 |
| novell | suse_linux_enterprise_server | 12.0 |
| redhat | enterprise_linux_for_ibm_z_systems_eus | 7.2 |
| novell | suse_package_hub_for_suse_linux_enterprise | 12 |
| redhat | enterprise_linux_for_ibm_z_systems | 7.0 |
| mozilla | firefox_esr | 45.1.1 |
| debian | debian_linux | 8.0 |
Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via foreign-context HTML5 fragments, as demonstrated by fragments within an SVG element.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 15.10 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox | 45.1.0 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| canonical | ubuntu_linux | 14.04 |
| opensuse | leap | 42.1 |
| mozilla | firefox | 45.1.1 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | firefox_esr | 45.1.0 |
| debian | debian_linux | 8.0 |
The Firefox Health Reports (aka FHR or about:healthreport) feature in Mozilla Firefox before 46.0 does not properly restrict the origin of events, which makes it easier for remote attackers to modify sharing preferences by leveraging access to the remote-report IFRAME element.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Use-after-free vulnerability in the mozilla::dom::Element class in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2, when contenteditable mode is enabled, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by triggering deletion of DOM elements that were created in the editor.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 15.10 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox | 45.1.0 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| canonical | ubuntu_linux | 14.04 |
| opensuse | leap | 42.1 |
| mozilla | firefox | 45.1.1 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | firefox_esr | 45.1.0 |
| debian | debian_linux | 8.0 |
Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to spoof the address bar via a SELECT element with a persistent menu.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 15.10 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox | 45.1.0 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| canonical | ubuntu_linux | 14.04 |
| opensuse | leap | 42.1 |
| mozilla | firefox | 45.1.1 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | firefox_esr | 45.1.0 |
| debian | debian_linux | 8.0 |
The TSymbolTableLevel class in ANGLE, as used in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 on Windows, allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact by triggering use of a WebGL shader that writes to an array.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 45.1.1 |
| mozilla | firefox | * |
| mozilla | firefox | 45.1.0 |
| mozilla | firefox_esr | 45.1.0 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| opensuse | leap | 42.1 |
Mozilla Firefox before 47.0 allows remote attackers to bypass the Same Origin Policy and modify the location.host property via an invalid data: URL.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 15.10 |
| canonical | ubuntu_linux | 12.04 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| canonical | ubuntu_linux | 14.04 |
| opensuse | leap | 42.1 |
The maintenance service in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 on Windows does not prevent MAR extracted-file modification during updater execution, which might allow local users to gain privileges via a Trojan horse file.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 45.1.1 |
| mozilla | firefox | * |
| mozilla | firefox | 45.1.0 |
| mozilla | firefox_esr | 45.1.0 |
The mozilla::net::IsValidReferrerPolicy function in Mozilla Firefox before 49.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a Content Security Policy (CSP) referrer directive with zero values.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Use-after-free vulnerability in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via WebGL content that triggers texture access after destruction of the texture's recycle pool.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 15.10 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox | 45.1.0 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| canonical | ubuntu_linux | 14.04 |
| opensuse | leap | 42.1 |
| mozilla | firefox | 45.1.1 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | firefox_esr | 45.1.0 |
| debian | debian_linux | 8.0 |
Mozilla Firefox before 47.0 allows remote attackers to spoof permission notifications via a crafted web site that rapidly triggers permission requests, as demonstrated by the microphone permission or the geolocation permission.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 15.10 |
| canonical | ubuntu_linux | 12.04 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| canonical | ubuntu_linux | 14.04 |
| opensuse | leap | 42.1 |
Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 preserve the network connection used for favicon resource retrieval after the associated browser window is closed, which makes it easier for remote web servers to track users by observing network traffic from multiple IP addresses.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 45.1.1 |
| mozilla | firefox | * |
| mozilla | firefox | 45.1.0 |
| mozilla | firefox_esr | 45.1.0 |
| mozilla | firefox | 45.2.0 |
| mozilla | firefox | 45.3.0 |
Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not ensure that the user approves the fullscreen and pointerlock settings, which allows remote attackers to cause a denial of service (UI outage), or conduct clickjacking or spoofing attacks, via a crafted web site.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-254,CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 15.10 |
| canonical | ubuntu_linux | 12.04 |
| mozilla | firefox | 45.1.0 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| canonical | ubuntu_linux | 14.04 |
| opensuse | leap | 42.1 |
| mozilla | firefox | 45.1.1 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | firefox_esr | 45.1.0 |
| debian | debian_linux | 8.0 |
Mozilla Firefox before 47.0 allows remote attackers to discover the list of disabled plugins via a fingerprinting attack involving Cascading Style Sheets (CSS) pseudo-classes.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 15.10 |
| canonical | ubuntu_linux | 12.04 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| canonical | ubuntu_linux | 14.04 |
| opensuse | leap | 42.1 |
Mozilla Firefox before 47.0 ignores Content Security Policy (CSP) directives for cross-domain Java applets, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted applet.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,CWE-254,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 15.10 |
| canonical | ubuntu_linux | 12.04 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| canonical | ubuntu_linux | 14.04 |
| opensuse | leap | 42.1 |
Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| novell | suse_linux_enterprise_desktop | 12.0 |
| canonical | ubuntu_linux | 15.10 |
| canonical | ubuntu_linux | 12.04 |
| novell | suse_linux_enterprise_software_development_kit | 12.0 |
| opensuse | opensuse | 13.1 |
| opensuse | opensuse | 13.2 |
| mozilla | network_security_services | * |
| canonical | ubuntu_linux | 14.04 |
| opensuse | leap | 42.1 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| novell | suse_linux_enterprise_server | 12.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 48.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to Http2Session::Shutdown and SpdySession31::Shutdown, and other vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 45.1.1 |
| mozilla | firefox | * |
| mozilla | firefox | 45.1.0 |
| mozilla | firefox_esr | 45.1.0 |
| mozilla | firefox | 45.2.0 |
| mozilla | firefox | 45.3.0 |
Heap-based buffer overflow in the ClearKey Content Decryption Module (CDM) in the Encrypted Media Extensions (EME) API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media Plugin (GMP) sandbox bypass.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 45.1.1 |
| mozilla | firefox | * |
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox | 45.1.0 |
| mozilla | firefox_esr | 45.1.0 |
| mozilla | firefox | 45.2.0 |
| mozilla | firefox | 45.3.0 |
| oracle | linux | 5.0 |
Heap-based buffer overflow in the nsBidi::BracketData::AddOpening function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via directional content in an SVG document.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 45.1.1 |
| mozilla | firefox | * |
| mozilla | firefox | 45.1.0 |
| mozilla | firefox_esr | 45.1.0 |
| mozilla | firefox | 45.2.0 |
| mozilla | firefox | 45.3.0 |
Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 on Linux make cairo _cairo_surface_get_extents calls that do not properly interact with libav header allocation in FFmpeg 0.10, which allows remote attackers to cause a denial of service (application crash) via a crafted video.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 45.1.1 |
| mozilla | firefox | * |
| mozilla | firefox | 45.1.0 |
| mozilla | firefox_esr | 45.1.0 |
| mozilla | firefox | 45.2.0 |
| mozilla | firefox | 45.3.0 |
Mozilla Firefox before 48.0, Firefox ESR < 45.4 and Thunderbird < 45.4 allow remote attackers to obtain sensitive information about the previously retrieved page via Resource Timing API calls.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla Firefox before 48.0 allows remote attackers to spoof the location bar via crafted characters in the media type of a data: URL.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Stack-based buffer underflow in the mozilla::gfx::BasePoint4d function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via crafted two-dimensional graphics data that is mishandled during clipping-region calculations.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 45.1.1 |
| mozilla | firefox | * |
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox | 45.1.0 |
| mozilla | firefox_esr | 45.1.0 |
| mozilla | firefox | 45.2.0 |
| mozilla | firefox | 45.3.0 |
| oracle | linux | 5.0 |
The Updater in Mozilla Firefox before 48.0 on Windows allows local users to write to arbitrary files via vectors involving the callback application-path parameter and a hard link.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Use-after-free vulnerability in the nsXULPopupManager::KeyDown function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by leveraging keyboard access to use the Alt key during selection of top-level menu items.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 45.1.1 |
| mozilla | firefox | * |
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox | 45.1.0 |
| mozilla | firefox_esr | 45.1.0 |
| mozilla | firefox | 45.2.0 |
| mozilla | firefox | 45.3.0 |
| oracle | linux | 5.0 |
Use-after-free vulnerability in the js::PreliminaryObjectArray::sweep function in Mozilla Firefox before 48.0 allows remote attackers to execute arbitrary code via crafted JavaScript that is mishandled during incremental garbage collection.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4 and Thunderbird < 45.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 45.1.1 |
| mozilla | firefox | * |
| mozilla | firefox | 45.1.0 |
| mozilla | firefox_esr | 45.1.0 |
| mozilla | firefox | 45.2.0 |
| mozilla | firefox | 45.3.0 |
Use-after-free vulnerability in the WebRTC socket thread in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code by leveraging incorrect free operations on DTLS objects during the shutdown of a WebRTC session.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 45.1.1 |
| mozilla | firefox | * |
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox | 45.1.0 |
| mozilla | firefox_esr | 45.1.0 |
| mozilla | firefox | 45.2.0 |
| mozilla | firefox | 45.3.0 |
| oracle | linux | 5.0 |
Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via a script that closes its own Service Worker within a nested sync event loop.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 45.1.1 |
| mozilla | firefox | * |
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox | 45.1.0 |
| mozilla | firefox_esr | 45.1.0 |
| mozilla | firefox | 45.2.0 |
| mozilla | firefox | 45.3.0 |
| oracle | linux | 5.0 |
Mozilla Firefox before 48.0 mishandles changes from 'INPUT type="password"' to 'INPUT type="text"' within a single Session Manager session, which might allow attackers to discover cleartext passwords by reading a session restoration file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mozilla Firefox before 48.0 and Firefox ESR < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted packets that trigger incorrect buffer-resize operations during buffering.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 process JavaScript event-handler attributes of a MARQUEE element within a sandboxed IFRAME element that lacks the sandbox="allow-scripts" attribute value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 45.1.1 |
| mozilla | firefox | * |
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox | 45.1.0 |
| mozilla | firefox_esr | 45.1.0 |
| mozilla | firefox | 45.2.0 |
| mozilla | firefox | 45.3.0 |
| oracle | linux | 5.0 |
The nsDisplayList::HitTest function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 mishandles rendering display transformation, which allows remote attackers to execute arbitrary code via a crafted web site that leverages "type confusion."
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-704,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 45.1.1 |
| mozilla | firefox | * |
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox | 45.1.0 |
| mozilla | firefox_esr | 45.1.0 |
| mozilla | firefox | 45.2.0 |
| mozilla | firefox | 45.3.0 |
| oracle | linux | 5.0 |
Use-after-free vulnerability in the nsNodeUtils::NativeAnonymousChildListChange function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG element that is mishandled during effect application.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 45.1.1 |
| mozilla | firefox | * |
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox | 45.1.0 |
| mozilla | firefox_esr | 45.1.0 |
| mozilla | firefox | 45.2.0 |
| mozilla | firefox | 45.3.0 |
| oracle | linux | 5.0 |
Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow user-assisted remote attackers to bypass the Same Origin Policy, and conduct Universal XSS (UXSS) attacks or read arbitrary files, by arranging for the presence of a crafted HTML document and a crafted shortcut file in the same local directory.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 45.1.1 |
| mozilla | firefox | * |
| oracle | linux | 6 |
| oracle | linux | 7 |
| mozilla | firefox | 45.1.0 |
| mozilla | firefox_esr | 45.1.0 |
| mozilla | firefox | 45.2.0 |
| mozilla | firefox | 45.3.0 |
| oracle | linux | 5.0 |
Mozilla Firefox before 48.0 does not properly restrict drag-and-drop (aka dataTransfer) actions for file: URIs, which allows user-assisted remote attackers to access local files via a crafted web site.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla Firefox before 48.0 on Android allows remote attackers to spoof the address bar via left-to-right characters in conjunction with a right-to-left character set.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla Firefox before 48.0 does not properly set the LINKABLE and URI_SAFE_FOR_UNTRUSTED_CONTENT flags of about: URLs that are used for error pages, which makes it easier for remote attackers to conduct spoofing attacks via a crafted URL, as demonstrated by misleading text after an about:neterror?d= substring.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-254,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Heap-based buffer overflow in the nsCaseTransformTextRunFactory::TransformString function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to cause a denial of service (boolean out-of-bounds write) or possibly have unspecified other impact via Unicode characters that are mishandled during text conversion.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 45.1.1 |
| mozilla | firefox | * |
| mozilla | firefox | 45.1.0 |
| mozilla | firefox_esr | 45.1.0 |
| mozilla | firefox | 45.2.0 |
| mozilla | firefox | 45.3.0 |
The PropertyProvider::GetSpacingInternal function in Mozilla Firefox before 49.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via text runs in conjunction with a "display: contents" Cascading Style Sheets (CSS) property.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The nsImageGeometryMixin class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 does not properly perform a cast of an unspecified variable during handling of INPUT elements, which allows remote attackers to execute arbitrary code via a crafted web site.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 45.1.1 |
| mozilla | firefox | * |
| mozilla | firefox | 45.1.0 |
| mozilla | firefox_esr | 45.1.0 |
| mozilla | firefox | 45.2.0 |
| mozilla | firefox | 45.3.0 |
The mozilla::a11y::HyperTextAccessible::GetChildOffset function in the accessibility implementation in Mozilla Firefox before 49.0 allows remote attackers to execute arbitrary code via a crafted web site.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between restyling and the Web Animations model implementation.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 45.1.1 |
| mozilla | firefox | * |
| mozilla | firefox | 45.1.0 |
| mozilla | firefox_esr | 45.1.0 |
| mozilla | firefox | 45.2.0 |
| mozilla | firefox | 45.3.0 |
Buffer overflow in the mozilla::gfx::FilterSupport::ComputeSourceNeededRegions function in Mozilla Firefox before 49.0 allows remote attackers to execute arbitrary code by leveraging improper interaction between empty filters and CANVAS element rendering.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Use-after-free vulnerability in the mozilla::a11y::DocAccessible::ProcessInvalidationList function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an aria-owns attribute.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 45.1.1 |
| mozilla | firefox | * |
| mozilla | firefox | 45.1.0 |
| mozilla | firefox_esr | 45.1.0 |
| mozilla | firefox | 45.2.0 |
| mozilla | firefox | 45.3.0 |
Use-after-free vulnerability in the nsRefreshDriver::Tick function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging improper interaction between timeline destruction and the Web Animations model implementation.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 45.1.1 |
| mozilla | firefox | * |
| mozilla | firefox | 45.1.0 |
| mozilla | firefox_esr | 45.1.0 |
| mozilla | firefox | 45.2.0 |
| mozilla | firefox | 45.3.0 |
Heap-based buffer overflow in the nsBMPEncoder::AddImageFrame function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code via a crafted image data that is mishandled during the encoding of an image frame to an image.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 45.1.1 |
| mozilla | firefox | * |
| mozilla | firefox | 45.1.0 |
| mozilla | firefox_esr | 45.1.0 |
| mozilla | firefox | 45.2.0 |
| mozilla | firefox | 45.3.0 |
Mozilla Firefox before 49.0 allows user-assisted remote attackers to obtain sensitive full-pathname information during a local-file drag-and-drop operation via crafted JavaScript code.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Use-after-free vulnerability in the mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code via bidirectional text.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 45.1.1 |
| mozilla | firefox | 45.0 |
| mozilla | firefox | 45.0.2 |
| mozilla | firefox | * |
| mozilla | firefox | 45.0.1 |
| mozilla | firefox | 45.2.0 |
| mozilla | firefox | 45.3.0 |
Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between JavaScript code and an SVG document.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 45.1.1 |
| mozilla | firefox | 45.0 |
| mozilla | firefox | 45.0.2 |
| mozilla | firefox | * |
| mozilla | firefox | 45.0.1 |
| mozilla | firefox | 45.2.0 |
| mozilla | firefox | 45.3.0 |
Mozilla Firefox before 49.0 does not properly restrict the scheme in favicon requests, which might allow remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by a jar: URL for a favicon resource.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla Firefox before 49.0 allows remote attackers to bypass the Same Origin Policy via a crafted fragment identifier in the SRC attribute of an IFRAME element, leading to insufficient restrictions on link-color information after a document is resized.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for addons.mozilla.org signed by an arbitrary built-in Certification Authority.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 45.1.1 |
| mozilla | firefox | 45.0 |
| mozilla | firefox | 45.0.2 |
| mozilla | firefox | * |
| mozilla | firefox | 45.0.1 |
| mozilla | firefox | 45.2.0 |
| mozilla | firefox | 45.3.0 |
A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-476,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| avaya | breeze_platform | * |
| redhat | enterprise_linux | 6.0 |
| avaya | meeting_exchange | 6.2 |
| avaya | ip_office | 9.1 |
| avaya | cs1000e/cs1000m_signaling_server_firmware | * |
| avaya | aura_session_manager | * |
| avaya | aura_conferencing | 7.0 |
| avaya | aura_conferencing | 7.2 |
| debian | debian_linux | 10.0 |
| avaya | aura_communication_manager | 7.0 |
| avaya | call_management_system | * |
| avaya | call_management_system | 17.0 |
| avaya | one-x_client_enablement_services | 6.2 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| avaya | aura_application_enablement_services | 7.0 |
| avaya | message_networking | * |
| suse | linux_enterprise_server | 11 |
| avaya | aura_experience_portal | * |
| avaya | aura_communication_manager_messagint | 7.0 |
| avaya | aura_system_platform_firmware | * |
| avaya | cs1000e_firmware | * |
| avaya | aura_session_manager | 7.0.1 |
| avaya | aura_messaging | 6.3 |
| avaya | aura_application_server_5300 | 3.0 |
| avaya | session_border_controller_for_enterprise_firmware | * |
| redhat | enterprise_linux | 5.0 |
| avaya | aura_messaging | 6.3.3 |
| avaya | aura_application_enablement_services | * |
| avaya | aura_system_manager | * |
| avaya | cs1000m_firmware | * |
| avaya | proactive_contact | * |
| avaya | ip_office | 8.1 |
| avaya | aura_conferencing | 8.0 |
| avaya | aura_communication_manager | * |
| avaya | aura_utility_services | * |
| avaya | ip_office | 10.0 |
| debian | debian_linux | 8.0 |
| mozilla | nss | * |
| avaya | iq | 5.2.x |
| avaya | aura_session_manager | 7.0 |
A potentially exploitable use-after-free crash during actor destruction with service workers. This issue does not affect releases earlier than Firefox 49. This vulnerability affects Firefox < 49.0.2.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Web content could access information in the HTTP cache if e10s is disabled. This can reveal some visited URLs and the contents of those pages. This issue affects Firefox 48 and 49. This vulnerability affects Firefox < 49.0.2.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Memory safety bugs were reported in Firefox 49. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 50.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Memory safety bugs were reported in Firefox 49 and Firefox ESR 45.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 8.0 |
A same-origin policy bypass with local shortcut files to load arbitrary local content from disk. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 8.0 |
During URL parsing, a maliciously crafted URL can cause a potentially exploitable crash. This vulnerability affects Firefox < 50.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When the Mozilla Updater is run, if the Updater's log file in the working directory points to a hardlink, data can be appended to an arbitrary local file. This vulnerability requires local system access. Note: this issue only affects Windows operating systems. This vulnerability affects Firefox ESR < 45.5 and Firefox < 50.
CVSS 2.0
Severity: LOW
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 8.0 |
The Mozilla Updater can be made to choose an arbitrary target working directory for output files resulting from the update process. This vulnerability requires local system access. Note: this issue only affects Windows operating systems. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
CVSS 2.0
Severity: LOW
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
This vulnerability allows an attacker to use the Mozilla Maintenance Service to escalate privilege by having the Maintenance Service invoke the Mozilla Updater to run malicious local files. This vulnerability requires local system access and is a variant of MFSA2013-44. Note: this issue only affects Windows operating systems. This vulnerability affects Firefox < 50.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 8.0 |
An error in argument length checking in JavaScript, leading to potential integer overflows or other bounds checking issues. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 8.0 |
A mechanism where disruption of the loading of a new web page can cause the previous page's favicon and SSL indicator to not be reset when the new page is loaded. Note: this issue only affects Firefox for Android. Desktop Firefox is unaffected. This vulnerability affects Firefox < 50.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A previously installed malicious Android application with same signature-level permissions as Firefox can intercept AuthTokens meant for Firefox only. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox < 50.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-275,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| microsoft | edge | - |
| microsoft | internet_explorer | - |
| apple | safari | * |
| chrome | - | |
| opera | opera | - |
The HTTP/2 protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| microsoft | edge | - |
| microsoft | internet_explorer | - |
| apple | safari | * |
| chrome | - | |
| opera | opera_browser | - |
It was found that Diffie Hellman Client key exchange handling in NSS 3.21.x was vulnerable to small subgroup confinement attack. An attacker could use this flaw to recover private keys by confining the client DH key to small subgroup of the desired group.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-358,CWE-320,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| mozilla | network_security_services | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_tus | 7.3 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A previously installed malicious Android application which defines a specific signature-level permissions used by Firefox can access API keys meant for Firefox only. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox < 50.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-275,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Private browsing mode leaves metadata information, such as URLs, for sites visited in "browser.db" and "browser.db-wal" files within the Firefox profile after the mode is exited. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox < 50.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
An integer overflow during the parsing of XML using the Expat library. This vulnerability affects Firefox < 50.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| python | python | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| debian | debian_linux | 10.0 |
Add-on updates failed to verify that the add-on ID inside the signed package matched the ID of the add-on being updated. An attacker who could perform a man-in-the-middle attack on the user's connection to the update server and defeat the certificate pinning protection could provide a malicious signed add-on instead of a valid update. This vulnerability affects Firefox ESR < 45.5 and Firefox < 50.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-295,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
The location bar in Firefox for Android can be spoofed by forcing a user into fullscreen mode, blocking its exiting, and creating of a fake location bar without any user notification. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox < 50.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A buffer overflow resulting in a potentially exploitable crash due to memory allocation issues when handling large amounts of incoming data. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 8.0 |
Two use-after-free errors during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox < 50.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A use-after-free during web animations when working with timelines resulting in a potentially exploitable crash. This vulnerability affects Firefox < 50.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A use-after-free in nsINode::ReplaceOrInsertBefore during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox < 50.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A maliciously crafted page loaded to the sidebar through a bookmark can reference a privileged chrome window and engage in limited JavaScript operations violating cross-origin protections. This vulnerability affects Firefox < 50.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Content Security Policy combined with HTTP to HTTPS redirection can be used by malicious server to verify whether a known site is within a user's browser history. This vulnerability affects Firefox < 50.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-254,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When a new Firefox profile is created on 64-bit Windows installations, the sandbox for 64-bit NPAPI plugins is not enabled by default. Note: This issue only affects 64-bit Windows. 32-bit Windows and other operating systems are unaffected. This vulnerability affects Firefox < 50.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-254,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
WebExtensions can bypass security checks to load privileged URLs and potentially escape the WebExtension sandbox. This vulnerability affects Firefox < 50.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
An existing mitigation of timing side-channel attacks is insufficient in some circumstances. This issue is addressed in Network Security Services (NSS) 3.26.1. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 8.0 |
An issue where WebExtensions can use the mozAddonManager API to elevate privilege due to privileged pages being allowed in the permissions list. This allows a malicious extension to then install additional extensions without explicit user permission. This vulnerability affects Firefox < 50.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
An issue where a "<select>" dropdown menu can be used to cover location bar content, resulting in potential spoofing attacks. This attack requires e10s to be enabled in order to function. This vulnerability affects Firefox < 50.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Canvas allows the use of the "feDisplacementMap" filter on images loaded cross-origin. The rendering by the filter is variable depending on the input pixel, allowing for timing attacks when the images are loaded from third party locations. This vulnerability affects Firefox < 50.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Redirection from an HTTP connection to a "data:" URL assigns the referring site's origin to the "data:" URL in some circumstances. This can result in same-origin violations against a domain if it loads resources from malicious sites. Cross-origin setting of cookies has been demonstrated without the ability to read them. Note: This issue only affects Firefox 49 and 50. This vulnerability affects Firefox < 50.0.1.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-601,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 50.0 |
| mozilla | firefox | 49.0 |
A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox < 50.0.2, Firefox ESR < 45.5.1, and Thunderbird < 45.5.1.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| torproject | tor | - |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
Memory safety bugs were reported in Firefox 50.0.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 50.1.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
nss before version 3.30 is vulnerable to a remote denial of service during the session handshake when using SessionTicket extension and ECDHE-ECDSA.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-325,CWE-384,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | network_security_services | * |
Memory safety bugs were reported in Thunderbird 45.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A buffer overflow in SkiaGl caused when a GrGLBuffer is truncated during allocation. Later writers will overflow the buffer, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 50.1.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Event handlers on "marquee" elements were executed despite a strict Content Security Policy (CSP) that disallowed inline JavaScript. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-254,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
Use-after-free while manipulating the "navigator" object within WebVR. Note: WebVR is not currently enabled by default. This vulnerability affects Firefox < 50.1.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Memory corruption resulting in a potentially exploitable crash during WebGL functions using a vector constructor with a varying array within libGLES. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| mozilla | firefox_esr | * |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server | 6.0 |
Use-after-free resulting in potentially exploitable crash when manipulating DOM subtrees in the Editor. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
Use-after-free while manipulating DOM events and removing audio elements due to errors in the handling of node adoption. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
External resources that should be blocked when loaded by SVG images can bypass security restrictions through the use of "data:" URLs. This could allow for cross-domain data leakage. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-254,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
HTML tags received from the Pocket server will be processed without sanitization and any JavaScript code executed will be run in the "about:pocket-saved" (unprivileged) page, giving it access to Pocket's messaging API through HTML injection. This vulnerability affects Firefox ESR < 45.6 and Firefox < 50.1.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_eus | 7.4 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_aus | 7.4 |
| redhat | enterprise_linux_aus | 7.3 |
| redhat | enterprise_linux_eus | 7.3 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_eus | 7.5 |
The Pocket toolbar button, once activated, listens for events fired from it's own pages but does not verify the origin of incoming events. This allows content from other origins to fire events and inject content and commands into the Pocket context. Note: this issue does not affect users with e10s enabled. This vulnerability affects Firefox ESR < 45.6 and Firefox < 50.1.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-346,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
Mozilla's add-ons SDK had a world-accessible resource with an HTML injection vulnerability. If an additional vulnerability allowed this resource to be loaded as a document it could allow injecting content and script into an add-on's context. This vulnerability affects Firefox < 50.1.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
An attacker could use a JavaScript Map/Set timing attack to determine whether an atom is used by another compartment/zone in specific contexts. This could be used to leak information, such as usernames embedded in JavaScript code, across websites. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
A potentially exploitable crash in "EnumerateSubDocuments" while adding or removing sub-documents. This vulnerability affects Firefox ESR < 45.6 and Thunderbird < 45.6.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
Heap-based buffer overflow in the alloc_segs function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | network_security_services | - |
Heap-based buffer overflow in the __hash_open function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | network_security_services | - |
The __hash_open function in hash.c:229 in Mozilla Network Security Services (NSS) allows context-dependent attackers to cause a denial of service (floating point exception and crash) via a crafted cert8.db file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | network_security_services | - |
Heap-based buffer overflow in the __get_page function in lib/dbm/src/h_page.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | network_security_services | - |
The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code (MDC) feature or accept an obsolete packet type, not a problem in the OpenPGP specification
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| r2mail2 | r2mail2 | - |
| flipdogsolutions | maildroid | - |
| horde | horde_imp | - |
| emclient | emclient | - |
| microsoft | outlook | 2007 |
| postbox-inc | postbox | - |
| apple | - | |
| bloop | airmail | - |
| freron | mailmate | - |
| roundcube | webmail | - |
| mozilla | thunderbird | - |
The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| flipdogsolutions | maildroid | - |
| postbox-inc | postbox | - |
| apple | - | |
| gnome | evolution | - |
| mozilla | thunderbird | - |
| microsoft | outlook | 2016 |
| kde | kmail | - |
| kde | trojita | - |
| gmail | - | |
| r2mail2 | r2mail2 | - |
| microsoft | outlook | 2010 |
| horde | horde_imp | - |
| microsoft | outlook | 2013 |
| emclient | emclient | - |
| microsoft | outlook | 2007 |
| bloop | airmail | - |
| ibm | notes | - |
| freron | mailmate | - |
| 9folders | nine | - |
| ritlabs | the_bat | - |
Memory safety bugs were reported in Firefox 50.1 and Firefox ESR 45.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
Memory safety bugs were reported in Firefox 50.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 51.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
Use-after-free while manipulating XSL in XSLT documents. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A memory corruption vulnerability in Skia that can occur when using transforms to make gradients, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 51.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Hashed codes of JavaScript objects are shared between pages. This allows for pointer leaks because an object's address can be discovered through hash codes, and also allows for data leakage of an object's content using these hash codes. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
Use-after-free vulnerability in Web Animations when interacting with cycle collection found through fuzzing. This vulnerability affects Firefox < 51.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A potential use-after-free found through fuzzing during DOM manipulation of SVG content. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
The "export" function in the Certificate Viewer can force local filesystem navigation when the "common name" in a certificate contains slashes, allowing certificate content to be saved in unsafe locations with an arbitrary filename. This vulnerability affects Firefox < 51.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Feed preview for RSS feeds can be used to capture errors and exceptions generated by privileged content, allowing for the exposure of internal information not meant to be seen by web content. This vulnerability affects Firefox < 51.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
URLs containing certain unicode glyphs for alternative hyphens and quotes do not properly trigger punycode display, allowing for domain name spoofing attacks in the location bar. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
Proxy Auto-Config (PAC) files can specify a JavaScript function called for all URL requests with the full URL path which exposes more information than would be sent to the proxy itself in the case of HTTPS. Normally the Proxy Auto-Config file is specified by the user or machine owner and presumed to be non-malicious, but if a user has enabled Web Proxy Auto Detect (WPAD) this file can be served remotely. This vulnerability affects Firefox < 51.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Data sent with in multipart channels, such as the multipart/x-mixed-replace MIME type, will ignore the referrer-policy response header, leading to potential information disclosure for sites using this header. This vulnerability affects Firefox < 51.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
WebExtension scripts can use the "data:" protocol to affect pages loaded by other web extensions using this protocol, leading to potential data disclosure or privilege escalation in affected extensions. This vulnerability affects Firefox ESR < 45.7 and Firefox < 51.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
The existence of a specifically requested local file can be found due to the double firing of the "onerror" when the "source" attribute on a "<track>" tag refers to a file that does not exist if the source page is loaded locally. This vulnerability affects Firefox < 51.
CVSS 2.0
Severity: LOW
Problem Type: CWE-538,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A STUN server in conjunction with a large number of "webkitRTCPeerConnection" objects can be used to send large STUN packets in a short period of time due to a lack of rate limiting being applied on e10s systems, allowing for a denial of service attack. This vulnerability affects Firefox < 51.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-770,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
WebExtensions could use the "mozAddonManager" API by modifying the CSP headers on sites with the appropriate permissions and then using host requests to redirect script loads to a malicious site. This allows a malicious extension to then install additional extensions without explicit user permission. This vulnerability affects Firefox < 51.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-601,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
Special "about:" pages used by web content, such as RSS feeds, can load privileged "about:" pages in an iframe. If a content-injection bug were found in one of those pages this could allow for potential privilege escalation. This vulnerability affects Firefox < 51.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Weak proxy objects have weak references on multiple threads when they should only have them on one, resulting in incorrect memory usage and corruption, which leads to potentially exploitable crashes. Note: This issue only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox < 51.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The "mozAddonManager" allows for the installation of extensions from the CDN for addons.mozilla.org, a publicly accessible site. This could allow malicious extensions to install additional extensions from the CDN in combination with an XSS attack on Mozilla AMO sites. This vulnerability affects Firefox < 51.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A location bar spoofing attack where the location bar of loaded page will be shown over the content of another tab due to a series of JavaScript events combined with fullscreen mode. Note: This issue only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox < 51.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Malicious sites can display a spoofed location bar on a subsequently loaded page when the existing location bar on the new page is scrolled out of view if navigations between pages can be timed correctly. Note: This issue only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox < 51.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A use-after-free vulnerability in the Media Decoder when working with media files when some events are fired after the media elements are freed from memory. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
The cache directory on the local file system is set to be world writable. Firefox defaults to extracting libraries from this cache. This allows for the possibility of an installed malicious application or tools with write access to the file system to replace files used by Firefox with their own versions. This vulnerability affects Firefox < 51.0.3.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-829,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Memory safety bugs were reported in Thunderbird 45.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | thunderbird_esr | * |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
Memory safety bugs were reported in Firefox 51. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 52 and Thunderbird < 52.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A crash triggerable by web content in which an "ErrorResult" references unassigned memory due to a logic error. The resulting crash may be exploitable. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-388,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free can occur when events are fired for a "FontFace" object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
When adding a range to an object in the DOM, it is possible to use "addRange" to add the range to an incorrect root object. This triggers a use-after-free, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 52 and Thunderbird < 52.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
A use-after-free error can occur when manipulating ranges in selections with one node inside a native anonymous tree and one node outside of it. This results in a potentially exploitable crash. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
Certain response codes in FTP connections can result in the use of uninitialized values for ports in FTP operations. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-1187,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A segmentation fault can occur in the Skia graphics library during some canvas operations due to issues with mask/clip intersection and empty masks. This vulnerability affects Firefox < 52 and Thunderbird < 52.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Using SVG filters that don't use the fixed point math implementation on a target iframe, a malicious page can extract pixel values from a targeted user. This can be used to extract history information and read text values across domains. This violates same-origin policy and leads to information disclosure. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
Video files loaded video captions cross-origin without checking for the presence of CORS headers permitting such cross-origin use, leading to potential information disclosure for video captions. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
The Mozilla Windows updater can be called by a non-privileged user to delete an arbitrary local file by passing a special path to the callback parameter through the Mozilla Maintenance Service, which has privileged access. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected. This vulnerability affects Firefox ESR < 45.8 and Firefox < 52.
CVSS 2.0
Severity: LOW
Problem Type: CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
Memory corruption resulting in a potentially exploitable crash during garbage collection of JavaScript due errors in how incremental sweeping is managed for memory cleanup. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free can occur during buffer storage operations within the ANGLE graphics library, used for WebGL content. The buffer storage can be freed while still in use in some circumstances, leading to a potentially exploitable crash. Note: This issue is in "libGLES", which is only in use on Windows. Other operating systems are not affected. This vulnerability affects Firefox < 52 and Thunderbird < 52.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
A buffer overflow read during SVG filter color value operations, resulting in data exposure. This vulnerability affects Firefox < 52 and Thunderbird < 52.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
A segmentation fault can occur during some bidirectional layout operations. This vulnerability affects Firefox < 52 and Thunderbird < 52.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
The file picker dialog can choose and display the wrong local default directory when instantiated. On some operating systems, this can lead to information disclosure, such as the operating system or the local account name. This vulnerability affects Firefox < 52 and Thunderbird < 52.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
An attack can use a blob URL and script to spoof an arbitrary addressbar URL prefaced by "blob:" as the protocol, leading to user confusion and further spoofing attacks. This vulnerability affects Firefox < 52.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
In certain circumstances a networking event listener can be prematurely released. This appears to result in a null dereference in practice. This vulnerability affects Firefox < 52 and Thunderbird < 52.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-476,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
When dragging content from the primary browser pane to the addressbar on a malicious site, it is possible to change the addressbar so that the displayed location following navigation does not match the URL of the newly loaded page. This allows for spoofing attacks. This vulnerability affects Firefox < 52.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
An out of bounds read error occurs when parsing some HTTP digest authorization responses, resulting in information leakage through the reading of random memory containing matches to specifically set patterns. This vulnerability affects Firefox < 52 and Thunderbird < 52.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
If a malicious site repeatedly triggers a modal authentication prompt, eventually the browser UI will become non-responsive, requiring shutdown through the operating system. This is a denial of service (DOS) attack. This vulnerability affects Firefox < 52 and Thunderbird < 52.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
A "javascript:" url loaded by a malicious page can obfuscate its location by blanking the URL displayed in the addressbar, allowing for an attacker to spoof an existing page without the malicious page's address being displayed correctly. This vulnerability affects Firefox < 52.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A malicious site could spoof the contents of the print preview window if popup windows are enabled, resulting in user confusion of what site is currently loaded. This vulnerability affects Firefox < 52 and Thunderbird < 52.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
If a malicious site uses the "view-source:" protocol in a series within a single hyperlink, it can trigger a non-exploitable browser crash when the hyperlink is selected. This was fixed by no longer making "view-source:" linkable. This vulnerability affects Firefox < 52 and Thunderbird < 52.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
The Gecko Media Plugin sandbox allows access to local files that match specific regular expressions. On OS OX, this matching allows access to some data in subdirectories of "/private/var" that could expose personal or temporary data. This has been updated to not allow access to "/private/var" and its subdirectories. Note: this issue only affects OS X. Other operating systems are not affected. This vulnerability affects Firefox < 52 and Thunderbird < 52.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
On Linux, if the secure computing mode BPF (seccomp-bpf) filter is running when the Gecko Media Plugin sandbox is started, the sandbox fails to be applied and items that would run within the sandbox are run protected only by the running filter which is typically weak compared to the sandbox. Note: this issue only affects Linux. Other operating systems are not affected. This vulnerability affects Firefox < 52 and Thunderbird < 52.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-732,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
A non-existent chrome.manifest file will attempt to be loaded during startup from the primary installation directory. If a malicious user with local access puts chrome.manifest and other referenced files in this directory, they will be loaded and activated during startup. This could result in malicious software being added without consent or modification of referenced installed files. This vulnerability affects Firefox < 52.
CVSS 2.0
Severity: LOW
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
An integer overflow in "createImageBitmap()" was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the "createImageBitmap" API. This function runs in the content sandbox, requiring a second vulnerability to compromise a user's computer. This vulnerability affects Firefox ESR < 52.0.1 and Firefox < 52.0.1.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux | 7.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.5 |
Memory safety bugs were reported in Firefox 52, Firefox ESR 45.8, Firefox ESR 52, and Thunderbird 52. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| mozilla | firefox_esr | * |
| mozilla | firefox | 52.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 6.0 |
Memory safety bugs were reported in Firefox 52, Firefox ESR 52, and Thunderbird 52. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
A use-after-free vulnerability occurs during certain text input selection resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| mozilla | firefox | 52.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free vulnerability in SMIL animation functions occurs when pointers to animation elements in an array are dropped from the animation controller while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| mozilla | firefox | 52.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free vulnerability occurs when redirecting focus handling which results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| mozilla | firefox_esr | * |
| mozilla | firefox | 52.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free vulnerability occurs during transaction processing in the editor during design mode interactions. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| mozilla | firefox | 52.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| sil | graphite2 | - |
| mozilla | firefox | 52.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free vulnerability during XSLT processing due to the result handler being held by a freed handler during handling. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| mozilla | firefox | 52.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions during matching while evaluating context, leading to objects being used when they no longer exist. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| mozilla | firefox | 52.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free vulnerability when holding a selection during scroll events. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| mozilla | firefox | 52.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free vulnerability during changes in style when manipulating DOM elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| mozilla | firefox | 52.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
An out-of-bounds write vulnerability while decoding improperly formed BinHex format archives. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| mozilla | firefox | 52.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A buffer overflow vulnerability while parsing "application/http-index-format" format content when the header contains improperly formatted data. This allows for an out-of-bounds read of data from memory. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| mozilla | firefox | 52.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A vulnerability while parsing "application/http-index-format" format content where uninitialized values are used to create an array. This could allow the reading of uninitialized memory into the arrays affected. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-129,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| mozilla | firefox | 52.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
An out-of-bounds read when an HTTP/2 connection to a servers sends "DATA" frames with incorrect data content. This leads to a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| mozilla | firefox | 52.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
An out-of-bounds read during the processing of glyph widths during text layout. This results in a potentially exploitable crash and could allow an attacker to read otherwise inaccessible memory. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| mozilla | firefox | 52.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
An out-of-bounds write in "ClearKeyDecryptor" while decrypting some Clearkey-encrypted media content. The "ClearKeyDecryptor" code runs within the Gecko Media Plugin (GMP) sandbox. If a second mechanism is found to escape the sandbox, this vulnerability allows for the writing of arbitrary data within memory, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A possibly exploitable crash triggered during layout and manipulation of bidirectional unicode text in concert with CSS animations. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A mechanism to spoof the Firefox for Android addressbar using a "javascript:" URI. On Firefox for Android, the base domain is parsed incorrectly, making the resulting location less visibly a spoofed site and showing an incorrect domain in appended notifications. This vulnerability affects Firefox < 53.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A mechanism to spoof the addressbar through the user interaction on the addressbar and the "onblur" event. The event could be used by script to affect text display to make the loaded site appear to be different from the one actually loaded within the addressbar. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
Malicious sites can display a spoofed addressbar on a page when the existing location bar on the new page is scrolled out of view if an HTML editable page element is user selected. Note: This attack only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox < 53.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A mechanism to inject static HTML into the RSS reader preview page due to a failure to escape characters sent as URL parameters for a feed's "TITLE" element. This vulnerability allows for spoofing but no scripted content can be run. This vulnerability affects Firefox < 53.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A mechanism to bypass file system access protections in the sandbox to use the file picker to access different files than those selected in the file picker through the use of relative paths. This allows for read only access to the local file system. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
The internal feed reader APIs that crossed the sandbox barrier allowed for a sandbox escape and escalation of privilege if combined with another vulnerability that resulted in remote code execution inside the sandboxed process. This vulnerability affects Firefox ESR < 52.1 and Firefox < 53.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux | 7.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.5 |
A mechanism to bypass file system access protections in the sandbox using the file system request constructor through an IPC message. This allows for read and write access to the local file system. This vulnerability affects Firefox ESR < 52.1 and Firefox < 53.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-732,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux | 7.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.5 |
When a "javascript:" URL is drag and dropped by a user into the addressbar, the URL will be processed and executed. This allows for users to be socially engineered to execute an XSS attack on themselves. This vulnerability affects Firefox < 53.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A buffer overflow in WebGL triggerable by web content, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| mozilla | firefox | 52.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free vulnerability in frame selection triggered by a combination of malicious script content and key presses by a user. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| mozilla | firefox | 52.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by leveraging incorrect base64 operations.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | network_security_services | * |
A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bits over. The NSS library has been updated to fix this issue to address this issue and Firefox ESR 52.1 has been updated with NSS version 3.28.4. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-682,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| mozilla | firefox | 52.0 |
| mozilla | network_security_services | * |
| debian | debian_linux | 8.0 |
Android intents can be used to launch Firefox for Android in reader mode with a user specified URL. This allows an attacker to spoof the contents of the addressbar as displayed to users. Note: This attack only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox < 53.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
During DOM manipulations of the accessibility tree through script, the DOM tree can become out of sync with the accessibility tree, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| mozilla | firefox | 52.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
An out-of-bounds read while processing SVG content in "ConvolvePixel". This results in a crash and also allows for otherwise inaccessible memory being copied into SVG graphic content, which could then displayed. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| mozilla | firefox | 52.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
If a page is loaded from an original site through a hyperlink and contains a redirect to a "data:text/html" URL, triggering a reload will run the reloaded "data:text/html" page with its origin set incorrectly. This allows for a cross-site scripting (XSS) attack. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A potential memory corruption and crash when using Skia content when drawing content outside of the bounds of a clipping region. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 6.0 |
An issue with incorrect ownership model of "privateBrowsing" information exposed through developer tools. This can result in a non-exploitable crash when manually triggered during debugging. This vulnerability affects Firefox < 53.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-665,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| mozilla | firefox | 52.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
Memory safety bugs were reported in Firefox 53 and Firefox ESR 52.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
Memory safety bugs were reported in Firefox 53. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 54.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
Null pointer dereference vulnerability in NSS since 3.24.0 was found when server receives empty SSLv2 messages resulting into denial of service by remote attacker.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-476,CWE-476,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | network_security_services | 3.25.1 |
| mozilla | network_security_services | 3.26.2 |
| mozilla | network_security_services | 3.29.1 |
| mozilla | network_security_services | 3.30.0 |
| mozilla | network_security_services | 3.29.0 |
| mozilla | network_security_services | 3.29.3 |
| mozilla | network_security_services | 3.29.2 |
| mozilla | network_security_services | 3.27.2 |
| mozilla | network_security_services | 3.28.3 |
| mozilla | network_security_services | 3.27.0 |
| mozilla | network_security_services | 3.24.0 |
| mozilla | network_security_services | 3.28.1 |
| mozilla | network_security_services | 3.30.1 |
| mozilla | network_security_services | 3.28.0 |
| mozilla | network_security_services | 3.26.0 |
| mozilla | network_security_services | 3.27.1 |
| mozilla | network_security_services | 3.28.2 |
| mozilla | network_security_services | 3.25.0 |
A use-after-free vulnerability when using an incorrect URL during the reloading of a docshell. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free vulnerability during video control operations when a "<track>" element holds a reference to an older window if that window has been replaced in the DOM. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free vulnerability with content viewer listeners that results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free vulnerability during specific user interactions with the input method editor (IME) in some languages due to how events are handled. This results in a potentially exploitable crash but would require specific user interaction to trigger. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
An out-of-bounds read in WebGL with a maliciously crafted "ImageInfo" object during WebGL operations. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
The Firefox installer on Windows can be made to load malicious DLL files stored in the same directory as the installer when it is run. This allows privileged execution if the installer is run with elevated privileges. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-426,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A use-after-free and use-after-scope vulnerability when logging errors from headers for XML HTTP Requests (XHR). This could result in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
A use-after-free vulnerability in IndexedDB when one of its objects is destroyed in memory while a method on it is still being executed. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
An out-of-bounds read vulnerability with the Opus encoder when the number of channels in an audio stream changes while the encoder is in use. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.2 |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
Android intent URLs given to Firefox for Android can be used to navigate from HTTP or HTTPS URLs to local "file:" URLs, allowing for the reading of local data through a violation of same-origin policy. Note: This attack only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox < 54.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| android | - |
The Mozilla Windows updater modifies some files to be updated by reading the original file and applying changes to it. The location of the original file can be altered by a malicious user by passing a special path to the callback parameter through the Mozilla Maintenance Service, allowing the manipulation of files in the installation directory and privilege escalation by manipulating the Mozilla Maintenance Service, which has privileged access. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected. This vulnerability affects Firefox ESR < 52.2 and Firefox < 54.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-417,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
The Mozilla Maintenance Service "helper.exe" application creates a temporary directory writable by non-privileged users. When this is combined with creation of a junction (a form of symbolic link), protected files in the target directory of the junction can be deleted by the Mozilla Maintenance Service, which has privileged access. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected. This vulnerability affects Firefox ESR < 52.2 and Firefox < 54.
CVSS 2.0
Severity: LOW
Problem Type: CWE-276,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
When entered directly, Reader Mode did not strip the username and password section of URLs displayed in the addressbar. This can be used for spoofing the domain of the current page. This vulnerability affects Firefox < 54.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 6.0 |
Default fonts on OS X display some Tibetan characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
Characters from the "Canadian Syllabics" unicode block can be mixed with characters from other unicode blocks in the addressbar instead of being rendered as their raw "punycode" form, allowing for domain name spoofing attacks through character confusion. The current Unicode standard allows characters from "Aspirational Use Scripts" such as Canadian Syllabics to be mixed with Latin characters in the "moderately restrictive" IDN profile. We have changed Firefox behavior to match the upcoming Unicode version 10.0 which removes this category and treats them as "Limited Use Scripts.". This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
The "Mark of the Web" was not correctly saved on Windows when files with very long names were downloaded from the Internet. Without the Mark of the Web data, the security warning that Windows displays before running executables downloaded from the Internet is not shown. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
An attack using manipulation of "updater.ini" contents, used by the Mozilla Windows Updater, and privilege escalation through the Mozilla Maintenance Service to allow for arbitrary file execution and deletion by the Maintenance Service, which has privileged access. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected. This vulnerability affects Firefox ESR < 52.2 and Firefox < 54.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
The Mozilla Maintenance Service can be invoked by an unprivileged user to overwrite arbitrary files with junk data using the Mozilla Windows Updater, which runs with the Maintenance Service's privileged access. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected. This vulnerability affects Firefox ESR < 52.2 and Firefox < 54.
CVSS 2.0
Severity: LOW
Problem Type: CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
The Mozilla Maintenance Service can be invoked by an unprivileged user to read 32 bytes of any arbitrary file on the local system by convincing the service that it is reading a status file provided by the Mozilla Windows Updater. The Mozilla Maintenance Service executes with privileged access, bypassing system protections against unprivileged users. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected. This vulnerability affects Firefox ESR < 52.2 and Firefox < 54.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
A mechanism where when a new tab is loaded through JavaScript events, if fullscreen mode is then entered, the addressbar will not be rendered. This would allow a malicious site to displayed a spoofed addressbar, showing the location of an arbitrary website instead of the one loaded. Note: this issue only affects Firefox for Android. Desktop Firefox is unaffected. This vulnerability affects Firefox < 54.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Pass::readPass function.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| sil | graphite2 | * |
Heap-based Buffer Overflow in Graphite2 library in Firefox before 54 in lz4::decompress function.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| sil | graphite2 | * |
Heap-based Buffer Overflow write in Graphite2 library in Firefox before 54 in lz4::decompress src/Decompressor.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| sil | graphite2 | * |
Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Silf::readGraphite function.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| sil | graphite2 | * |
Heap-based Buffer Overflow read in Graphite2 library in Firefox before 54 in graphite2::Silf::getClassGlyph.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| sil | graphite2 | * |
Use of uninitialized memory in Graphite2 library in Firefox before 54 in graphite2::GlyphCache::Loader::read_glyph function.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| sil | graphite2 | * |
A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. These issues were addressed in Graphite 2 version 1.3.10. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,CWE-125,CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| sil | graphite2 | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
Memory safety bugs were reported in Firefox 54, Firefox ESR 52.2, and Thunderbird 52.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
Memory safety bugs were reported in Firefox 54. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 55.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
An error occurs in the elliptic curve point addition algorithm that uses mixed Jacobian-affine coordinates where it can yield a result "POINT_AT_INFINITY" when it should not. A man-in-the-middle attacker could use this to interfere with a connection, resulting in an attacked party computing an incorrect shared secret. This vulnerability affects Firefox < 55.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
An error in the "WindowsDllDetourPatcher" where a RWX ("Read/Write/Execute") 4k block is allocated but never protected, violating DEP protections. Note: This attack only affects Windows operating systems. Other operating systems are not affected. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
If a long user name is used in a username/password combination in a site URL (such as " http://UserName:Password@example.com"), the resulting modal prompt will hang in a non-responsive state or crash, causing a denial of service. This vulnerability affects Firefox < 55.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A use-after-free vulnerability can occur when reading an image observer during frame reconstruction after the observer has been freed. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A buffer overflow can occur when manipulating Accessible Rich Internet Applications (ARIA) attributes within the DOM. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, allowing the iframes to access content on the top level page, leading to information disclosure. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
When an "iframe" has a "sandbox" attribute and its content is specified using "srcdoc", that content does not inherit the containing page's Content Security Policy (CSP) as it should unless the sandbox attribute included "allow-same-origin". This vulnerability affects Firefox < 55.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-74,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
If a server sends two Strict-Transport-Security (STS) headers for a single connection, they will be rejected as invalid and HTTP Strict Transport Security (HSTS) will not be enabled for the connection. This vulnerability affects Firefox < 55.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
On Windows systems, if non-null-terminated strings are copied into the crash reporter for some specific registry keys, stack memory data can be copied until a null is found. This can potentially contain private data from the local system. Note: This attack only affects Windows operating systems. Other operating systems are not affected. This vulnerability affects Firefox < 55.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
On pages containing an iframe, the "data:" protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert from the iframe content. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A buffer overflow will occur when viewing a certificate in the certificate manager if the certificate has an extremely long object identifier (OID). This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server | 5.0 |
| redhat | enterprise_linux_workstation | 5.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_desktop | 5.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
On Linux systems, if the content process is compromised, the sandbox broker will allow files to be truncated even though the sandbox explicitly only has read access to the local file system and no write permissions. Note: This attack only affects the Linux operating system. Other operating systems are not affected. This vulnerability affects Firefox < 55.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-276,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
On Windows systems, the logger run by the Windows updater deletes the file "update.log" before it runs in order to write a new log of that name. The path to this file is supplied at the command line to the updater and could be used in concert with another local exploit to delete a different file named "update.log" instead of the one intended. Note: This attack only affects Windows operating systems. Other operating systems are not affected. This vulnerability affects Firefox < 55.
CVSS 2.0
Severity: LOW
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Response header name interning does not have same-origin protections and these headers are stored in a global registry. This allows stored header names to be available cross-origin. This vulnerability affects Firefox < 55.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-346,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. In the worst case, this could allow arbitrary code execution when opening a malicious page with the style editor tool. This vulnerability affects Firefox ESR < 52.3 and Firefox < 55.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
JavaScript in the "about:webrtc" page is not sanitized properly being assigned to "innerHTML". Data on this page is supplied by WebRTC usage and is not under third-party control, making this difficult to exploit, but the vulnerability could possibly be used for a cross-site scripting (XSS) attack. This vulnerability affects Firefox < 55.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A use-after-free vulnerability can occur in WebSockets when the object holding the connection is freed before the disconnection operation is finished. This results in an exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free vulnerability can occur while re-computing layout for a "marquee" element during window resizing where the updated style object is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur when the freed elements are accessed. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
When a page's content security policy (CSP) header contains a "sandbox" directive, other directives are ignored. This results in the incorrect enforcement of CSP. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
The destructor function for the "WindowsDllDetourPatcher" class can be re-purposed by malicious code in concert with another vulnerability to write arbitrary data to an attacker controlled location in memory. This can be used to bypass existing memory protections in this situation. Note: This attack only affects Windows operating systems. Other operating systems are not affected. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
During TLS 1.2 exchanges, handshake hashes are generated which point to a message buffer. This saved data is used for later messages but in some cases, the handshake transcript can exceed the space available in the current buffer, causing the allocation of a new buffer. This leaves a pointer pointing to the old, freed buffer, resulting in a use-after-free when handshake hashes are then calculated afterwards. This can result in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 7.0 |
| mozilla | firefox | 52.4.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| mozilla | firefox | 56.0 |
| mozilla | thunderbird | 52.4.0 |
A use-after-free vulnerability can occur when the layer manager is freed too early when rendering specific SVG content, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 55.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. This has been addressed by requiring fallback files be inside the manifest directory. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A content security policy (CSP) "frame-ancestors" directive containing origins with paths allows for comparisons against those paths instead of the origin. This results in a cross-origin information leak of this path information. This vulnerability affects Firefox < 55.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,CWE-346,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A use-after-free vulnerability can occur when an editor DOM node is deleted prematurely during tree traversal while still bound to the document. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
Memory safety bugs were reported in Firefox 55 and Firefox ESR 52.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
Memory safety bugs were reported in Firefox 55. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 56.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
If web content on a page is dragged onto portions of the browser UI, such as the tab bar, links can be opened that otherwise would not be allowed to open. This can allow malicious web content to open a locally stored file through "file:" URLs. This vulnerability affects Firefox < 56.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Inside the JavaScript parser, a cast of an integer to a narrower type can result in data read from outside the buffer being parsed. This usually results in a non-exploitable crash, but can leak a limited amount of information from memory if it matches JavaScript identifier syntax. This vulnerability affects Firefox < 56.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,CWE-704,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
File downloads encoded with "blob:" and "data:" URL elements bypassed normal file download checks though the Phishing and Malware Protection feature and its block lists of suspicious sites and files. This would allow malicious sites to lure users into downloading executables that would otherwise be detected as suspicious. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
On pages containing an iframe, the "data:" protocol can be used to create a modal dialog through Javascript that will have an arbitrary domains as the dialog's location, spoofing of the origin of the modal dialog from the user view. Note: This attack only affects installations with e10 multiprocess turned off. Installations with e10s turned on do not support the modal dialog functionality. This vulnerability affects Firefox < 56.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
WebExtensions could use popups and panels in the extension UI to load an "about:" privileged URL, violating security checks that disallow this behavior. This vulnerability affects Firefox < 56.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A spoofing vulnerability can occur when a page switches to fullscreen mode without user notification, allowing a fake address bar to be displayed. This allows an attacker to spoof which page is actually loaded and in use. Note: This attack only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox < 56.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A use-after-free vulnerability can occur when manipulating arrays of Accessible Rich Internet Applications (ARIA) elements within containers through the DOM. This results in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.2 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free vulnerability can occur in design mode when image objects are resized if objects referenced during the resizing have been freed from memory. This results in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
The "instanceof" operator can bypass the Xray wrapper mechanism. When called on web content from the browser itself or an extension the web content can provide its own result for that operator, possibly tricking the browser or extension into mishandling the element. This vulnerability affects Firefox < 56.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A vulnerability where WebExtensions can download and attempt to open a file of some non-executable file types. This can be triggered without specific user interaction for the file download and open actions. This could be used to trigger known vulnerabilities in the programs that handle those document types. This vulnerability affects Firefox < 56.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-732,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The AES-GCM implementation in WebCrypto API accepts 0-length IV when it should require a length of 1 according to the NIST Special Publication 800-38D specification. This might allow for the authentication key to be determined in some instances. This vulnerability affects Firefox < 56.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The content security policy (CSP) "sandbox" directive did not create a unique origin for the document, causing it to behave as if the "allow-same-origin" keyword were always specified. This could allow a Cross-Site Scripting (XSS) attack to be launched from unsafe content. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_eus | 7.4 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_aus | 7.4 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_eus | 7.5 |
Several fonts on OS X display some Tibetan and Arabic characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Memory safety bugs were reported in Firefox 56 and Firefox ESR 52.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 57, Firefox ESR < 52.5, and Thunderbird < 52.5.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
Memory safety bugs were reported in Firefox 56. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 57.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A use-after-free vulnerability can occur when flushing and resizing layout because the "PressShell" object has been freed while still in use. This results in a potentially exploitable crash during these operations. This vulnerability affects Firefox < 57, Firefox ESR < 52.5, and Thunderbird < 52.5.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
It is possible to spoof the sender's email address and display an arbitrary sender address to the email recipient. The real sender's address is not displayed if preceded by a null character in the display string. This vulnerability affects Thunderbird < 52.5.2.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_eus | 7.4 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_aus | 7.4 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_eus | 7.5 |
The Resource Timing API incorrectly revealed navigations in cross-origin iframes. This is a same-origin policy violation and could allow for data theft of URLs loaded by users. This vulnerability affects Firefox < 57, Firefox ESR < 52.5, and Thunderbird < 52.5.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A vulnerability where the security wrapper does not deny access to some exposed properties using the deprecated "_exposedProps_" mechanism on proxy objects. These properties should be explicitly unavailable to proxy objects. This vulnerability affects Firefox < 57.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The combined, single character, version of the letter 'i' with any of the potential accents in unicode, such as acute or grave, can be spoofed in the addressbar by the dotless version of 'i' followed by the same accent as a second character with most font sets. This allows for domain spoofing attacks because these combined domain names do not display as punycode. This vulnerability affects Firefox < 57.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Some Arabic and Indic vowel marker characters can be combined with Latin characters in a domain name to eclipse the non-Latin character with some font sets on the addressbar. The non-Latin character will not be visible to most viewers. This allows for domain spoofing attacks because these combined domain names do not display as punycode. This vulnerability affects Firefox < 57.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A "data:" URL loaded in a new tab did not inherit the Content Security Policy (CSP) of the original page, allowing for bypasses of the policy including the execution of JavaScript. In prior versions when "data:" documents also inherited the context of the original page this would allow for potential cross-site scripting (XSS) attacks. This vulnerability affects Firefox < 57.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mixed content blocking of insecure (HTTP) sub-resources in a secure (HTTPS) document was not correctly applied for resources that redirect from HTTPS to HTTP, allowing content that should be blocked, such as scripts, to be loaded on a page. This vulnerability affects Firefox < 57.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The "pingsender" executable used by the Firefox Health Report dynamically loads a system copy of libcurl, which an attacker could replace. This allows for privilege escalation as the replaced libcurl code will run with Firefox's privileges. Note: This attack requires an attacker have local system access and only affects OS X and Linux. Windows systems are not affected. This vulnerability affects Firefox < 57.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-427,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
SVG loaded through "<img>" tags can use "<meta>" tags within the SVG data to set cookies for that page. This vulnerability affects Firefox < 57.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Punycode format text will be displayed for entire qualified international domain names in some instances when a sub-domain triggers the punycode display instead of the primary domain being displayed in native script and the sub-domain only displaying as punycode. This could be used for limited spoofing attacks due to user confusion. This vulnerability affects Firefox < 57.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Control characters prepended before "javascript:" URLs pasted in the addressbar can cause the leading characters to be ignored and the pasted JavaScript to be executed instead of being blocked. This could be used in social engineering and self-cross-site-scripting (self-XSS) attacks where users are convinced to copy and paste text into the addressbar. This vulnerability affects Firefox < 57.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
JavaScript can be injected into an exported bookmarks file by placing JavaScript code into user-supplied tags in saved bookmarks. If the resulting exported HTML file is later opened in a browser this JavaScript will be executed. This could be used in social engineering and self-cross-site-scripting (self-XSS) attacks if users were convinced to add malicious tags to bookmarks, export them, and then open the resulting file. This vulnerability affects Firefox < 57.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
If a document's Referrer Policy attribute is set to "no-referrer" sometimes two network requests are made for "<link>" elements instead of one. One of these requests includes the referrer instead of respecting the set policy to not include a referrer on requests. This vulnerability affects Firefox < 57.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When Private Browsing mode is used, it is possible for a web worker to write persistent data to IndexedDB and fingerprint a user uniquely. IndexedDB should not be available in Private Browsing mode and this stored data will persist across multiple private browsing mode sessions because it is not cleared when exiting. This vulnerability affects Firefox ESR < 52.5.2 and Firefox < 57.0.1.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A combination of an external SVG image referenced on a page and the coloring of anchor links stored within this image can be used to determine which pages a user has in their history. This can allow a malicious website to query user history. Note: This issue only affects Firefox 57. Earlier releases are not affected. This vulnerability affects Firefox < 57.0.1.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Thunderbird < 52.5.2, Firefox ESR < 52.5.2, and Firefox < 57.0.2.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
It is possible to execute JavaScript in the parsed RSS feed when RSS feed is viewed as a website, e.g. via "View -> Feed article -> Website" or in the standard format of "View -> Feed article -> default format". This vulnerability affects Thunderbird < 52.5.2.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-74,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
Crafted CSS in an RSS feed can leak and reveal local path strings, which may contain user name. This vulnerability affects Thunderbird < 52.5.2.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_eus | 7.4 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| debian | debian_linux | 7.0 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_aus | 7.4 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_eus | 7.5 |
RSS fields can inject new lines into the created email structure, modifying the message body. This vulnerability affects Thunderbird < 52.5.2.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-74,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A hardware vulnerability in GPU memory modules allows attackers to accelerate micro-architectural attacks through the use of the JavaScript WebGL API.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| chrome | - | |
| mozilla | firefox | - |
| lg | nexus_5 | - |
Service workers can use redirection to avoid the tainting of cross-origin resources in some instances, allowing a malicious site to read responses which are supposed to be opaque. This vulnerability affects Firefox < 61.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
A buffer overflow can occur when rendering canvas content while adjusting the height and width of the canvas element dynamically, causing data to be written outside of the currently computed boundaries. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | thunderbird | 52.9.1 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
An integer overflow can occur in the SwizzleData code while calculating buffer sizes. The overflowed value is used for subsequent graphics computations when their inputs are not sanitized which results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Firefox ESR < 60.1, and Firefox < 61.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| canonical | ubuntu_linux | 14.04 |
An integer overflow can occur during graphics operations done by the Supplemental Streaming SIMD Extensions 3 (SSSE3) scaler, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free vulnerability can occur when script uses mutation events to move DOM nodes between documents, resulting in the old document that held the node being freed but the node still having a pointer referencing it. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
NPAPI plugins, such as Adobe Flash, can send non-simple cross-origin requests, bypassing CORS by making a same-origin POST that does a 307 redirect to the target site. This allows for a malicious site to engage in cross-site request forgery (CSRF) attacks. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. This could result in exposure of private local files. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
An invalid grid size during QCMS (color profile) transformations can result in the out-of-bounds read interpreted as a float value. This could leak private data into the output. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
In the previous mitigations for Spectre, the resolution or precision of various methods was reduced to counteract the ability to measure precise time intervals. In that work PerformanceNavigationTiming was not adjusted but it was found that it could be used as a precision timer. This vulnerability affects Thunderbird < 60, Firefox ESR < 60.1, and Firefox < 61.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| canonical | ubuntu_linux | 14.04 |
Windows 10 does not warn users before opening executable files with the SettingContent-ms extension even when they have been downloaded from the internet and have the "Mark of the Web." Without the warning, unsuspecting users unfamiliar with this new file type might run an unwanted executable. This also allows a WebExtension with the limited downloads.open permission to execute arbitrary code without user interaction on Windows 10 systems. *Note: this issue only affects Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
WebExtensions bundled with embedded experiments were not correctly checked for proper authorization. This allowed a malicious WebExtension to gain full browser permissions. This vulnerability affects Firefox ESR < 60.1 and Firefox < 61.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-863,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 14.04 |
In Reader View SameSite cookie protections are not checked on exiting. This allows for a payload to be triggered when Reader View is exited if loaded by a malicious site while Reader mode is active, bypassing CSRF protections. This vulnerability affects Firefox < 61.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 16 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 60.1, Thunderbird < 60, and Firefox < 61.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Decrypted S/MIME parts, when included in HTML crafted for an attack, can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird < 52.9.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux | 7.6 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux | 7.5 |
dDecrypted S/MIME parts hidden with CSS or the plaintext HTML tag can leak plaintext when included in a HTML reply/forward. This vulnerability affects Thunderbird < 52.9.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux | 7.6 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux | 7.5 |
Plaintext of decrypted emails can leak through by user submitting an embedded form by pressing enter key within a text input field. This vulnerability affects Thunderbird < 52.9.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux | 7.6 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux | 7.5 |
Memory safety bugs present in Firefox 61. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 62.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 14.04 |
Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by JavaScript code that is providing payload values to be stored. This results in a potentially exploitable crash. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running the Mozilla Updater manually on the local system with the malicious MAR file in order to occur. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
Manually dragging and dropping an Outlook email message into the browser will trigger a page navigation when the message's mail columns are incorrectly interpreted as a URL. *Note: this issue only affects Windows operating systems with Outlook installed. Other operating systems are not affected.*. This vulnerability affects Firefox ESR < 60.2 and Firefox < 62.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-610,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
The displayed addressbar URL can be spoofed on Firefox for Android using a javascript: URI in concert with JavaScript to insert text before the loaded domain name, scrolling the loaded domain out of view to the right. This can lead to user confusion. *This vulnerability only affects Firefox for Android < 62.*
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 62.0 |
If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not deleted when the data was copied to a new format starting in Firefox 58. The new master password is added only on the new file. This could allow the exposure of stored password data outside of user expectations. This vulnerability affects Firefox < 62, Firefox ESR < 60.2.1, and Thunderbird < 60.2.1.
CVSS 2.0
Severity: LOW
Problem Type: CWE-522,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead. This results in full malleability of the ClientHello for SSLv2 used for TLS 1.2 in all versions prior to NSS 3.39. This does not impact TLS 1.3.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-335,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | network_security_services | * |
A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. This issue is only exploitable in combination with another vulnerability allowing an attacker to write data into the local cache or from locally installed malware. This issue also triggers a non-exploitable startup crash for users switching between the Nightly and Release versions of Firefox if the same profile is used. This vulnerability affects Thunderbird < 60.2.1, Firefox ESR < 60.2.1, and Firefox < 62.0.2.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR < 60.2.2 and Firefox < 62.0.3.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-704,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server | 6.0 |
A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the sandboxed content process. This vulnerability affects Firefox ESR < 60.2.2 and Firefox < 62.0.3.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server | 6.0 |
Mozilla developers and community members reported memory safety bugs present in Firefox 62. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 63.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 18.10 |
| canonical | ubuntu_linux | 14.04 |
Mozilla developers and community members reported memory safety bugs present in Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 60.3 and Thunderbird < 60.3.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| canonical | ubuntu_linux | 18.10 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| canonical | ubuntu_linux | 18.10 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the problem is in the underlying Android service, this issue is addressed by treating all HLS streams as cross-origin and opaque to access. *Note: this issue only affects Firefox for Android. Desktop versions of Firefox are unaffected.*. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-863,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| canonical | ubuntu_linux | 18.10 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16 representation could result in allocating a buffer too small for the conversion. This leads to a possible out-of-bounds write. *Note: 64-bit builds are not vulnerable to this issue.*. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-190,CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| canonical | ubuntu_linux | 18.10 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
By rewriting the Host: request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting. This would allow access to domains that share a host that are otherwise restricted. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| canonical | ubuntu_linux | 18.10 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
A vulnerability where a WebExtension can run content scripts in disallowed contexts following navigation or other events. This allows for potential privilege escalation by the WebExtension on sites where content scripts should not be run. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-732,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| canonical | ubuntu_linux | 18.10 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all websites" being displayed to the user. This allows extensions to run content scripts in local pages without permission warnings when a local file is opened. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| canonical | ubuntu_linux | 18.10 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
By using the reflected URL in some special resource URIs, such as chrome:, it is possible to inject stylesheets and bypass Content Security Policy (CSP). This vulnerability affects Firefox < 63.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 18.10 |
| canonical | ubuntu_linux | 14.04 |
When a new protocol handler is registered, the API accepts a title argument which can be used to mislead users about which domain is registering the new protocol. This may result in the user approving a protocol handler that they otherwise would not have. This vulnerability affects Firefox < 63.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 18.10 |
| canonical | ubuntu_linux | 14.04 |
In private browsing mode on Firefox for Android, favicons are cached in the cache/icons folder as they are in non-private mode. This allows information leakage of sites visited during private browsing sessions. *Note: this issue only affects Firefox for Android. Desktop versions of Firefox are unaffected.*. This vulnerability affects Firefox < 63.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Some special resource URIs will cause a non-exploitable crash if loaded with optional parameters following a '?' in the parsed string. This could lead to denial of service (DOS) attacks. This vulnerability affects Firefox < 63.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 18.10 |
| canonical | ubuntu_linux | 14.04 |
The internal WebBrowserPersist code does not use correct origin context for a resource being saved. This manifests when sub-resources are loaded as part of "Save Page As..." functionality. For example, a malicious page could recover a visitor's Windows username and NTLM hash by including resources otherwise unreachable to the malicious page, if they can convince the visitor to save the complete web page. Similarly, SameSite cookies are sent on cross-origin requests when the "Save Page As..." menu item is selected to save a page, which can result in saving the wrong version of resources based on those cookies. This vulnerability affects Firefox < 63.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-346,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 18.10 |
| canonical | ubuntu_linux | 14.04 |
If a site is loaded over a HTTPS connection but loads a favicon resource over HTTP, the mixed content warning is not displayed to users. This vulnerability affects Firefox < 63.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 18.10 |
| canonical | ubuntu_linux | 14.04 |
A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) and affects all NSS versions prior to NSS 3.41.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | network_security_services | * |
Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| canonical | ubuntu_linux | 18.10 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
Mozilla developers and community members reported memory safety bugs present in Firefox 63. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 64.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 18.10 |
| canonical | ubuntu_linux | 14.04 |
A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content, when working with the VertexBuffer11 module. This results in a potentially exploitable crash. This vulnerability affects Firefox < 64.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 18.10 |
| canonical | ubuntu_linux | 14.04 |
get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette entries.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| opensuse | leap | 15.0 |
| mozilla | mozjpeg | * |
| fedoraproject | fedora | 28 |
| libjpeg-turbo | libjpeg-turbo | * |
| debian | debian_linux | 8.0 |
A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| canonical | ubuntu_linux | 18.10 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| canonical | ubuntu_linux | 18.10 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-346,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| canonical | ubuntu_linux | 18.10 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
WebExtension content scripts can be loaded into about: pages in some circumstances, in violation of the permissions granted to extensions. This could allow an extension to interfere with the loading and usage of these pages and use capabilities that were intended to be restricted from extensions. This vulnerability affects Firefox < 64.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-732,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 18.10 |
| canonical | ubuntu_linux | 14.04 |
When the RSS Feed preview about:feeds page is framed within another page, it can be used in concert with scripted content for a clickjacking attack that confuses users into downloading and executing an executable file from a temporary directory. *Note: This issue only affects Windows operating systems. Other operating systems are not affected.*. This vulnerability affects Firefox < 64.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-1021,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Limitations on the URIs allowed to WebExtensions by the browser.windows.create API can be bypassed when a pipe in the URL field is used within the extension to load multiple pages as a single argument. This could allow a malicious WebExtension to open privileged about: or file: locations. This vulnerability affects Firefox < 64.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 18.10 |
| canonical | ubuntu_linux | 14.04 |
A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when a raw value is used instead of the checked value. This leads to a possible out-of-bounds write. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-190,CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| canonical | ubuntu_linux | 18.10 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http-equiv="refresh" on a page to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-346,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| canonical | ubuntu_linux | 18.10 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| canonical | ubuntu_linux | 18.10 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
Mozilla developers and community members reported memory safety bugs present in Firefox 64. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 65.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 18.10 |
| canonical | ubuntu_linux | 14.04 |
When JavaScript is used to create and manipulate an audio buffer, a potentially exploitable crash may occur because of a compartment mismatch in some situations. This vulnerability affects Firefox < 65.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 18.10 |
| canonical | ubuntu_linux | 14.04 |
A crash and out-of-bounds read can occur when the buffer of a texture client is freed while it is still in use during graphic operations. This results is a potentially exploitable crash and the possibility of reading from the memory of the freed buffers. This vulnerability affects Firefox < 65.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 18.10 |
| canonical | ubuntu_linux | 14.04 |
An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. This authentication is insufficient for channels created after the IPC process is started, leading to the authentication not being correctly applied to later channels. This could allow for a sandbox escape through IPC channels due to lack of message validation in the listener process. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| canonical | ubuntu_linux | 18.10 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to another server. This behavior is disallowed by default when a proxy is manually configured, but when enabled could allow for attacks on services and tools that bind to the localhost for networked behavior if they are accessed through browsing. This vulnerability affects Firefox < 65.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.9 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N | 2.2 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_server_tus | 8.6 |
| opensuse | leap | 15.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_tus | 8.2 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| opensuse | leap | 42.3 |
| redhat | enterprise_linux_server | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| redhat | enterprise_linux | 8.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| canonical | ubuntu_linux | 18.10 |
| redhat | enterprise_linux_eus | 8.6 |
| redhat | enterprise_linux_server_aus | 8.6 |
| redhat | enterprise_linux_server_aus | 8.2 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_eus | 8.1 |
| redhat | enterprise_linux_server_tus | 8.4 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_eus | 8.4 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_eus | 8.2 |
| redhat | enterprise_linux_server_aus | 8.4 |
| debian | debian_linux | 8.0 |
In Network Security Services (NSS) before 3.36.7 and before 3.41.1, a malformed signature can cause a crash due to a null dereference, resulting in a Denial of Service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-476,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| siemens | ruggedcom_rox_mx5000_firmware | * |
| siemens | ruggedcom_rox_rx5000_firmware | * |
| siemens | ruggedcom_rox_rx1512_firmware | * |
| siemens | ruggedcom_rox_rx1500_firmware | * |
| siemens | ruggedcom_rox_rx1511_firmware | * |
| mozilla | network_security_services | * |
| siemens | ruggedcom_rox_rx1400_firmware | * |
| siemens | ruggedcom_rox_rx1501_firmware | * |
| siemens | ruggedcom_rox_rx1510_firmware | * |
A flaw during verification of certain S/MIME signatures causes emails to be shown in Thunderbird as having a valid digital signature, even if the shown message contents aren't covered by the signature. The flaw allows an attacker to reuse a valid S/MIME signature to craft an email message with arbitrary content. This vulnerability affects Thunderbird < 60.5.1.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-347,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
The about:crashcontent and about:crashparent pages can be triggered by web content. These pages are used to crash the loaded page or the browser for test purposes. This issue allows for a non-persistent denial of service (DOS) attack by a malicious site which links to these pages. This vulnerability affects Firefox < 64.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Cross-origin images can be read from a canvas element in violation of the same-origin policy using the transferFromImageBitmap method. *Note: This only affects Firefox 65. Previous versions are unaffected.*. This vulnerability affects Firefox < 65.0.1.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 65.0 |
A use-after-free vulnerability can occur while playing a sound notification in Thunderbird. The memory storing the sound data is immediately freed, although the sound is still being played asynchronously, leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 60.5.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
A crash can occur when processing a crafted S/MIME message or an XPI package containing a crafted signature. This can be used as a denial-of-service (DOS) attack because Thunderbird reopens the last seen message on restart, triggering the crash again. This vulnerability affects Thunderbird < 60.5.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-476,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
Memory safety bugs were reported in Firefox 57 and Firefox ESR 52.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
Memory safety bugs were reported in Firefox 57. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 58.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
A use-after-free vulnerability can occur during WebRTC connections when interacting with the DTMF timers. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 52.6 and Firefox < 58.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free vulnerability can occur when the thread for a Web Worker is freed from memory prematurely instead of from memory in the main thread while cancelling fetch operations. This vulnerability affects Firefox < 58.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
A heap buffer overflow vulnerability may occur in WebAssembly during Memory/Table resizing, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 58.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
A heap buffer overflow vulnerability may occur in WebAssembly when "shrinkElements" is called followed by garbage collection on memory that is now uninitialized. This results in a potentially exploitable crash. This vulnerability affects Firefox < 58.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 8 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-190,CWE-908,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free vulnerability can occur while editing events in form elements on a page, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 52.6 and Thunderbird < 52.6.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free vulnerability can occur during XSL transformations when the source document for the transformation is manipulated by script content during the transformation. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free vulnerability can occur when form input elements, focus, and selections are manipulated by script content. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free vulnerability can occur when the widget listener is holding strong references to browser objects that have previously been freed, resulting in a potentially exploitable crash when these references are used. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free vulnerability can occur when arguments passed to the "IsPotentiallyScrollable" function are freed while still in use by scripts. This results in a potentially exploitable crash. This vulnerability affects Firefox < 58.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
A use-after-free vulnerability can occur when manipulating floating "first-letter" style elements, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 58.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
A use-after-free vulnerability can occur when manipulating HTML media elements with media streams, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free vulnerability can occur during mouse event handling due to issues with multiprocess support. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free vulnerability can occur during font face manipulation when a font face is freed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
WebExtensions can bypass user prompts to first save and then open an arbitrarily downloaded file. This can result in an executable file running with local user privileges without explicit user consent. This vulnerability affects Firefox < 58.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
Style editor traffic in the Developer Tools can be routed through a service worker hosted on a third party website if a user selects error links when these tools are open. This can allow style editor information used within Developer Tools to leak cross-origin. This vulnerability affects Firefox < 58.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
The printing process can bypass local access protections to read files available through symlinks, bypassing local file restrictions. The printing process requires files in a specific format so arbitrary data cannot be read but it is possible that some local file information could be exposed. This vulnerability affects Firefox < 58.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-59,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
A Blob URL can violate origin attribute segregation, allowing it to be accessed from a private browsing tab and for data to be passed between the private browsing tab and a normal tab. This could allow for the leaking of private information specific to the private browsing context. This issue is mitigated by the requirement that the user enter the Blob URL manually in order for the access violation to occur. This vulnerability affects Firefox < 58.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
An audio capture session can started under an incorrect origin from the site making the capture request. Users are still prompted to allow the request but the prompt can display the wrong origin, leading to user confusion about which site is making the request to capture an audio stream. This vulnerability affects Firefox < 58.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-346,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
If cursor visibility is toggled by script using from 'none' to an image and back through script, the cursor will be rendered temporarily invisible within Firefox. Note: This vulnerability only affects OS X. Other operating systems are not affected. This vulnerability affects Firefox < 58.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When the text of a specially formatted URL is dragged to the addressbar from page content, the displayed URL can be spoofed to show a different site than the one loaded. This allows for phishing attacks where a malicious page can spoof the identify of another site. This vulnerability affects Firefox < 58.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
Development Tools panels of an extension are required to load URLs for the panels as relative URLs from the extension manifest file but this requirement was not enforced in all instances. This could allow the development tools panel for the extension to load a URL that it should not be able to access, including potentially privileged pages. This vulnerability affects Firefox < 58.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-552,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
The "browser.identity.launchWebAuthFlow" function of WebExtensions is only allowed to load content over "https:" but this requirement was not properly enforced. This can potentially allow privileged pages to be loaded by the extension. This vulnerability affects Firefox < 58.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-862,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
If an existing cookie is changed to be "HttpOnly" while a document is open, the original value remains accessible through script until that document is closed. Network requests correctly use the changed HttpOnly cookie. This vulnerability affects Firefox < 58.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
If an HTTP authentication prompt is triggered by a background network request from a page or extension, it is displayed over the currently loaded foreground page. Although the prompt contains the real domain making the request, this can result in user confusion about the originating site of the authentication request and may cause users to mistakenly send private credential information to a third party site. This vulnerability affects Firefox < 58.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
WebExtensions with the "ActiveTab" permission are able to access frames hosted within the active tab even if the frames are cross-origin. Malicious extensions can inject frames from arbitrary origins into the loaded page and then interact with them, bypassing same-origin user expectations with this permission. This vulnerability affects Firefox < 58.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-346,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
If right-to-left text is used in the addressbar with left-to-right alignment, it is possible in some circumstances to scroll this text to spoof the displayed URL. This issue could result in the wrong URL being displayed as a location, which can mislead users to believe they are on a different site than the one loaded. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_aus | 7.3 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.3 |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
The screenshot images displayed in the Activity Stream page displayed when a new tab is opened is created from the meta tags of websites. An issue was discovered where the page could attempt to create these images through "file:" URLs from the local file system. This loading is blocked by the sandbox but could expose local data if combined with another attack that escapes sandbox protections. This vulnerability affects Firefox < 58.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
The reader view will display cross-origin content when CORS headers are set to prohibit the loading of cross-origin content by a site. This could allow access to content that should be restricted in reader view. This vulnerability affects Firefox < 58.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
Low descenders on some Tibetan characters in several fonts on OS X are clipped when rendered in the addressbar. When used as part of an Internationalized Domain Name (IDN) this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 58.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A potential integer overflow in the "DoCrypt" function of WebCrypto was identified. If a means was found of exploiting it, it could result in an out-of-bounds write. This vulnerability affects Firefox < 58.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-190,CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
A third party website can access information available to a user with access to a restricted bug entry using the image generation in report.cgi in all Bugzilla versions prior to 4.4.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bugzilla | * |
Unsanitized output in the browser UI leaves HTML tags in place and can result in arbitrary code execution in Firefox before version 58.0.1.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.7, Firefox ESR < 52.7, and Firefox < 59.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
Memory safety bugs were reported in Firefox 58. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 59.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
A buffer overflow can occur when manipulating the SVG "animatedPathSegList" through script. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.7, Firefox ESR < 52.7, and Firefox < 59.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free vulnerability can occur when manipulating elements, events, and selection ranges during editor operations. This results in a potentially exploitable crash. This vulnerability affects Firefox < 59.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
A lack of parameter validation on IPC messages results in a potential out-of-bounds write through malformed IPC messages. This can potentially allow for sandbox escape through memory corruption in the parent process. This vulnerability affects Thunderbird < 52.7, Firefox ESR < 52.7, and Firefox < 59.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
When packets with a mismatched RTP payload type are sent in WebRTC connections, in some circumstances a potentially exploitable crash is triggered. This vulnerability affects Firefox ESR < 52.7 and Firefox < 59.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
Under certain circumstances the "fetch()" API can return transient local copies of resources that were sent with a "no-store" or "no-cache" cache header instead of downloading a copy from the network as it should. This can result in previously stored, locally cached data of a website being accessible to users if they share a common profile while browsing. This vulnerability affects Firefox ESR < 52.7 and Firefox < 59.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
The Find API for WebExtensions can search some privileged pages, such as "about:debugging", if these pages are open in a tab. This could allow a malicious WebExtension to search for otherwise protected data if a user has it open. This vulnerability affects Firefox < 59.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
If the "app.support.baseURL" preference is changed by a malicious local program to contain HTML and script content, this content is not sanitized. It will be executed if a user loads "chrome://browser/content/preferences/in-content/preferences.xul" directly in a tab and executes a search. This stored preference is also executed whenever an EME video player plugin displays a CDM-disabled message as a notification message. This vulnerability affects Firefox < 59.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
WebExtensions may use "view-source:" URLs to view local "file:" URL content, as well as content stored in "about:cache", bypassing restrictions that only allow WebExtensions to view specific content. This vulnerability affects Firefox < 59.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
WebExtensions can bypass normal restrictions in some circumstances and use "browser.tabs.executeScript" to inject scripts into contexts where this should not be allowed, such as pages from other WebExtensions or unprivileged "about:" pages. This vulnerability affects Firefox < 59.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-862,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A shared worker created from a "data:" URL in one tab can be shared by another tab with a different origin, bypassing the same-origin policy. This vulnerability affects Firefox < 59.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
A legacy extension's non-contentaccessible, defined resources can be loaded by an arbitrary web page through script. This script does this by using a maliciously crafted path string to reference the resources. Note: this vulnerability does not affect WebExtensions. This vulnerability affects Firefox < 59.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
A spoofing vulnerability can occur when a malicious site with an extremely long domain name is opened in an Android Custom Tab (a browser panel inside another app) and the default browser is Firefox for Android. This could allow an attacker to spoof which page is actually loaded and in use. Note: this issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox < 59.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Image for moz-icons can be accessed through the "moz-icon:" protocol through script in web content even when otherwise prohibited. This could allow for information leakage of which applications are associated with specific MIME types by a malicious page. This vulnerability affects Firefox < 59.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
A vulnerability in the notifications Push API where notifications can be sent through service workers by web content without direct user interaction. This could be used to open new tabs in a denial of service (DOS) attack or to display unwanted content from arbitrary URLs to users. This vulnerability affects Firefox < 59.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
If Media Capture and Streams API permission is requested from documents with "data:" or "blob:" URLs, the permission notifications do not properly display the originating domain. The notification states "Unknown protocol" as the requestee, leading to user confusion about which site is asking for this permission. This vulnerability affects Firefox < 59.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
URLs using "javascript:" have the protocol removed when pasted into the addressbar to protect users from cross-site scripting (XSS) attacks, but if a tab character is embedded in the "javascript:" URL the protocol is not removed and the script will execute. This could allow users to be socially engineered to run an XSS attack against themselves. This vulnerability affects Firefox < 59.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
An integer overflow can occur during conversion of text to some Unicode character sets due to an unchecked length parameter. This vulnerability affects Firefox ESR < 52.7 and Thunderbird < 52.7.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_eus | 7.2 |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
Memory safety bugs were reported in Firefox ESR 52.6. These bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 52.7 and Thunderbird < 52.7.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.4 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox < 59.0.1, Firefox ESR < 52.7.2, and Thunderbird < 52.7.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.4 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 7.4 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server_eus | 7.4 |
| redhat | enterprise_linux_server | 6.0 |
The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms. This vulnerability affects Firefox ESR < 52.7.2 and Firefox < 59.0.1.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 7.0 |
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
A use-after-free vulnerability can occur in the compositor during certain graphics operations when a raw pointer is used instead of a reference counted one. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 52.7.3 and Firefox < 59.0.2.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | thunderbird_esr | * |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
Memory safety bugs were reported in Firefox 59. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 60.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
WebExtensions with the appropriate permissions can attach content scripts to Mozilla sites such as accounts.firefox.com and listen to network traffic to the site through the "webRequest" API. For example, this allows for the interception of username and an encrypted password during login to Firefox Accounts. This issue does not expose synchronization traffic directly and is limited to the process of user login to the website and the data displayed to the user once logged in. This vulnerability affects Firefox < 60.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-327,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
If websocket data is sent with mixed text and binary in a single message, the binary data can be corrupted. This can result in an out-of-bounds read with the read memory sent to the originating server in response. This vulnerability affects Firefox < 60.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | thunderbird_esr | * |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | thunderbird_esr | * |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. This can result in stream data being cast to the wrong type causing a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR < 52.8 and Firefox < 60.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,CWE-346,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR < 52.8 and Firefox < 60.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-190,CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | thunderbird_esr | * |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
WebRTC can use a "WrappedI420Buffer" pixel buffer but the owning image object can be freed while it is still in use. This can result in the WebRTC encoder using uninitialized memory, leading to a potentially exploitable crash. This vulnerability affects Firefox < 60.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,CWE-908,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
Crafted message headers can cause a Thunderbird process to hang on receiving the message. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | thunderbird_esr | * |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-311,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | thunderbird_esr | * |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
If a malicious attacker has used another vulnerability to gain full control over a content process, they may be able to replace the alternate data resources stored in the JavaScript Start-up Bytecode Cache (JSBC) for other JavaScript code. If the parent process then runs this replaced code, the executed script would be run with the parent process' privileges, escaping the sandbox on content processes. This vulnerability affects Firefox < 60.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-281,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
Content Security Policy (CSP) is not applied correctly to all parts of multipart content sent with the "multipart/x-mixed-replace" MIME type. This could allow for script to run where CSP should block it, allowing for cross-site scripting (XSS) and other attacks. This vulnerability affects Firefox < 60.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
In 32-bit versions of Firefox, the Adobe Flash plugin setting for "Enable Adobe Flash protected mode" is unchecked by default even though the Adobe Flash sandbox is actually enabled. The displayed state is the reverse of the true setting, resulting in user confusion. This could cause users to select this setting intending to activate it and inadvertently turn protections off. This vulnerability affects Firefox < 60.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
WebExtensions can use request redirection and a "filterReponseData" filter to bypass host permission settings to redirect network traffic and access content from a host for which they do not have explicit user permission. This vulnerability affects Firefox < 60.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
The web console and JavaScript debugger do not sanitize all output that can be hyperlinked. Both will display "chrome:" links as active, clickable hyperlinks in their output. Web sites should not be able to directly link to internal chrome pages. Additionally, the JavaScript debugger will display "javascript:" links, which users could be tricked into clicking by malicious sites. This vulnerability affects Firefox < 60.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
Sites can bypass security checks on permissions to install lightweight themes by manipulating the "baseURI" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | thunderbird_esr | * |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
If manipulated hyperlinked text with "chrome:" URL contained in it is dragged and dropped on the "home" icon, the home page can be reset to include a normally-unlinkable chrome page as one of the home page tabs. This vulnerability affects Firefox < 60.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
It is possible to spoof the filename of an attachment and display an arbitrary attachment name. This could lead to a user opening a remote attachment which is a different file type than expected. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | thunderbird_esr | * |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
The Live Bookmarks page and the PDF viewer can run injected script content if a user pastes script from the clipboard into them while viewing RSS feeds or PDF files. This could allow a malicious site to socially engineer a user to copy and paste malicious script content that could then run with the context of either page but does not allow for privilege escalation. This vulnerability affects Firefox < 60.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
The filename appearing in the "Downloads" panel improperly renders some Unicode characters, allowing for the file name to be spoofed. This can be used to obscure the file extension of potentially executable files from user view in the panel. Note: the dialog to open the file will show the full, correct filename and whether it is executable or not. This vulnerability affects Firefox < 60.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the "SEE_MASK_FLAG_NO_UI" flag associated with downloaded files and will not show any UI. Files that are unknown and potentially dangerous will be allowed to run because SmartScreen will not prompt the user for a decision, and if the user is offline all files will be allowed to be opened because Windows won't prompt the user to ask what to do. Firefox incorrectly sets this flag when downloading files, leading to less secure behavior from SmartScreen. Note: this issue only affects Windows 10 users running the April 2018 update or later. It does not affect other Windows users or other operating systems. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| mozilla | thunderbird_esr | * |
A mechanism to bypass Content Security Policy (CSP) protections on sites that have a "script-src" policy of "'strict-dynamic'". If a target website contains an HTML injection flaw an attacker could inject a reference to a copy of the "require.js" library that is part of Firefox's Developer Tools, and then use a known technique using that library to bypass the CSP restrictions on executing injected scripts. This vulnerability affects Firefox < 60.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
The JSON Viewer displays clickable hyperlinks for strings that are parseable as URLs, including "javascript:" links. If a JSON file contains malicious JavaScript script embedded as "javascript:" links, users may be tricked into clicking and running this code in the context of the JSON Viewer. This can allow for the theft of cookies and authorization tokens which are accessible to that context. This vulnerability affects Firefox < 60.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
A vulnerability exists in XSLT during number formatting where a negative buffer size may be allocated in some instances, leading to a buffer overflow and crash if it occurs. This vulnerability affects Firefox < 60.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR < 52.8, Thunderbird < 52.8, and Firefox ESR < 52.8.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | thunderbird_esr | * |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-772,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A use-after-free vulnerability can occur during WebGL operations. While this results in a potentially exploitable crash, the vulnerability is limited because the memory is freed and reused in a brief window of time during the freeing of the same callstack. This vulnerability affects Firefox < 60.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
If a URL using the "file:" protocol is dragged and dropped onto an open tab that is running in a different child process the tab will open a local file corresponding to the dropped URL, contrary to policy. One way to make the target tab open more reliably in a separate process is to open it with the "noopener" keyword. This vulnerability affects Firefox < 60.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
If a text string that happens to be a filename in the operating system's native format is dragged and dropped onto the addressbar the specified local file will be opened. This is contrary to policy and is what would happen if the string were the equivalent "file:" URL. This vulnerability affects Firefox < 60.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR < 52.8, Thunderbird < 52.8, and Firefox ESR < 52.8.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | thunderbird_esr | * |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-326,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | thunderbird_esr | * |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
Plaintext of decrypted emails can leak through by user submitting an embedded form. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-311,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| mozilla | thunderbird_esr | * |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
Memory safety bugs present in Firefox 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 61.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 14.04 |
Memory safety bugs present in Firefox 60 and Firefox ESR 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60, Firefox ESR < 60.1, and Firefox < 61.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| canonical | ubuntu_linux | 14.04 |
Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_eus | 7.6 |
| redhat | enterprise_linux_server_aus | 7.6 |
| redhat | enterprise_linux_server_tus | 7.6 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_server_eus | 7.5 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 17.10 |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
An issue was discovered in Bleach 2.1.x before 2.1.3. Attributes that have URI values weren't properly sanitized if the values contained character entities. Using character entities, it was possible to construct a URI value with a scheme that was not allowed that would slide through unsanitized.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bleach | 2.1.2 |
| mozilla | bleach | 2.1.1 |
| mozilla | bleach | 2.1 |
In Apache Spark 2.1.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, it's possible for a malicious user to construct a URL pointing to a Spark cluster's UI's job and stage info pages, and if a user can be tricked into accessing the URL, can be used to cause script to execute and expose information from the user's view of the Spark UI. While some browsers like recent versions of Chrome and Safari are able to block this type of attack, current versions of Firefox (and possibly others) do not.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | - |
| apache | spark | * |
| apache | spark | 2.3.0 |
A use-after-free vulnerability can occur when working with XMLHttpRequest (XHR) in an event loop, causing the XHR main thread to be called after it has been freed. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A use-after-free vulnerability can occur when listeners are removed from the event listener manager while still in use, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
The bufferdata function in WebGL is vulnerable to a buffer overflow with specific graphics drivers on Linux. This could result in malicious content freezing a tab or triggering a potentially exploitable crash. *Note: this issue only occurs on Linux. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked to a renderer from a broker when making a call to access an otherwise unavailable file. This results in the potential leaking of information stored at that memory location. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-755,CWE-908,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A custom cursor defined by scripting on a site can position itself over the addressbar to spoof the actual cursor when it should not be allowed outside of the primary web content area. This could be used by a malicious site to trick users into clicking on permission prompts, doorhanger notifications, or other buttons inadvertently if the location is spoofed over the user interface. This vulnerability affects Firefox < 67.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Files with the .JNLP extension used for "Java web start" applications are not treated as executable content for download prompts even though they can be executed if Java is installed on the local system. This could allow users to mistakenly launch an executable binary locally. This vulnerability affects Firefox < 67.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
If the ALT and "a" keys are pressed when users receive an extension installation prompt, the extension will be installed without the install prompt delay that keeps the prompt visible in order for users to accept or decline the installation. A malicious web page could use this with spoofing on the page to trick users into installing a malicious extension. This vulnerability affects Firefox < 67.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
If a crafted hyperlink is dragged and dropped to the bookmark bar or sidebar and the resulting bookmark is subsequently dragged and dropped into the web content area, an arbitrary query of a user's browser history can be run and transmitted to the content page via drop event data. This allows for the theft of browser history by a malicious site. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A malicious page can briefly cause the wrong name to be highlighted as the domain name in the addressbar during page navigations. This could result in user confusion of which site is currently loaded for spoofing attacks. This vulnerability affects Firefox < 67.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A hyperlink using the res: protocol can be used to open local files at a known location in Internet Explorer if a user approves execution when prompted. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 67.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-862,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The default webcal: protocol handler will load a web site vulnerable to cross-site scripting (XSS) attacks. This default was left in place as a legacy feature and has now been removed. *Note: this issue only affects users with an account on the vulnerable service. Other users are unaffected.*. This vulnerability affects Firefox < 67.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A hyperlink using protocols associated with Internet Explorer, such as IE.HTTP:, can be used to open local files at a known location with Internet Explorer if a user approves execution when prompted. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 67.0.2.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-862,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parser_get_next_char when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in icalmemory_strdup_and_dequote when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
A flaw in Thunderbird's implementation of iCal causes a stack buffer overflow in icalrecur_add_bydayrules when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7.1.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
A flaw in Thunderbird's implementation of iCal causes a type confusion in icaltimezone_get_vtimezone_properties when processing certain email messages, resulting in a crash. This vulnerability affects Thunderbird < 60.7.1.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-843,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 60.7.1, Firefox < 67.0.3, and Thunderbird < 60.7.2.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-843,CWE-843,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user's computer. This vulnerability affects Firefox ESR < 60.7.2, Firefox < 67.0.4, and Thunderbird < 60.7.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 10.0 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H | 3.9 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| opensuse | leap | 15.0 |
| mozilla | firefox_esr | * |
| opensuse | leap | 15.1 |
| debian | debian_linux | 8.0 |
| suse | package_hub | - |
Mozilla developers and community members reported memory safety bugs present in Firefox 67. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 68.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| opensuse | leap | 15.0 |
| opensuse | leap | 15.1 |
When an inner window is reused, it does not consider the use of document.domain for cross-origin protections. If pages on different subdomains ever cooperatively use document.domain, then either page can abuse this to inject script into arbitrary pages on the other subdomain, even those that did not use document.domain to relax their origin security. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 8.0 |
POST requests made by NPAPI plugins, such as Flash, that receive a status 308 redirect response can bypass CORS requirements. This can allow an attacker to perform Cross-Site Request Forgery (CSRF) attacks. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A use-after-free vulnerability can occur in HTTP/2 when a cached HTTP/2 stream is closed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Necko can access a child on the wrong thread during UDP connections, resulting in a potentially exploitable crash in some instances. This vulnerability affects Firefox < 68.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Due to an error while parsing page content, it is possible for properly sanitized user input to be misinterpreted and lead to XSS hazards on web sites in certain circumstances. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Until explicitly accessed by script, window.globalThis is not enumerable and, as a result, is not visible to code such as Object.getOwnPropertyNames(window). Sites that deploy a sandboxing that depends on enumerating and freezing access to the window object may miss this, allowing their sandboxes to be bypassed. This vulnerability affects Firefox < 68.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A vulnerability exists where the caret ("^") character is improperly escaped constructing some URIs due to it being used as a separator, allowing for possible spoofing of origin attributes. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-116,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| opensuse | leap | 15.0 |
| novell | suse_package_hub_for_suse_linux_enterprise | 12 |
| mozilla | firefox_esr | * |
| opensuse | leap | 15.1 |
| debian | debian_linux | 8.0 |
Activity Stream can display content from sent from the Snippet Service website. This content is written to innerHTML on the Activity Stream page without sanitization, allowing for a potential access to other information available to the Activity Stream, such as browsing history, if the Snipper Service were compromised. This vulnerability affects Firefox < 68.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-74,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| opensuse | leap | 15.0 |
| opensuse | leap | 15.1 |
When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services (NSS) library. This could lead to information disclosure. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Some unicode characters are incorrectly treated as whitespace during the parsing of web content instead of triggering parsing errors. This allows malicious code to then be processed, evading cross-site scripting (XSS) filtering. This vulnerability affects Firefox < 68.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| opensuse | leap | 15.0 |
| opensuse | leap | 15.1 |
The unicode latin 'kra' character can be used to spoof a standard 'k' character in the addressbar. This allows for domain spoofing attacks as do not display as punycode text, allowing for user confusion. This vulnerability affects Firefox < 68.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| opensuse | leap | 15.0 |
| opensuse | leap | 15.1 |
A vulnerability exists during the installation of add-ons where the initial fetch ignored the origin attributes of the browsing context. This could leak cookies in private browsing mode or across different "containers" for people who use the Firefox Multi-Account Containers Web Extension. This vulnerability affects Firefox < 68.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-346,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| opensuse | leap | 15.0 |
| opensuse | leap | 15.1 |
Application permissions give additional remote troubleshooting permission to the site input.mozilla.org, which has been retired and now redirects to another site. This additional permission is unnecessary and is a potential vector for malicious attacks. This vulnerability affects Firefox < 68.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-863,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| opensuse | leap | 15.0 |
| opensuse | leap | 15.1 |
When a user navigates to site marked as unsafe by the Safebrowsing API, warning messages are displayed and navigation is interrupted but resources from the same site loaded through websockets are not blocked, leading to the loading of unsafe resources and bypassing safebrowsing protections. This vulnerability affects Firefox < 68.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| opensuse | leap | 15.0 |
| opensuse | leap | 15.1 |
A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages. This vulnerability affects Firefox < 68.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-295,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The HTTP Alternative Services header, Alt-Svc, can be used by a malicious site to scan all TCP ports of any host that the accessible to a user when web content is loaded. This vulnerability affects Firefox < 68.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-668,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| opensuse | leap | 15.0 |
| opensuse | leap | 15.1 |
Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into memory and used. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and they may uploaded to a server. It was demonstrated that in combination with a popular Android messaging app, if a malicious HTML attachment is sent to a user and they opened that attachment in Firefox, due to that app's predictable pattern for locally-saved file names, it is possible to read attachments the victim received from other correspondents. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| opensuse | leap | 15.0 |
| mozilla | firefox_esr | * |
| opensuse | leap | 15.1 |
| debian | debian_linux | 8.0 |
| suse | package_hub | - |
When a master password is set, it is required to be entered again before stored passwords can be accessed in the 'Saved Logins' dialog. It was found that locally stored passwords can be copied to the clipboard thorough the 'copy password' context menu item without re-entering the master password if the master password had been previously entered in the same session, allowing for potential theft of stored passwords. This vulnerability affects Firefox < 68.0.2 and Firefox ESR < 68.0.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
Mozilla developers and community members reported memory safety bugs present in Firefox 68. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 69.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla developers and community members reported memory safety bugs present in Firefox 68 and Firefox ESR 68. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| opensuse | leap | 15.0 |
| mozilla | firefox_esr | * |
| opensuse | leap | 15.1 |
The Mozilla Maintenance Service does not guard against files being hardlinked to another file in the updates directory, allowing for the replacement of local files, including the Maintenance Service executable, which is run with privileged access. Additionally, there was a race condition during checks for junctions and symbolic links by the Maintenance Service, allowing for potential local file and directory manipulation to be undetected in some circumstances. This allows for potential privilege escalation by a user with unprivileged local access. <br>*Note: These attacks requires local system access and only affects Windows. Other operating systems are not affected.*. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.0 | HIGH | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.0 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
If a wildcard ('*') is specified for the host in Content Security Policy (CSP) directives, any port or path restriction of the directive will be ignored, leading to CSP directives not being properly applied to content. This vulnerability affects Firefox < 69.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-345,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
If a Content Security Policy (CSP) directive is defined that uses a hash-based source that takes the empty string as input, execution of any javascript: URIs will be allowed. This could allow for malicious JavaScript content to be run, bypassing CSP permissions. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L | 2.8 | 3.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| opensuse | leap | 15.0 |
| mozilla | firefox_esr | * |
| opensuse | leap | 15.1 |
Encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird < 68.1 and Thunderbird < 60.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-319,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
Mozilla developers and community members reported memory safety bugs present in Firefox 68, Firefox ESR 68, and Firefox 60.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| opensuse | leap | 15.0 |
| mozilla | firefox_esr | * |
| opensuse | leap | 15.1 |
| canonical | ubuntu_linux | 19.04 |
A compromised sandboxed content process can perform a Universal Cross-site Scripting (UXSS) attack on content from any site it can cause to be loaded in the same process. Because addons.mozilla.org and accounts.firefox.com have close ties to the Firefox product, malicious manipulation of these sites within the browser can potentially be used to modify a user's Firefox configuration. These two sites will now be isolated into their own process and not allowed to be loaded in a standard content process. This vulnerability affects Firefox < 69.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A same-origin policy violation occurs allowing the theft of cross-origin images through a combination of SVG filters and a <canvas> element due to an error in how same-origin policy is applied to cached image content. The resulting same-origin policy violation could allow for data theft. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-829,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Navigation events were not fully adhering to the W3C's "Navigation-Timing Level 2" draft specification in some instances for the unload event, which restricts access to detailed timing attributes to only be same-origin. This resulted in potential cross-origin information exposure of history through timing side-channel attacks. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.7 | LOW | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.2 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-203,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Some HTML elements, such as <title> and <textarea>, can contain literal angle brackets without treating them as markup. It is possible to pass a literal closing tag to .innerHTML on these elements, and subsequent content after that will be parsed as if it were outside the tag. This can lead to XSS if a site does not filter user input as strictly for these elements as it does for other elements. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| siemens | ruggedcom_rox_mx5000_firmware | * |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 19.10 |
| siemens | ruggedcom_rox_rx1501_firmware | * |
| siemens | ruggedcom_rox_rx1510_firmware | * |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| redhat | enterprise_linux_server_aus | 6.6 |
| siemens | ruggedcom_rox_rx5000_firmware | * |
| siemens | ruggedcom_rox_rx1512_firmware | * |
| mozilla | thunderbird | * |
| opensuse | leap | 15.1 |
| siemens | ruggedcom_rox_rx1500_firmware | * |
| debian | debian_linux | 9.0 |
| siemens | ruggedcom_rox_rx1511_firmware | * |
| siemens | ruggedcom_rox_rx1400_firmware | * |
A use-after-free vulnerability can occur while manipulating video elements if the body is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
The "Forget about this site" feature in the History pane is intended to remove all saved user data that indicates a user has visited a site. This includes removing any HTTP Strict Transport Security (HSTS) settings received from sites that use it. Due to a bug, sites on the pre-load list also have their HSTS setting removed. On the next visit to that site if the user specifies an http: URL rather than secure https: they will not be protected by the pre-loaded HSTS setting. After that visit the site's HSTS setting will be restored. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-665,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
WebRTC in Firefox will honor persisted permissions given to sites for access to microphone and camera resources even when in a third-party context. In light of recent high profile vulnerabilities in other software, a decision was made to no longer persist these permissions. This avoids the possibility of trusted WebRTC resources being invisibly embedded in web content and abusing permissions previously given by users. Users will now be prompted for permissions on each use. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-281,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without triggering a user prompt or notification. This allows for the potential fingerprinting of users. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
A type confusion vulnerability exists in Spidermonkey, which results in a non-exploitable crash. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-843,CWE-908,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
Logging-related command line parameters are not properly sanitized when Firefox is launched by another program, such as when a user clicks on malicious links in a chat application. This can be used to write a log file to an arbitrary location such as the Windows 'Startup' folder. <br>*Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-88,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
It is possible to delete an IndexedDB key value and subsequently try to extract it during conversion. This results in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
The Firefox installer allows Firefox to be installed to a custom user writable location, leaving it unprotected from manipulation by unprivileged users or malware. If the Mozilla Maintenance Service is manipulated to update this unprotected location and the updated maintenance service in the unprotected location has been altered, the altered maintenance service can run with elevated privileges during the update process due to a lack of integrity checks. This allows for privilege escalation if the executable has been replaced locally. <br>*Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.*. This vulnerability affects Firefox < 69, Firefox ESR < 60.9, and Firefox ESR < 68.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-354,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
When the pointer lock is enabled by a website though requestPointerLock(), no user notification is given. This could allow a malicious website to hijack the mouse pointer and confuse users. This vulnerability affects Firefox < 69.0.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A crafted S/MIME message consisting of an inner encryption layer and an outer SignedData layer was shown as having a valid digital signature, although the signer might have had no access to the contents of the encrypted message, and might have stripped a different signature from the encrypted message. Previous versions had only suppressed showing a digital signature for messages with an outer multipart/signed layer. This vulnerability affects Thunderbird < 68.1.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-347,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
Improper refcounting of soft token session objects could cause a use-after-free and crash (likely limited to a denial of service). This vulnerability affects Firefox < 71.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When following the value's prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference it. This resulted in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla community member Philipp reported a memory safety bug present in Firefox 68 when 360 Total Security was installed. This bug showed evidence of memory corruption in the accessibility engine and we presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox < 69, Thunderbird < 68.2, and Firefox ESR < 68.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a crash. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
By using a form with a data URI it was possible to gain access to the privileged JSONView object that had been cloned into content. Impact from exposing this object appears to be minimal, however it was a bypass of existing defense in depth mechanisms. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-362,CWE-862,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-346,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Failure to correctly handle null bytes when processing HTML entities resulted in Firefox incorrectly parsing these entities. This could have led to HTML comment text being treated as HTML which could have led to XSS in a web application under certain conditions. It could have also led to HTML entities being masked from filters - enabling the use of entities to mask the actual characters of interest from filters. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers and community members reported memory safety bugs present in Firefox 69 and Firefox ESR 68.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A compromised content process could send a message to the parent process that would cause the 'Click to Play' permission prompt to be shown. However, due to lack of validation from the parent process, if the user accepted the permission request an attacker-controlled permission would be granted rather than the 'Click to Play' permission. This vulnerability affects Firefox < 70.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-276,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
An object tag with a data URI did not correctly inherit the document's Content Security Policy. This allowed a CSP bypass in a cross-origin frame if the document's policy explicitly allowed data: URIs. This vulnerability affects Firefox < 70.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A Content-Security-Policy that blocks in-line scripts could be bypassed using an object tag to execute JavaScript in the protected document (cross-site scripting). This is a separate bypass from CVE-2019-17000.*Note: This flaw only affected Firefox 69 and was not present in earlier versions.*. This vulnerability affects Firefox < 70.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 69.0 |
If upgrade-insecure-requests was specified in the Content Security Policy, and a link was dragged and dropped from that page, the link was not upgraded to https. This vulnerability affects Firefox < 70.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Scanning a QR code that contained a javascript: URL would have resulted in the Javascript being executed.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The plain text serializer used a fixed-size array for the number of <ol> elements it could process; however it was possible to overflow the static-sized array leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| opensuse | leap | 15.1 |
| canonical | ubuntu_linux | 19.10 |
In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| siemens | ruggedcom_rox_mx5000_firmware | * |
| netapp | hci_management_node | - |
| netapp | hci_storage_node | - |
| mozilla | network_security_services | * |
| siemens | ruggedcom_rox_rx1501_firmware | * |
| siemens | ruggedcom_rox_rx1510_firmware | * |
| siemens | ruggedcom_rox_rx5000_firmware | * |
| siemens | ruggedcom_rox_rx1512_firmware | * |
| siemens | ruggedcom_rox_rx1500_firmware | * |
| netapp | hci_compute_node | - |
| netapp | solidfire | - |
| siemens | ruggedcom_rox_rx1511_firmware | * |
| siemens | ruggedcom_rox_rx1400_firmware | * |
In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS to crash, resulting in a denial of service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-295,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| siemens | ruggedcom_rox_mx5000_firmware | * |
| siemens | ruggedcom_rox_rx5000_firmware | * |
| siemens | ruggedcom_rox_rx1512_firmware | * |
| siemens | ruggedcom_rox_rx1500_firmware | * |
| siemens | ruggedcom_rox_rx1511_firmware | * |
| mozilla | network_security_services | * |
| siemens | ruggedcom_rox_rx1400_firmware | * |
| siemens | ruggedcom_rox_rx1501_firmware | * |
| siemens | ruggedcom_rox_rx1510_firmware | * |
When using nested workers, a use-after-free could occur during worker destruction. This resulted in a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| opensuse | leap | 15.1 |
When running, the updater service wrote status and log files to an unrestricted location; potentially allowing an unprivileged process to locate and exploit a vulnerability in file handling in the updater service. *Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.*. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| opensuse | leap | 15.1 |
Under certain conditions, when checking the Resist Fingerprinting preference during device orientation checks, a race condition could have caused a use-after-free and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| opensuse | leap | 15.1 |
| canonical | ubuntu_linux | 19.10 |
Under certain conditions, when retrieving a document from a DocShell in the antitracking code, a race condition could cause a use-after-free condition and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| opensuse | leap | 15.1 |
| canonical | ubuntu_linux | 19.10 |
Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| opensuse | leap | 15.1 |
| canonical | ubuntu_linux | 19.10 |
Mozilla developers reported memory safety bugs present in Firefox 70. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 71.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
If an image had not loaded correctly (such as when it is not actually an image), it could be dragged and dropped cross-domain, resulting in a cross-origin information leak. This vulnerability affects Firefox < 71.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.4 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N | 2.8 | 4.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-863,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
During the initialization of a new content process, a pointer offset can be manipulated leading to memory corruption and a potentially exploitable crash in the parent process. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 19.10 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| debian | debian_linux | 10.0 |
| canonical | ubuntu_linux | 19.04 |
| redhat | enterprise_linux_server_aus | 7.7 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_tus | 7.7 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-843,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 19.10 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| debian | debian_linux | 10.0 |
| canonical | ubuntu_linux | 19.04 |
| redhat | enterprise_linux_server_aus | 7.7 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_tus | 7.7 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
When in Private Browsing Mode on Windows 10, the Windows keyboard may retain word suggestions to improve the accuracy of the keyboard. This vulnerability affects Firefox < 72.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When Python was installed on Windows, a python file being served with the MIME type of text/plain could be executed by Python instead of being opened as a text file when the Open option was selected upon download. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 72.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
If an XML file is served with a Content Security Policy and the XML file includes an XSL stylesheet, the Content Security Policy will not be applied to the contents of the XSL stylesheet. If the XSL sheet e.g. includes JavaScript, it would bypass any of the restrictions of the Content Security Policy applied to the XML document. This vulnerability affects Firefox < 72.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-611,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 19.10 |
| canonical | ubuntu_linux | 19.04 |
During the initialization of a new content process, a race condition occurs that can allow a content process to disclose heap addresses from the parent process. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.6 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
| opensuse | leap | 15.1 |
When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer does not escape < and > characters. Because the resulting string is pasted directly into the text node of the element this does not result in a direct injection into the webpage; however, if a webpage subsequently copies the node's innerHTML, assigning it to another innerHTML, this would result in an XSS vulnerability. Two WYSIWYG editors were identified with this behavior, more may exist. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 19.10 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| debian | debian_linux | 10.0 |
| canonical | ubuntu_linux | 19.04 |
| redhat | enterprise_linux_server_aus | 7.7 |
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_tus | 7.7 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_server | 6.0 |
After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored. This vulnerability affects Firefox < 72.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 20.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 19.10 |
| debian | debian_linux | 10.0 |
| canonical | ubuntu_linux | 19.04 |
Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 7.0 |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_tus | 8.2 |
| canonical | ubuntu_linux | 19.10 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_eus | 7.7 |
| debian | debian_linux | 10.0 |
| canonical | ubuntu_linux | 19.04 |
| redhat | enterprise_linux_server_aus | 7.7 |
| canonical | ubuntu_linux | 16.04 |
| redhat | enterprise_linux | 8.0 |
| mozilla | firefox | * |
| redhat | enterprise_linux_workstation | 6.0 |
| debian | debian_linux | 9.0 |
| redhat | enterprise_linux_server_aus | 8.2 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_eus | 8.1 |
| redhat | enterprise_linux_server_tus | 8.4 |
| redhat | enterprise_linux_eus | 8.4 |
| redhat | enterprise_linux_workstation | 7.0 |
| redhat | enterprise_linux_eus | 8.2 |
| opensuse | leap | 15.1 |
| redhat | enterprise_linux_server_aus | 8.4 |
| redhat | enterprise_linux_server_tus | 7.7 |
| debian | debian_linux | 8.0 |
Mozilla developers reported memory safety bugs present in Firefox 71. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 72.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| canonical | ubuntu_linux | 19.10 |
| canonical | ubuntu_linux | 19.04 |
Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 68.4.1, Thunderbird < 68.4.1, and Firefox < 72.0.1.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-843,CWE-843,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and a sandbox escape. This vulnerability affects Firefox < 70.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H | 1.6 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux_for_scientific_computing | 7.0 |
| redhat | enterprise_linux_for_power_little_endian | 8.0 |
| opensuse | leap | 15.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| oracle | java_se | 7u221 |
| redhat | enterprise_linux_for_power_big_endian | 7.0 |
| canonical | ubuntu_linux | 16.04 |
| redhat | enterprise_linux | 7.0 |
| debian | debian_linux | 9.0 |
| canonical | ubuntu_linux | 18.10 |
| oracle | jdk | 11.0.3 |
| netapp | active_iq_unified_manager | 9.6 |
| netapp | cloud_backup | - |
| netapp | active_iq_unified_manager | * |
| redhat | enterprise_linux_for_ibm_z_systems | 6.0 |
| mozilla | firefox | - |
| redhat | enterprise_linux_desktop | 6.0 |
| canonical | ubuntu_linux | 18.04 |
| redhat | enterprise_linux_for_power_little_endian | 7.0 |
| libpng | libpng | * |
| oracle | mysql | * |
| hpe | xp7_command_view_advanced_edition_suite | * |
| redhat | enterprise_linux_workstation | 7.0 |
| oracle | jdk | 12.0.1 |
| netapp | e-series_santricity_unified_manager | * |
| opensuse | leap | 15.1 |
| redhat | enterprise_linux_for_ibm_z_systems | 7.0 |
| oracle | java_se | 8u212 |
| netapp | e-series_santricity_storage_manager | * |
| redhat | satellite | 5.8 |
| netapp | e-series_santricity_management | - |
| opensuse | leap | 42.3 |
| mozilla | thunderbird | - |
| redhat | enterprise_linux_for_scientific_computing | 6.0 |
| canonical | ubuntu_linux | 19.04 |
| redhat | enterprise_linux_for_ibm_z_systems | 8.0 |
| netapp | plug-in_for_symantec_netbackup | - |
| netapp | oncommand_insight | * |
| netapp | oncommand_workflow_automation | * |
| redhat | enterprise_linux | 8.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| netapp | snapmanager | * |
| hp | xp7_command_view | * |
| redhat | enterprise_linux_for_power_big_endian | 6.0 |
| netapp | steelstore | - |
| netapp | e-series_santricity_web_services | * |
| opensuse | package_hub | - |
| oracle | hyperion_infrastructure_technology | 11.2.6.0 |
| debian | debian_linux | 8.0 |
| netapp | snapmanager | 3.4.2 |
Mozilla developers and community members reported memory safety bugs present in Firefox 65, Firefox ESR 60.5, and Thunderbird 60.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux | 8.0 |
| redhat | enterprise_linux_eus | 8.1 |
| redhat | enterprise_linux_eus | 8.2 |
| redhat | enterprise_linux_server_tus | 8.4 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_aus | 8.4 |
| redhat | enterprise_linux_server_tus | 8.2 |
| redhat | enterprise_linux_eus | 8.4 |
| redhat | enterprise_linux_server_aus | 8.2 |
Mozilla developers and community members reported memory safety bugs present in Firefox 65. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 66.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A use-after-free vulnerability can occur when a raw pointer to a DOM element on a page is obtained using JavaScript and the element is then removed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time (JIT) compiler and when the constructor function is entered through on-stack replacement (OSR). This allows for possible arbitrary reading and writing of objects during an exploitable crash. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-843,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux | 8.0 |
| redhat | enterprise_linux_eus | 8.1 |
| redhat | enterprise_linux_eus | 8.2 |
| redhat | enterprise_linux_server_tus | 8.4 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_aus | 8.4 |
| redhat | enterprise_linux_server_tus | 8.2 |
| redhat | enterprise_linux_eus | 8.4 |
| redhat | enterprise_linux_server_aus | 8.2 |
The IonMonkey just-in-time (JIT) compiler can leak an internal JS_OPTIMIZED_OUT magic value to the running script during a bailout. This magic value can then be used by JavaScript to achieve memory corruption, which results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux | 8.0 |
| redhat | enterprise_linux_eus | 8.1 |
| redhat | enterprise_linux_eus | 8.2 |
| redhat | enterprise_linux_server_tus | 8.4 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_aus | 8.4 |
| redhat | enterprise_linux_server_tus | 8.2 |
| redhat | enterprise_linux_eus | 8.4 |
| redhat | enterprise_linux_server_aus | 8.2 |
A mechanism was discovered that removes some bounds checking for string, array, or typed array accesses if Spectre mitigations have been disabled. This vulnerability could allow an attacker to create an arbitrary value in compiled JavaScript, for which the range analysis will infer a fully controlled, incorrect range in circumstances where users have explicitly disabled Spectre mitigations. *Note: Spectre mitigations are currently enabled for all users by default settings.*. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A vulnerability was discovered where specific command line arguments are not properly discarded during Firefox invocation as a shell handler for URLs. This could be used to retrieve and execute files whose location is supplied through these command line arguments if Firefox is configured as the default URI handler for a given URI scheme in third party applications and these applications insufficiently sanitize URL data. *Note: This issue only affects Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-88,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A vulnerability where type-confusion in the IonMonkey just-in-time (JIT) compiler could potentially be used by malicious JavaScript to trigger a potentially exploitable crash. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-617,CWE-843,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A use-after-free vulnerability can occur when the SMIL animation controller incorrectly registers with the refresh driver twice when only a single registration is expected. When a registration is later freed with the removal of the animation controller element, the refresh driver incorrectly leaves a dangling pointer to the driver's observer array. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Cross-origin images can be read in violation of the same-origin policy by exporting an image after using createImageBitmap to read the image and then rendering the resulting bitmap image within a canvas element. This vulnerability affects Firefox < 66.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-346,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
On Android systems, Firefox can load a library from APITRACE_LIB, which is writable by all users and applications. This could allow malicious third party applications to execute a man-in-the-middle attack if a malicious code was written to that location and loaded. *Note: This issue only affects Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 66.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-426,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Insufficient bounds checking of data during inter-process communication might allow a compromised content process to be able to read memory from the parent process under certain conditions. This vulnerability affects Firefox < 66.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla developers and community members reported memory safety bugs present in Firefox 66, Firefox ESR 60.6, and Thunderbird 60.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Firefox will accept any registered Program ID as an external protocol handler and offer to launch this local application when given a matching URL on Windows operating systems. This should only happen if the program has specifically registered itself as a "URL Handler" in the Windows registry. *Note: This issue only affects Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
If a Sandbox content process is compromised, it can initiate an FTP download which will then use a child process to render the downloaded data. The downloaded data can then be passed to the Chrome process with an arbitrary file length supplied by an attacker, bypassing sandbox protections and allow for a potential memory read of adjacent data from the privileged Chrome process, which may include sensitive data. This vulnerability affects Firefox < 66.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The Upgrade-Insecure-Requests (UIR) specification states that if UIR is enabled through Content Security Policy (CSP), navigation to a same-origin URL must be upgraded to HTTPS. Firefox will incorrectly navigate to an HTTP URL rather than perform the security upgrade requested by the CSP in some circumstances, allowing for potential man-in-the-middle attacks on the linked resources. This vulnerability affects Firefox < 66.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-346,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
In Firefox Developer Tools it is possible that pasting the result of the 'Copy as cURL' command into a command shell on macOS will cause the execution of unintended additional bash script commands if the URL was maliciously crafted. This is the result of an issue with the native version of Bash on macOS. *Note: This issue only affects macOS. Other operating systems are unaffected.*. This vulnerability affects Firefox < 66.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-78,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A latent vulnerability exists in the Prio library where data may be read from uninitialized memory for some functions, leading to potential memory corruption. This vulnerability affects Firefox < 66.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-908,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A vulnerability exists during authorization prompting for FTP transaction where successive modal prompts are displayed and cannot be immediately dismissed. This allows for a denial of service (DOS) attack. This vulnerability affects Firefox < 66.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When arbitrary text is sent over an FTP connection and a page reload is initiated, it is possible to create a modal alert message with this text as the content. This could potentially be used for social engineering attacks. This vulnerability affects Firefox < 66.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
If WebRTC permission is requested from documents with data: or blob: URLs, the permission notifications do not properly display the originating domain. The notification states "Unknown origin" as the requestee, leading to user confusion about which site is asking for this permission. This vulnerability affects Firefox < 66.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-346,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
If the source for resources on a page is through an FTP connection, it is possible to trigger a series of modal alert messages for these resources through invalid credentials or locations. These messages cannot be immediately dismissed, allowing for a denial of service (DOS) attack. This vulnerability affects Firefox < 66.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux | 8.0 |
| redhat | enterprise_linux_eus | 8.1 |
| redhat | enterprise_linux_eus | 8.2 |
| redhat | enterprise_linux_server_tus | 8.4 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| redhat | enterprise_linux_server_aus | 8.4 |
| redhat | enterprise_linux_server_tus | 8.2 |
| redhat | enterprise_linux_eus | 8.4 |
| redhat | enterprise_linux_server_aus | 8.2 |
As part of a winning Pwn2Own entry, a researcher demonstrated a sandbox escape by installing a malicious language pack and then opening a browser feature that used the compromised translation. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.3 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H | 1.6 | 6.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-74,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| opensuse | leap | 15.0 |
| novell | suse_package_hub_for_suse_linux_enterprise | 12 |
| mozilla | firefox_esr | * |
| opensuse | leap | 15.1 |
| debian | debian_linux | 8.0 |
Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the local machine and the compromised browser would restart without the sandbox if a crash is triggered. This vulnerability affects Firefox ESR < 60.9, Firefox ESR < 68.1, and Firefox < 69.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.3 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:H | 2.8 | 5.8 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
Incorrect handling of __proto__ mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-843,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers and community members reported memory safety bugs present in Firefox 66. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 67.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in a thread through a new sysctl. Firefox now makes use of it on the main thread and any worker threads. *Note: users need to update to macOS 10.14.5 in order to take advantage of this change.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-203,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A possible vulnerability exists where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the bypassing of security checks within these groups. *Note: this vulnerability has only been demonstrated with UnboxedObjects, which are disabled by default on all supported releases.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-843,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Images from a different domain can be read using a canvas object in some circumstances. This could be used to steal image data from a different site in violation of same-origin policy. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-346,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A race condition is present in the crash generation server used to generate data for the crash reporter. This issue can lead to a use-after-free in the main process, resulting in a potentially exploitable crash and a sandbox escape. *Note: this vulnerability only affects Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.3 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H | 1.6 | 6.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-362,CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A vulnerability where a JavaScript compartment mismatch can occur while working with the fetch API, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-843,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A use-after-free vulnerability can occur in AssertWorkerThread due to a race condition with shared workers. This results in a potentially exploitable crash. This vulnerability affects Firefox < 67.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-362,CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-362,CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 10.0 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H | 3.9 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 10.0 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H | 3.9 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
Incorrect origin serialization of URLs with IPv6 addresses could lead to incorrect security checks. This vulnerability affects Firefox < 76.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-502,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Documents formed using data: URLs in an OBJECT element failed to inherit the CSP of the creating context. This allowed the execution of scripts that should have been blocked, albeit with a unique opaque origin. This vulnerability affects Firefox < 76.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-863,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in the disclosure of local files. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 20.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 19.10 |
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-78,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A logic flaw in our location bar implementation could have allowed a local attacker to spoof the current location by selecting a different origin and removing focus from the input element. This vulnerability affects Firefox < 76.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla developers and community members reported memory safety bugs present in Firefox 75 and Firefox ESR 68.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 20.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 19.10 |
Mozilla developers and community members reported memory safety bugs present in Firefox 75. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 76.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
By encoding Unicode whitespace characters within the From email header, an attacker can spoof the sender email address that Thunderbird displays. This vulnerability affects Thunderbird < 68.8.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-346,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 20.04 |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 19.10 |
If Thunderbird is configured to use STARTTLS for an IMAP server, and the server sends a PREAUTH response, then Thunderbird will continue with an unencrypted connection, causing email data to be sent without protection. This vulnerability affects Thunderbird < 68.9.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-319,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 20.04 |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 19.10 |
NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N | 0.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-203,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
When converting coordinates from projective to affine, the modular inversion was not performed in constant time, resulting in a possible timing-based side channel attack. This vulnerability affects Firefox < 80 and Firefox for Android < 80.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.7 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.0 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-203,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulting in variable-time execution dependent on secret data. This vulnerability affects Firefox < 80 and Firefox for Android < 80.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.7 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.0 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-203,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secret primes. *Note:* An unmodified Firefox browser does not generate RSA keys in normal operation and is not affected, but products built on top of it might. This vulnerability affects Firefox < 78.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N | 0.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-203,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| opensuse | leap | 15.1 |
| debian | debian_linux | 9.0 |
| fedoraproject | fedora | 32 |
| opensuse | leap | 15.2 |
A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly enforcing tag length. The highest threat from this vulnerability is to confidentiality and system availability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H | 3.9 | 5.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | nss | * |
For native-to-JS bridging the app requires a unique token to be passed that ensures non-app code can't call the bridging functions. That token could leak when used for downloading files. This vulnerability affects Firefox for iOS < 26.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H | 1.6 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-362,CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 20.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 19.10 |
Mozilla Developer Iain Ireland discovered a missing type check during unboxed objects removal, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-345,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 20.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 19.10 |
Mozilla Developer Nicolas Silva found that when using WebRender, Firefox would under certain conditions leak arbitrary GPU memory to the visible screen. The leaked memory content was visible to the user, but not observable from web content. This vulnerability affects Firefox < 77.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When browsing a document hosted on an IP address, an attacker could insert certain characters to flip domain and path information in the address bar. This vulnerability affects Firefox < 77.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When using certain blank characters in a URL, they where incorrectly rendered as spaces instead of an encoded URL. This vulnerability affects Firefox < 77.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla developers reported memory safety bugs present in Firefox 76 and Firefox ESR 68.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 20.04 |
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 19.10 |
Mozilla developers reported memory safety bugs present in Firefox 76. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 77.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
By navigating a tab using the history API, an attacker could cause the address bar to display the incorrect domain (with the https:// scheme, a blocked port number such as '1', and without a lock icon) while controlling the page contents. This vulnerability affects Firefox < 70.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS specification. To mitigate this vulnerability, Firefox disabled support for DHE ciphersuites.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.9 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.2 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
IndexedDB should be cleared when leaving private browsing mode and it is not, the API for WKWebViewConfiguration was being used incorrectly and requires the private instance of this object be deleted when leaving private mode. This vulnerability affects Firefox for iOS < 27.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-459,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When "%2F" was present in a manifest URL, Firefox's AppCache behavior may have become confused and allowed a manifest to be served from a subdirectory. This could cause the appcache to be used to service requests for the top level directory. This vulnerability affects Firefox < 78.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-276,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| opensuse | leap | 15.1 |
| opensuse | leap | 15.2 |
A VideoStreamEncoder may have been freed in a race condition with VideoBroadcaster::AddOrUpdateSink, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 78.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-362,CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| opensuse | leap | 15.1 |
| opensuse | leap | 15.2 |
Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitable crash. *Note: this issue only affects Firefox on ARM64 platforms.* This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-617,CWE-681,CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 20.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| opensuse | leap | 15.1 |
| canonical | ubuntu_linux | 19.10 |
| opensuse | leap | 15.2 |
Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 20.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| opensuse | leap | 15.1 |
| canonical | ubuntu_linux | 19.10 |
| opensuse | leap | 15.2 |
When processing callbacks that occurred during window flushing in the parent process, the associated window may die; causing a use-after-free condition. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 20.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| opensuse | leap | 15.1 |
| canonical | ubuntu_linux | 19.10 |
| opensuse | leap | 15.2 |
When trying to connect to a STUN server, a race condition could have caused a use-after-free of a pointer, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-362,CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 20.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| opensuse | leap | 15.1 |
| canonical | ubuntu_linux | 19.10 |
| opensuse | leap | 15.2 |
When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected (even if they were legitimately added by an administrator.) This could have caused add-ons to become out-of-date silently without notification to the user. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-295,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 20.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 19.10 |
In non-standard configurations, a JPEG image created by JavaScript could have caused an internal variable to overflow, resulting in an out of bounds write, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 78.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| opensuse | leap | 15.1 |
| opensuse | leap | 15.2 |
When the Windows DLL "webauthn.dll" was missing from the Operating System, and a malicious one was placed in a folder in the user's %PATH%, Firefox may have loaded the DLL, leading to arbitrary code execution. *Note: This issue only affects the Windows operating system; other operating systems are unaffected.* This vulnerability affects Firefox < 78.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-427,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When constructing a permission prompt for WebRTC, a URI was supplied from the content process. This URI was untrusted, and could have been the URI of an origin that was previously granted permission; bypassing the prompt. This vulnerability affects Firefox < 78.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-276,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| opensuse | leap | 15.1 |
| opensuse | leap | 15.2 |
Due to confusion processing a hyphen character in Date.parse(), a one-byte out of bounds read could have occurred, leading to potential information disclosure. This vulnerability affects Firefox < 78.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla developers and community members reported memory safety bugs present in Firefox 77. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 78.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| opensuse | leap | 15.1 |
| opensuse | leap | 15.2 |
libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H | 2.8 | 5.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| libjpeg-turbo | libjpeg-turbo | 2.0.4 |
| mozilla | mozjpeg | 4.0.0 |
If an attacker intercepts Thunderbird's initial attempt to perform automatic account setup using the Microsoft Exchange autodiscovery mechanism, and the attacker sends a crafted response, then Thunderbird sends username and password over https to a server controlled by the attacker. This vulnerability affects Thunderbird < 68.10.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.9 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.2 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
A Content Provider in Firefox for Android allowed local files accessible by the browser to be read by a remote webpage, leading to sensitive data disclosure, including cookies for other origins. This vulnerability affects Firefox for < Android.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.4 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N | 2.8 | 4.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Using object or embed tags, it was possible to frame other websites, even if they disallowed framing using the X-Frame-Options header. This vulnerability affects Thunderbird < 78 and Firefox < 78.0.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-1021,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Given an installed malicious file picker application, an attacker was able to steal and upload local files of their choosing, regardless of the actually files picked. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.11.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-434,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | * |
Given an installed malicious file picker application, an attacker was able to overwrite local files and thus overwrite Firefox settings (but not access the previous profile). *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.11.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | * |
A unicode RTL order character in the downloaded file name can be used to change the file's name during the download UI flow to change the file extension. This vulnerability affects Firefox for iOS < 28.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox < 79, Firefox ESR < 68.11, Firefox ESR < 78.1, Thunderbird < 68.11, and Thunderbird < 78.1.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-346,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 20.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites relying on sandbox configurations that allowed popups and hosted arbitrary content. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 20.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could lead to a perceived broken state, especially when interactions with existing browser dialogs and warnings do not work. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-835,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 20.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A redirected HTTP request which is observed or modified through a web extension could bypass existing CORS checks, leading to potential disclosure of cross-origin information. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 20.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| opensuse | leap | 15.2 |
JIT optimizations involving the Javascript arguments object could confuse later optimizations. This risk was already mitigated by various precautions in the code, resulting in this bug rated at only moderate severity. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-843,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 20.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| opensuse | leap | 15.2 |
Firefox could be made to load attacker-supplied DLL files from the installation directory. This required an attacker that is already capable of placing files in the installation directory. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-427,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
The code for downloading files did not properly take care of special characters, which led to an attacker being able to cut off the file ending at an earlier position, leading to a different file type being downloaded than shown in the dialog. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-754,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 20.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 79, Firefox ESR < 68.11, Firefox ESR < 78.1, Thunderbird < 68.11, and Thunderbird < 78.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 20.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| opensuse | leap | 15.1 |
| opensuse | leap | 15.2 |
Missing checks on Content-Type headers in geckodriver before 0.27.0 could lead to a CSRF vulnerability, that might, when paired with a specifically prepared request, lead to remote code execution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | geckodriver | * |
A rogue webpage could override the injected WKUserScript used by the logins autofill, this exploit could result in leaking a password for the current domain. This vulnerability affects Firefox for iOS < 28.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-522,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A rogue webpage could override the injected WKUserScript used by the download feature, this exploit could result in the user downloading an unintended file. This vulnerability affects Firefox for iOS < 28.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
If Firefox is installed to a user-writable directory, the Mozilla Maintenance Service would execute updater.exe from the install location with system privileges. Although the Mozilla Maintenance Service does ensure that updater.exe is signed by Mozilla, the version could have been rolled back to a previous version which would have allowed exploitation of an older bug and arbitrary code execution with System Privileges. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox < 80, Thunderbird < 78.2, Thunderbird < 68.12, Firefox ESR < 68.12, and Firefox ESR < 78.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-427,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
By holding a reference to the eval() function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended or malicious extension being installed. This vulnerability affects Firefox < 80, Thunderbird < 78.2, Thunderbird < 68.12, Firefox ESR < 68.12, Firefox ESR < 78.2, and Firefox for Android < 80.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-863,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Firefox did not reset the address bar after the beforeunload dialog was shown if the user chose to remain on the page. This could have resulted in an incorrect URL being shown when used in conjunction with other unexpected browser behaviors. This vulnerability affects Firefox < 80.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When trying to load a non-video in an audio/video context the exact status code (200, 302, 404, 500, 412, 403, etc.) was disclosed via the MediaError Message. This level of information leakage is inconsistent with the standardized onerror/onsuccess disclosure and can lead to inferring login status to services or device discovery on a local network among other attacks. This vulnerability affects Firefox < 80 and Firefox for Android < 80.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-209,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When processing a MAR update file, after the signature has been validated, an invalid name length could result in a heap overflow, leading to memory corruption and potentially arbitrary code execution. Within Firefox as released by Mozilla, this issue is only exploitable with the Mozilla-controlled signing key. This vulnerability affects Firefox < 80.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A lock was missing when accessing a data structure and importing certificate information into the trust database. This vulnerability affects Firefox < 80 and Firefox for Android < 80.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-667,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When aborting an operation, such as a fetch, an abort signal may be deleted while alerting the objects to be notified. This results in a use-after-free and we presume that with enough effort it could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.12 and Thunderbird < 68.12.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers reported memory safety bugs present in Firefox for Android 79. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 80, Firefox ESR < 78.2, Thunderbird < 78.2, and Firefox for Android < 80.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-362,CWE-416,CWE-617,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When typing in a password under certain conditions, a race may have occured where the InputContext was not being correctly set for the input field, resulting in the typed password being saved to the keyboard dictionary. This vulnerability affects Firefox for Android < 80.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.1 | LOW | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N | 1.6 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| opensuse | leap | 15.1 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 10.0 |
| opensuse | leap | 15.2 |
Mozilla developers reported memory safety bugs present in Firefox 80. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 81.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-667,CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When processing surfaces, the lifetime may outlive a persistent buffer leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 81.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| opensuse | leap | 15.1 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 10.0 |
| opensuse | leap | 15.2 |
By exploiting an Open Redirect vulnerability on a website, an attacker could have spoofed the site displayed in the download file dialog to show the original site (the one suffering from the open redirect) rather than the site the file was actually downloaded from. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-601,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| opensuse | leap | 15.1 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 10.0 |
| opensuse | leap | 15.2 |
When recursing through graphical layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free. This occurs because the function APZCTreeManager::ComputeClippedCompositionBounds did not follow iterator invalidation rules. This vulnerability affects Firefox < 81, Thunderbird < 78.3, and Firefox ESR < 78.3.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| opensuse | leap | 15.1 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 10.0 |
| opensuse | leap | 15.2 |
An OAuth session fixation vulnerability existed in the VPN login flow, where an attacker could craft a custom login URL, convince a VPN user to login via that URL, and obtain authenticated access as that user. This issue is limited to cases where attacker and victim are sharing the same source IP and could allow the ability to view session states and disconnect VPN sessions. This vulnerability affects Mozilla VPN iOS 1.0.7 < (929), Mozilla VPN Windows < 1.2.2, and Mozilla VPN Android 1.1.0 < (1360).
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | vpn | * |
If a valid external protocol handler was referenced in an image tag, the resulting broken image size could be distinguished from a broken image size of a non-existent protocol handler. This allowed an attacker to successfully probe whether an external protocol handler was registered. This vulnerability affects Firefox < 82.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When multiple WASM threads had a reference to a module, and were looking up exported functions, one WASM thread could have overwritten another's entry in a shared stub table, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 82.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When a link to an external protocol was clicked, a prompt was presented that allowed the user to choose what application to open it in. An attacker could induce that prompt to be associated with an origin they didn't control, resulting in a spoofing attack. This was fixed by changing external protocol prompts to be tab-modal while also ensuring they could not be incorrectly associated with a different origin. This vulnerability affects Firefox < 82.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-346,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla developers and community members reported memory safety bugs present in Firefox 81 and Firefox ESR 78.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.4, Firefox < 82, and Thunderbird < 78.4.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| opensuse | leap | 15.1 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 10.0 |
| opensuse | leap | 15.2 |
Mozilla developers reported memory safety bugs present in Firefox 81. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 82.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. This vulnerability affects Thunderbird < 78.7.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
Side-channel information leakage in graphics in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| chrome | * |
A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This flaw affects NSS versions before 3.58.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-770,CWE-770,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux | 8.0 |
| redhat | enterprise_linux | 7.0 |
| oracle | communications_offline_mediation_controller | 12.0.0.3.0 |
| fedoraproject | fedora | 31 |
| oracle | communications_pricing_design_center | 12.0.0.3.0 |
| fedoraproject | fedora | 32 |
| mozilla | network_security_services | * |
| fedoraproject | fedora | 33 |
| oracle | jd_edwards_enterpriseone_tools | * |
In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox < 82.0.3, Firefox ESR < 78.4.1, and Thunderbird < 78.4.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A parsing and event loading mismatch in Firefox's SVG code could have allowed load events to fire, even after sanitization. An attacker already capable of exploiting an XSS vulnerability in privileged internal pages could have used this attack to bypass our built-in sanitizer. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Incorrect bookkeeping of functions inlined during JIT compilation could have led to memory corruption and a potentially exploitable crash when handling out-of-memory errors. This vulnerability affects Firefox < 83.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
It was possible to cause the browser to enter fullscreen mode without displaying the security UI; thus making it possible to attempt a phishing attack or otherwise confuse the user. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-1021,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins. This could be used to gain fullscreen access for UI spoofing and could also lead to cross-origin attacks on targeted websites. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 83.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When a user downloaded a file in Firefox for Android, if a cookie is set, it would have been re-sent during a subsequent file download operation on the same domain, regardless of whether the original and subsequent request were in private and non-private browsing modes. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 83.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-565,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
In some cases, removing HTML elements during sanitization would keep existing SVG event handlers and therefore lead to XSS. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
OneCRL was non-functional in the new Firefox for Android due to a missing service initialization. This could result in a failure to enforce some certificate revocations. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 83.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-665,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Firefox did not block execution of scripts with incorrect MIME types when the response was intercepted and cached through a ServiceWorker. This could lead to a cross-site script inclusion vulnerability, or a Content Security Policy bypass. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
If the Compact() method was called on an nsTArray, the array could have been reallocated without updating other pointers, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When DNS over HTTPS is in use, it intentionally filters RFC1918 and related IP ranges from the responses as these do not make sense coming from a DoH resolver. However when an IPv4 address was mapped through IPv6, these addresses were erroneously let through, leading to a potential DNS Rebinding attack. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Cross-origin iframes that contained a login form could have been recognized by the login autofill service, and populated. This could have been used in clickjacking attacks, as well as be read across partitions in dynamic first party isolation. This vulnerability affects Firefox < 83.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-1021,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Repeated calls to the history and location interfaces could have been used to hang the browser. This was addressed by introducing rate-limiting to these API calls. This vulnerability affects Firefox < 83.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
If the Remote Debugging via USB feature was enabled in Firefox for Android on an Android version prior to Android 6.0, untrusted apps could have connected to the feature and operated with the privileges of the browser to read and interact with web content. The feature was implemented as a unix domain socket, protected by the Android SELinux policy; however, SELinux was not enforced for versions prior to 6.0. This was fixed by removing the Remote Debugging via USB feature from affected devices. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 83.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.8 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N | 1.6 | 5.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Some websites have a feature "Show Password" where clicking a button will change a password field into a textbook field, revealing the typed password. If, when using a software keyboard that remembers user input, a user typed their password and used that feature, the type of the password field was changed, resulting in a keyboard layout change and the possibility for the software keyboard to remember the typed password. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-212,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Searching for a single word from the address bar caused an mDNS request to be sent on the local network searching for a hostname consisting of that string; resulting in an information leak. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When listening for page changes with a Mutation Observer, a malicious web page could confuse Firefox Screenshots into interacting with elements other than those that it injected into the page. This would lead to internal errors and unexpected behavior in the Screenshots code. This vulnerability affects Firefox < 83.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla developers reported memory safety bugs present in Firefox 82 and Firefox ESR 78.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers reported memory safety bugs present in Firefox 82. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 83.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When reading SMTP server status codes, Thunderbird writes an integer value to a position on the stack that is intended to contain just one byte. Depending on processor architecture and stack layout, this leads to stack corruption that may be exploitable. This vulnerability affects Thunderbird < 78.5.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow on some video drivers. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
The lifecycle of IPC Actors allows managed actors to outlive their manager actors; and the former must ensure that they are not attempting to use a dead actor they have a reference to. Such a check was omitted in WebGL, resulting in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox < 84.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Certain input to the CSS Sanitizer confused it, resulting in incorrect components being removed. This could have been used as a sanitizer bypass. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When flex-basis was used on a table wrapper, a StyleGenericFlexBasis object could have been incorrectly cast to the wrong type. This resulted in a heap user-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When a malicious application installed on the user's device broadcast an Intent to Firefox for Android, arbitrary headers could have been specified, leading to attacks such as abusing ambient authority or session fixation. This was resolved by only allowing certain safe-listed headers. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 84.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When a HTTPS pages was embedded in a HTTP page, and there was a service worker registered for the former, the service worker could have intercepted the request for the secure page despite the iframe not being a secure context due to the (insecure) framing. This vulnerability affects Firefox < 84.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 10.0 |
By attempting to connect a website using an unresponsive port, an attacker could have controlled the content of a tab while the URL bar displayed the original domain. *Note: This issue only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 84.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Using techniques that built on the slipstream research, a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When a user typed a URL in the address bar or the search bar and quickly hit the enter key, a website could sometimes capture that event and then redirect the user before navigation occurred to the desired, entered address. To construct a convincing spoof the attacker would have had to guess what the user was typing, perhaps by suggesting it. This vulnerability affects Firefox < 84.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-601,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When an extension with the proxy permission registered to receive <all_urls>, the proxy.onRequest callback was not triggered for view-source URLs. While web content cannot navigate to such URLs, a user opening View Source could have inadvertently leaked their IP address. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
If a user downloaded a file lacking an extension on Windows, and then "Open"-ed it from the downloads panel, if there was an executable file in the downloads directory with the same name but with an executable extension (such as .bat or .exe) that executable would have been launched instead. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers reported memory safety bugs present in Firefox 83 and Firefox ESR 78.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers reported memory safety bugs present in Firefox 83. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 84.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When deriving an identifier for an email message, uninitialized memory was used in addition to the message contents. This vulnerability affects Thunderbird < 68.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-908,CWE-909,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 19.10 |
When processing an email message with an ill-formed envelope, Thunderbird could read data from a random memory location. This vulnerability affects Thunderbird < 68.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-908,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
If a user saved passwords before Thunderbird 60 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not deleted when the data was copied to a new format starting in Thunderbird 60. The new master password is added only on the new file. This could allow the exposure of stored password data outside of user expectations. This vulnerability affects Thunderbird < 68.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-312,CWE-459,CWE-522,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | thunderbird | * |
| canonical | ubuntu_linux | 19.10 |
When processing a message that contains multiple S/MIME signatures, a bug in the MIME processing code caused a null pointer dereference, leading to an unexploitable crash. This vulnerability affects Thunderbird < 68.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-476,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
A content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound write. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 73 and Firefox < ESR68.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
By downloading a file with the .fileloc extension, a semi-privileged extension could launch an arbitrary application on the user's computer. The attacker is restricted as they are unable to download non-quarantined files or supply command line arguments to the application, limiting the impact. Note: this issue only occurs on Mac OSX. Other operating systems are unaffected. This vulnerability affects Thunderbird < 68.5, Firefox < 73, and Firefox < ESR68.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
If a template tag was used in a select tag, the parser could be confused and allow JavaScript parsing and execution when it should not be allowed. A site that relied on the browser behaving correctly could suffer a cross-site scripting vulnerability as a result. In general, this flaw cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but is potentially a risk in browser or browser-like contexts. This vulnerability affects Thunderbird < 68.5, Firefox < 73, and Firefox < ESR68.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Command line arguments could have been injected during Firefox invocation as a shell handler for certain unsupported file types. This required Firefox to be configured as the default handler for a given file type and for a file downloaded to be opened in a third party application that insufficiently sanitized URL data. In that situation, clicking a link in the third party application could have been used to retrieve and execute files whose location was supplied through command line arguments. Note: This issue only affects Windows operating systems and when Firefox is configured as the default handler for non-default filetypes. Other operating systems are unaffected. This vulnerability affects Firefox < 73 and Firefox < ESR68.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-88,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
Mozilla developers and community members reported memory safety bugs present in Firefox 72 and Firefox ESR 68.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts. This vulnerability affects Thunderbird < 68.5, Firefox < 73, and Firefox < ESR68.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 19.10 |
Mozilla developers reported memory safety bugs present in Firefox 72. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 73.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| mozilla | firefox | * |
In Mozilla Bleach before 3.11, a mutation XSS affects users calling bleach.clean with noscript and a raw tag in the allowed/whitelisted tags option.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| fedoraproject | fedora | 30 |
| fedoraproject | fedora | 31 |
| fedoraproject | fedora | 32 |
| mozilla | bleach | * |
An open redirect is present on the gateway's login page, which could cause a user to be redirected to a malicious site after logging in.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
| security@mozilla.org | 5.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N | 2.8 | 2.5 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-601,CWE-601,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | webthings_gateway | * |
A reflected XSS vulnerability exists within the gateway, allowing an attacker to craft a specialized URL which could steal the user's authentication token. When combined with CVE-2020-6803, an attacker could fully compromise the system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| security@mozilla.org | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | webthings_gateway | * |
When removing data about an origin whose tab was recently closed, a use-after-free could occur in the Quota manager, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 19.10 |
By carefully crafting promise resolutions, it was possible to cause an out-of-bounds read off the end of an array resized during script execution. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 19.10 |
When a device was changed while a stream was about to be destroyed, the <code>stream-reinit</code> task may have been executed after the stream was destroyed, causing a use-after-free and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 19.10 |
When a JavaScript URL (javascript:) is evaluated and the result is a string, this string is parsed to create an HTML document, which is then presented. Previously, this document's URL (as reported by the document.location property, for example) was the originating javascript: URL which could lead to spoofing attacks; it is now correctly the URL of the originating document. This vulnerability affects Firefox < 74.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-290,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When a Web Extension had the all-urls permission and made a fetch request with a mode set to 'same-origin', it was possible for the Web Extension to read local files. This vulnerability affects Firefox < 74.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
After a website had entered fullscreen mode, it could have used a previously opened popup to obscure the notification that indicates the browser is in fullscreen mode. Combined with spoofing the browser chrome, this could have led to confusing the user about the current origin of the page and credential theft or other attacks. This vulnerability affects Firefox < 74.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-290,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-77,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 19.10 |
The first time AirPods are connected to an iPhone, they become named after the user's name by default (e.g. Jane Doe's AirPods.) Websites with camera or microphone permission are able to enumerate device names, disclosing the user's name. To resolve this issue, Firefox added a special case that renames devices containing the substring 'AirPods' to simply 'AirPods'. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 19.10 |
When protecting CSS blocks with the nonce feature of Content Security Policy, the @import statement in the CSS block could allow an attacker to inject arbitrary styles, bypassing the intent of the Content Security Policy. This vulnerability affects Firefox < 74.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla developers reported memory safety bugs present in Firefox and Thunderbird 68.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| canonical | ubuntu_linux | 19.10 |
Mozilla developers reported memory safety and script safety bugs present in Firefox 73. Some of these bugs showed evidence of memory corruption or escalation of privilege and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 74.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
In Mozilla Bleach before 3.12, a mutation XSS in bleach.clean when RCDATA and either svg or math tags are whitelisted and the keyword argument strip=False.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bleach | * |
| fedoraproject | fedora | 33 |
bleach.clean behavior parsing style attributes could result in a regular expression denial of service (ReDoS). Calls to bleach.clean with an allowed tag with an allowed style attribute are vulnerable to ReDoS. For example, bleach.clean(..., attributes={'a': ['style']}).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bleach | * |
Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-362,CWE-416,CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-362,CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When reading from areas partially or fully outside the source resource with WebGL's <code>copyTexSubImage</code> method, the specification requires the returned values be zero. Previously, this memory was uninitialized, leading to potentially sensitive data disclosure. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-908,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in <code>GMPDecodeData</code>. It is possible that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A malicious extension could have called <code>browser.identity.launchWebAuthFlow</code>, controlling the redirect_uri, and through the Promise returned, obtain the Auth code and gain access to the user's account at the service provider. This vulnerability affects Firefox < 75.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-862,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Initially, a user opens a Private Browsing Window and generates a password for a site, then closes the Private Browsing Window but leaves Firefox open. Subsequently, if the user had opened a new Private Browsing Window, revisited the same site, and generated a new password - the generated passwords would have been identical, rather than independent. This vulnerability affects Firefox < 75.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 2.8 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N | 1.3 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-384,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 74 and Firefox ESR 68.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers Tyson Smith, Bob Clary, and Alexandru Michis reported memory safety bugs present in Firefox 74. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 75.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When following a link that opened an intent://-schemed URL, causing a custom tab to be opened, Firefox for Android could be tricked into displaying the incorrect URI. <br> *Note: This issue only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.7.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.7 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-1021,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | * |
A malicious Android application could craft an Intent that would have been processed by Firefox for Android and potentially result in a file overwrite in the user's profile directory. One exploitation vector for this would be to supply a user.js file providing arbitrary malicious preference values. Control of arbitrary preferences can lead to sufficient compromise such that it is generally equivalent to arbitrary code execution.<br> *Note: This issue only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.7.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_esr | * |
When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been computed. This vulnerability affects Firefox < 80 and Firefox for Android < 80.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
For native-to-JS bridging, the app requires a unique token to be passed that ensures non-app code can't call the bridging functions. That token was being used for JS-to-native also, but it isn't needed in this case, and its usage was also leaking this token. This vulnerability affects Firefox for iOS < 25.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 20.04 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| canonical | ubuntu_linux | 19.10 |
| debian | debian_linux | 10.0 |
| opensuse | leap | 15.2 |
Pollbot is open source software which "frees its human masters from the toilsome task of polling for the state of things during the Firefox release process." In Pollbot before version 1.4.4 there is an open redirection vulnerability in the path of "https://pollbot.services.mozilla.com/". An attacker can redirect anyone to malicious sites. To Reproduce type in this URL: "https://pollbot.services.mozilla.com//evil.com/". Affected versions will redirect to that website when you inject a payload like "//evil.com/". This is fixed in version 1.4.4.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
| security-advisories@github.com | 7.4 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N | 2.8 | 4.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-601,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | pollbot | * |
If a user clicked into a specifically crafted PDF, the PDF reader could be confused into leaking cross-origin information, when said information is served as chunked data. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Using the new logical assignment operators in a JavaScript switch statement could have caused a type confusion, leading to a memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-843,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
The browser could have been confused into transferring a pointer lock state into another tab, which could have lead to clickjacking attacks. This vulnerability affects Firefox < 85.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-1021,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
An ambiguous file picker design could have confused users who intended to select and upload a single file into uploading a whole directory. This was addressed by adding a new prompt. This vulnerability affects Firefox < 85.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Navigations through the Android-specific `intent` URL scheme could have been misused to escape iframe sandbox. Note: This issue only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 85.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.4 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N | 2.8 | 4.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The browser could have been confused into transferring a screen sharing state into another tab, which would leak unintended information. This vulnerability affects Firefox < 85.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-668,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
An XSS bug in internal error pages could have led to various spoofing attacks, including other error pages and the address bar. Note: This issue only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 85.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Performing garbage collection on re-declared JavaScript variables resulted in a user-after-poison, and a potentially exploitable crash. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox < 85.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.4 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N | 2.8 | 4.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 10.0 |
Incorrect use of the '<RowCountChanged>' method could have led to a user-after-poison and a potentially exploitable crash. This vulnerability affects Firefox < 85.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC sharing state in the user interface, leading to loss of control over the currently granted permission. This vulnerability affects Firefox < 85.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-281,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla developers reported memory safety bugs present in Firefox 84 and Firefox ESR 78.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers reported memory safety bugs present in Firefox 84. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 85.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
If Content Security Policy blocked frame navigation, the full destination of a redirect served in the frame was reported in the violation report; as opposed to the original frame URI. This could be used to leak sensitive information contained in such URIs. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-209,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 10.0 |
As specified in the W3C Content Security Policy draft, when creating a violation report, "User agents need to ensure that the source file is the URL requested by the page, pre-redirects. If that’s not possible, user agents need to strip the URL down to an origin to avoid unintentional leakage." Under certain types of redirects, Firefox incorrectly set the source file to be the destination of the redirects. This was fixed to be the redirect destination's origin. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 10.0 |
Context-specific code was included in a shared jump table; resulting in assertions being triggered in multithreaded wasm code. This vulnerability affects Firefox < 86.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-617,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When processing a redirect with a conflicting Referrer-Policy, Firefox would have adopted the redirect's Referrer-Policy. This would have potentially resulted in more information than intended by the original origin being provided to the destination of the redirect. This vulnerability affects Firefox < 86.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
One phishing tactic on the web is to provide a link with HTTP Auth. For example 'https://www.phishingtarget.com@evil.com'. To mitigate this type of attack, Firefox will display a warning dialog; however, this warning dialog would not have been displayed if evil.com used a redirect that was cached by the browser. This vulnerability affects Firefox < 86.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When trying to load a cross-origin resource in an audio/video context a decoding error may have resulted, and the content of that error may have revealed information about the resource. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-209,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 10.0 |
The DOMParser API did not properly process '<noscript>' elements for escaping. This could be used as an mXSS vector to bypass an HTML Sanitizer. This vulnerability affects Firefox < 86.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The developer page about:memory has a Measure function for exploring what object types the browser has allocated and their sizes. When this function was invoked we incorrectly called the sizeof function, instead of using the API method that checks for invalid pointers. This vulnerability affects Firefox < 86.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-862,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins. This could be used to gain fullscreen access for UI spoofing and could also lead to cross-origin attacks on targeted websites. Note: This issue is a different issue from CVE-2020-26954 and only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 86.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N | 2.8 | 5.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-1021,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Firefox for Android suffered from a time-of-check-time-of-use vulnerability that allowed a malicious application to read sensitive data from application directories. Note: This issue is only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 86.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.6 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-367,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla developers reported memory safety bugs present in Firefox 85 and Firefox ESR 78.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 10.0 |
Mozilla developers reported memory safety bugs present in Firefox 85. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 86.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A mutation XSS affects users calling bleach.clean with all of: svg or math in the allowed tags p or br in allowed tags style, title, noscript, script, textarea, noframes, iframe, or xmp in allowed tags the keyword argument strip_comments=False Note: none of the above tags are in the default allowed tags and strip_comments defaults to True.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | bleach | * |
A texture upload of a Pixel Buffer Object could have confused the WebGL code to skip binding the buffer used to unpack it, resulting in memory corruption and a potentially exploitable information leak or crash. This vulnerability affects Firefox ESR < 78.9, Firefox < 87, and Thunderbird < 78.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H | 2.8 | 5.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Using techniques that built on the slipstream research, a malicious webpage could have scanned both an internal network's hosts as well as services running on the user's local machine utilizing WebRTC connections. This vulnerability affects Firefox ESR < 78.9, Firefox < 87, and Thunderbird < 78.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-326,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
By causing a transition on a parent node by removing a CSS rule, an invalid property for a marker could have been applied, resulting in memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 87.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A malicious extension could have opened a popup window lacking an address bar. The title of the popup lacking an address bar should not be fully controllable, but in this situation was. This could have been used to spoof a website and attempt to trick the user into providing credentials. This vulnerability affects Firefox ESR < 78.9, Firefox < 87, and Thunderbird < 78.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-290,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
If an attacker is able to alter specific about:config values (for example malware running on the user's computer), the Devtools remote debugging feature could have been enabled in a way that was unnoticable to the user. This would have allowed a remote attacker (able to make a direct network connection to the victim) to monitor the user's browsing activity and (plaintext) network traffic. This was addressed by providing a visual cue when Devtools has an open network socket. This vulnerability affects Firefox < 87.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A malicious extension with the 'search' permission could have installed a new search engine whose favicon referenced a cross-origin URL. The response to this cross-origin request could have been read by the extension, allowing a same-origin policy bypass by the extension, which should not have cross-origin permissions. This cross-origin request was made without cookies, so the sensitive information disclosed by the violation was limited to local-network resources or resources that perform IP-based authentication. This vulnerability affects Firefox < 87.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-346,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla developers and community members reported memory safety bugs present in Firefox 86 and Firefox ESR 78.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.9, Firefox < 87, and Thunderbird < 78.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers reported memory safety bugs present in Firefox 86. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 87.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
If a Thunderbird user has previously imported Alice's OpenPGP key, and Alice has extended the validity period of her key, but Alice's updated key has not yet been imported, an attacker may send an email containing a crafted version of Alice's key with an invalid subkey, Thunderbird might subsequently attempt to use the invalid subkey, and will fail to send encrypted email to Alice. This vulnerability affects Thunderbird < 78.9.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.8 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N | 1.6 | 5.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self signature. An attacker may create a crafted version of an OpenPGP key, by either replacing the original user ID, or by adding another user ID. If Thunderbird imports and accepts the crafted key, the Thunderbird user may falsely conclude that the false user ID belongs to the correspondent. This vulnerability affects Thunderbird < 78.9.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-347,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
An attacker may perform a DoS attack to prevent a user from sending encrypted email to a correspondent. If an attacker creates a crafted OpenPGP key with a subkey that has an invalid self signature, and the Thunderbird user imports the crafted key, then Thunderbird may try to use the invalid subkey, but the RNP library rejects it from being used, causing encryption to fail. This vulnerability affects Thunderbird < 78.9.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-347,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-909,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-672,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
By utilizing 3D CSS in conjunction with Javascript, content could have been rendered outside the webpage's viewport, resulting in a spoofing attack that could have been used for phishing or other attacks on a user. This vulnerability affects Firefox < 88.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the font cache. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox < 88.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-681,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-345,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-269,CWE-697,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A race condition with requestPointerLock() and setTimeout() could have resulted in a user interacting with one tab when they believed they were on a separate tab. In conjunction with certain elements (such as <input type="file">) this could have led to an attack where a user was confused about the origin of the webpage and potentially disclosed information they did not intend to. This vulnerability affects Firefox < 88.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.1 | LOW | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N | 1.6 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A compromised content process could have performed session history manipulations it should not have been able to due to testing infrastructure that was not restricted to testing-only configurations. This vulnerability affects Firefox < 88.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-668,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-74,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Lack of escaping allowed HTML injection when a webpage was viewed in Reader View. While a Content Security Policy prevents direct code execution, HTML injection is still possible. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 88.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash. *Note: This issue only affected x86-32 platforms. Other platforms are unaffected.*. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-682,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers and community members reported memory safety bugs present in Firefox 87. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 88.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file. This vulnerability affects Thunderbird < 78.10.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 2.5 | LOW | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N | 1.0 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. If a computer has already been infected with a malicious library of the alternative filename, and the malicious library has been copied to a directory that is contained in the search path for executable libraries, then Thunderbird will load the incorrect library. This vulnerability affects Thunderbird < 78.9.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-427,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
Thunderbird unprotects a secret OpenPGP key prior to using it for a decryption, signing or key import task. If the task runs into a failure, the secret key may remain in memory in its unprotected state. This vulnerability affects Thunderbird < 78.8.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-312,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
The Mozilla Maintenance Service granted SERVICE_START access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service. This could be used to prevent the browser update service from operating (if an attacker spammed the 'Stop' command); but also exposed attack surface in the maintenance service. *Note: This issue only affected Windows operating systems older than Win 10 build 1709. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 78.10.1, Firefox < 87, and Firefox ESR < 78.10.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When Web Render components were destructed, a race condition could have caused undefined behavior, and we presume that with enough effort may have been exploitable to run arbitrary code. This vulnerability affects Firefox < 88.0.1 and Firefox for Android < 88.1.3.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A malicious webpage could have forced a Firefox for Android user into executing attacker-controlled JavaScript in the context of another domain, resulting in a Universal Cross-Site Scripting vulnerability. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected. Further details are being temporarily withheld to allow users an opportunity to update.*. This vulnerability affects Firefox < 88.0.1 and Firefox for Android < 88.1.3.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Proxy functionality built into Hubs Cloud’s Reticulum software allowed access to internal URLs, including the metadata service. This vulnerability affects Hubs Cloud < mozillareality/reticulum/1.0.1/20210428201255.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-312,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | hubs_cloud_reticulum | * |
A transient execution vulnerability, named Floating Point Value Injection (FPVI) allowed an attacker to leak arbitrary memory addresses and may have also enabled JIT type confusion attacks. (A related vulnerability, Speculative Code Store Bypass (SCSB), did not affect Firefox.). This vulnerability affects Firefox ESR < 78.9 and Firefox < 87.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.6 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-74,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
OpenPGP secret keys that were imported using Thunderbird version 78.8.1 up to version 78.10.1 were stored unencrypted on the user's local disk. The master password protection was inactive for those keys. Version 78.10.2 will restore the protection mechanism for newly imported keys, and will automatically protect keys that had been imported using affected Thunderbird versions. This vulnerability affects Thunderbird < 78.10.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-312,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
If a MIME encoded email contains an OpenPGP inline signed or encrypted message part, but also contains an additional unprotected part, Thunderbird did not indicate that only parts of the message are protected. This vulnerability affects Thunderbird < 78.10.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
When a download was initiated, the client did not check whether it was in normal or private browsing mode, which led to private mode cookies being shared in normal browsing mode. This vulnerability affects Firefox for iOS < 34.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-862,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When a user has already allowed a website to access microphone and camera, disabling camera sharing would not fully prevent the website from re-enabling it without an additional prompt. This was only possible if the website kept recording with the microphone until re-enabling the camera. This vulnerability affects Firefox < 89.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-863,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Firefox used to cache the last filename used for printing a file. When generating a filename for printing, Firefox usually suggests the web page title. The caching and suggestion techniques combined may have lead to the title of a website visited during private browsing mode being stored on disk. This vulnerability affects Firefox < 89.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-669,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When styling and rendering an oversized `<select>` element, Firefox did not apply correct clipping which allowed an attacker to paint over the user interface. This vulnerability affects Firefox < 89.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-863,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Firefox for Android would become unstable and hard-to-recover when a website opened too many popups. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 89.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-404,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Address bar search suggestions in private browsing mode were re-using session data from normal mode. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 89.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-345,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process incorrectly, leading to an out-of-bounds read. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and Firefox ESR < 78.11.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H | 1.8 | 5.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A malicious website that causes an HTTP Authentication dialog to be spawned could trick the built-in password manager to suggest passwords for the currently active website instead of the website that triggered the dialog. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 89.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-610,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla developers reported memory safety bugs present in Firefox 88. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 89.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla developers reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and Firefox ESR < 78.11.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When drawing text onto a canvas with WebRender disabled, an out of bounds read could occur. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 89.0.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H | 2.8 | 5.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
If Thunderbird was configured to use STARTTLS for an IMAP connection, and an attacker injected IMAP server responses prior to the completion of the STARTTLS handshake, then Thunderbird didn't ignore the injected data. This could have resulted in Thunderbird showing incorrect information, for example the attacker could have tricked Thunderbird to show folders that didn't exist on the IMAP server. This vulnerability affects Thunderbird < 78.12.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-552,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
A malicious webpage could have triggered a use-after-free, memory corruption, and a potentially exploitable crash. *This bug could only be triggered when accessibility was enabled.*. This vulnerability affects Thunderbird < 78.12, Firefox ESR < 78.12, and Firefox < 90.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
If a user had granted a permission to a webpage and saved that grant, any webpage running on the same host - irrespective of scheme or port - would be granted that permission. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 90.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-281,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A use-after-free vulnerability was found via testing, and traced to an out-of-date Cairo library. Updating the library resolved the issue, and may have remediated other, unknown security vulnerabilities as well. This vulnerability affects Firefox < 90.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Password autofill was enabled without user interaction on insecure websites on Firefox for Android. This was corrected to require user interaction with the page before a user's password would be entered by the browser's autofill functionality *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 90.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When network partitioning was enabled, e.g. as a result of Enhanced Tracking Protection settings, a TLS error page would allow the user to override an error on a domain which had specified HTTP Strict Transport Security (which implies that the error should not be override-able.) This issue did not affect the network connections, and they were correctly upgraded to HTTPS automatically. This vulnerability affects Firefox < 90.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Through a series of DOM manipulations, a message, over which the attacker had control of the text but not HTML or formatting, could be overlaid on top of another domain (with the new domain correctly shown in the address bar) resulting in possible user confusion. This vulnerability affects Firefox < 90.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla developers reported memory safety bugs present in code shared between Firefox and Thunderbird. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.12, Firefox ESR < 78.12, and Firefox < 90.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers reported memory safety bugs present in Firefox 89. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 90.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Multiple low security issues were discovered and fixed in a security audit of Mozilla VPN 2.x branch as part of a 3rd party security audit. This vulnerability affects Mozilla VPN < 2.3.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla_vpn | * |
Hubs Cloud allows users to download shared content, specifically HTML and JS, which could allow javascript execution in the Hub Cloud instance’s primary hosting domain.*. This vulnerability affects Hubs Cloud < mozillareality/reticulum/1.0.1/20210618012634.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | hubs_cloud | - |
Uninitialized memory in a canvas object could have caused an incorrect free() leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-909,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
An issue present in lowering/register allocation could have led to obscure but deterministic register confusion failures in JITted code that would lead to a potentially exploitable crash. This vulnerability affects Firefox < 91 and Thunderbird < 91.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Due to incorrect JIT optimization, we incorrectly interpreted data from the wrong type of object, resulting in the potential leak of a single bit of memory. This vulnerability affects Firefox < 91 and Thunderbird < 91.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-772,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Firefox for Android could get stuck in fullscreen mode and not exit it even after normal interactions that should cause it to exit. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 91.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Instruction reordering resulted in a sequence of instructions that would cause an object to be incorrectly considered during garbage collection. This led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A use-after-free vulnerability in media channels could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A suspected race condition when calling getaddrinfo led to memory corruption and a potentially exploitable crash. *Note: This issue only affected Linux operating systems. Other operating systems are unaffected.* This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
After requesting multiple permissions, and closing the first permission panel, subsequent permission panels will be displayed in a different position but still record a click in the default location, making it possible to trick a user into accepting a permission they did not want to. *This bug only affects Firefox on Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox < 91 and Thunderbird < 91.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-307,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Firefox incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers reported memory safety bugs present in Firefox 90 and Firefox ESR 78.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.13, Firefox ESR < 78.13, and Firefox < 91.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers and community members reported memory safety bugs present in Firefox 90. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 91.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Firefox incorrectly accepted a newline in a HTTP/3 header, interpretting it as two separate headers. This allowed for a header splitting attack against servers using HTTP/3. This vulnerability affects Firefox < 91.0.1 and Thunderbird < 91.0.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N | 2.8 | 5.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-444,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Firefox for Android allowed navigations through the `intent://` protocol, which could be used to cause crashes and UI spoofs. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 92.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H | 2.8 | 5.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| chrome | * | |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 10.0 |
| fedoraproject | fedora | 34 |
Mixed-content checks were unable to analyze opaque origins which led to some mixed content being loaded. This vulnerability affects Firefox < 92.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When delegating navigations to the operating system, Firefox would accept the `mk` scheme which might allow attackers to launch pages and execute scripts in Internet Explorer in unprivileged mode. *This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 92, Thunderbird < 91.1, Thunderbird < 78.14, Firefox ESR < 78.14, and Firefox ESR < 91.1.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers reported memory safety bugs present in Firefox 91 and Firefox ESR 78.13. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.14, Thunderbird < 78.14, and Firefox < 92.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers reported memory safety bugs present in Firefox 91. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 92.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla developers reported memory safety bugs present in Thunderbird 78.13.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 91.1 and Firefox ESR < 91.1.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.15, Thunderbird < 91.2, Firefox ESR < 91.2, Firefox ESR < 78.15, and Firefox < 93.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
Through use of reportValidity() and window.open(), a plain-text validation message could have been overlaid on another origin, leading to possible user confusion and spoofing attacks. This vulnerability affects Firefox < 93, Thunderbird < 91.2, and Firefox ESR < 91.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-346,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
During process shutdown, a document could have caused a use-after-free of a languages service object, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 93, Thunderbird < 91.2, and Firefox ESR < 91.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers reported memory safety bugs present in Firefox 92. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 93.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.15, Thunderbird < 91.2, Firefox ESR < 91.2, Firefox ESR < 78.15, and Firefox < 93.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 93, Thunderbird < 91.2, and Firefox ESR < 91.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Thunderbird ignored the configuration to require STARTTLS security for an SMTP connection. A MITM could perform a downgrade attack to intercept transmitted messages, or could take control of the authenticated session to execute SMTP commands chosen by the MITM. If an unprotected authentication method was configured, the MITM could obtain the authentication credentials, too. This vulnerability affects Thunderbird < 91.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.9 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.2 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-863,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-free could have resulted, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
Microsoft introduced a new feature in Windows 10 known as Cloud Clipboard which, if enabled, will record data copied to the clipboard to the cloud, and make it available on other computers in certain scenarios. Applications that wish to prevent copied data from being recorded in Cloud History must use specific clipboard formats; and Firefox before versions 94 and ESR 91.3 did not implement them. This could have caused sensitive data to be recorded to a user's Microsoft account. *This bug only affects Firefox for Windows 10+ with Cloud Clipboard enabled. Other operating systems are unaffected.*. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-668,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-1021,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
The Opportunistic Encryption feature of HTTP2 (RFC 8164) allows a connection to be transparently upgraded to TLS while retaining the visual properties of an HTTP connection, including being same-origin with unencrypted connections on port 80. However, if a second encrypted port on the same IP address (e.g. port 8443) did not opt-in to opportunistic encryption; a network attacker could forward a connection from the browser to port 443 to port 8443, causing the browser to treat the content of port 8443 as same-origin with HTTP. This was resolved by disabling the Opportunistic Encryption feature, which had low usage. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-346,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
By displaying a form validity message in the correct location at the same time as a permission prompt (such as for geolocation), the validity message could have obscured the prompt, resulting in the user potentially being tricked into granting the permission. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-1021,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
Due to an unusual sequence of attacker-controlled events, a Javascript alert() dialog with arbitrary (although unstyled) contents could be displayed over top an uncontrolled webpage of the attacker's choosing. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-1021,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
The executable file warning was not presented when downloading .inetloc files, which, due to a flaw in Mac OS, can run commands on a user's computer.*Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.
CVSS 2.0
Severity: LOW
Problem Type: CWE-327,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| fedoraproject | fedora | 35 |
| mozilla | thunderbird | * |
| botan_project | botan | * |
| fedoraproject | fedora | 34 |
When receiving an OpenPGP/MIME signed email message that contains an additional outer MIME message layer, for example a message footer added by a mailing list gateway, Thunderbird only considered the inner signed message for the signature validity. This gave the false impression that the additional contents were also covered by the digital signature. Starting with Thunderbird version 91.4.1, only the signature that belongs to the top level MIME part will be considered for the displayed status. This vulnerability affects Thunderbird < 91.4.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
An out of date graphics library (Angle) likely contained vulnerabilities that could potentially be exploited. This vulnerability affects Thunderbird < 78.9 and Firefox ESR < 78.9.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When transitioning in and out of fullscreen mode, a graphics object was not correctly protected; resulting in memory corruption and a potentially exploitable crash.<br>*This bug only affects Firefox on MacOS. Other operating systems are unaffected.*. This vulnerability affects Firefox < 95.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported memory safety bugs present in Firefox 94. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 95, Firefox ESR < 91.4.0, and Thunderbird < 91.4.0.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Improved Host header checks to reject requests not sent to a well-known local hostname or IP, or the server-specified hostname.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | geckodriver | * |
It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
If a domain name contained a RTL character, it would cause the domain to be rendered to the right of the path. This could lead to user confusion and spoofing attacks. <br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*<br>*Note*: Due to a clerical error this advisory was not included in the original announcement, and was added in Feburary 2022. This vulnerability affects Firefox < 92.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted. Applications using NSS for certificate validation or other TLS, X.509, OCSP or CRL functionality may be impacted, depending on how they configure NSS. *Note: This vulnerability does NOT impact Mozilla Firefox.* However, email clients and PDF viewers that use NSS for signature verification, such as Thunderbird, LibreOffice, Evolution and Evince are believed to be impacted. This vulnerability affects NSS < 3.73 and NSS < 3.68.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| starwindsoftware | starwind_virtual_san | v8r13 |
| mozilla | nss_esr | * |
| oracle | communications_cloud_native_core_binding_support_function | 1.11.0 |
| oracle | communications_cloud_native_core_network_repository_function | 1.15.1 |
| netapp | e-series_santricity_os_controller | * |
| oracle | communications_policy_management | 12.6.0.0.0 |
| netapp | cloud_backup | - |
| starwindsoftware | starwind_san_&_nas | v8r13 |
| mozilla | nss | * |
| oracle | communications_cloud_native_core_network_repository_function | 1.15.0 |
| oracle | communications_cloud_native_core_network_slice_selection_function | 1.8.0 |
Thunderbird unexpectedly enabled JavaScript in the composition area. The JavaScript execution context was limited to this area and did not receive chrome-level privileges, but could be used as a stepping stone to further an attack with other vulnerabilities. This vulnerability affects Thunderbird < 91.4.0.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS signatures.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
A Universal XSS vulnerability was present in Firefox for Android resulting from improper sanitization when processing a URL scanned from a QR code. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 94.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When a user loaded a Web Extensions context menu, the Web Extension could access the post-redirect URL of the element clicked. If the Web Extension lacked the WebRequest permission for the hosts involved in the redirect, this would be a same-origin-violation leaking data the Web Extension should have access to. This was fixed to provide the pre-redirect URL. This is related to CVE-2021-43532 but in the context of Web Extensions. This vulnerability affects Firefox < 94.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-346,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The 'Copy Image Link' context menu action would copy the final image URL after redirects. By embedding an image that triggered authentication flows - in conjunction with a Content Security Policy that stopped a redirection chain in the middle - the final image URL could be one that contained an authentication token used to takeover a user account. If a website tricked a user into copy and pasting the image link back to the page, the page would be able to steal the authentication tokens. This was fixed by making the action return the original URL, before any redirects. This vulnerability affects Firefox < 94.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-601,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When parsing internationalized domain names, high bits of the characters in the URLs were sometimes stripped, resulting in inconsistencies that could lead to user confusion or attacks such as phishing. This vulnerability affects Firefox < 94.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla developers and community members reported memory safety bugs present in Firefox 93 and Firefox ESR 91.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
A use-after-free could have occured when an HTTP2 session object was released on a different thread, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 93, Thunderbird < 91.3, and Firefox ESR < 91.3.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-704,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for spoofing attacks. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
WebExtensions with the correct permissions were able to create and install ServiceWorkers for third-party websites that would not have been uninstalled with the extension. This vulnerability affects Firefox < 95.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When invoking protocol handlers for external protocols, a supplied parameter URL containing spaces was not properly escaped. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
Using XMLHttpRequest, an attacker could have identified installed applications by probing error messages for loading external protocols. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-209,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
Documents loaded with the CSP sandbox directive could have escaped the sandbox's script restriction by embedding additional content. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
When receiving a URL through a SEND intent, Firefox would have searched for the text, but subsequent usages of the address bar might have caused the URL to load unintentionally, which could lead to XSS and spoofing attacks. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 95.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Using the Location API in a loop could have caused severe application hangs and crashes. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-834,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
It was possible to recreate previous cursor spoofing attacks against users with a zoomed native cursor. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-1021,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
Mozilla developers and community members Gabriele Svelto, Sebastian Hengst, Randell Jesup, Luan Herrera, Lars T Hansen, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 97.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla VPN can load an OpenSSL configuration file from an unsecured directory. A user or attacker with limited privileges could leverage this to launch arbitrary code with SYSTEM privilege. This vulnerability affects Mozilla VPN < 2.7.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | vpn | * |
It may be possible for an attacker to craft an email message that causes Thunderbird to perform an out-of-bounds write of one byte when processing the message. This vulnerability affects Thunderbird < 91.6.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
open redirect in pollbot (pollbot.services.mozilla.com) in versions before 1.4.6
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | pollbot | * |
Mozilla developers Kershaw Chang, Ryan VanderMeulen, and Randell Jesup reported memory safety bugs present in Firefox 97. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 98.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
<code>NSSToken</code> objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
After a VR Process is destroyed, a reference to it may have been retained and used, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird < 91.8 and Firefox ESR < 91.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When importing a revoked key that specified key compromise as the revocation reason, Thunderbird did not update the existing copy of the key that was not yet revoked, and the existing key was kept as non-revoked. Revocation statements that used another revocation reason, or that didn't specify a revocation reason, were unaffected. This vulnerability affects Thunderbird < 91.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
When viewing an email message A, which contains an attached message B, where B is encrypted or digitally signed or both, Thunderbird may show an incorrect encryption or signature status. After opening and viewing the attached message B, when returning to the display of message A, the message A might be shown with the security status of message B. This vulnerability affects Thunderbird < 91.9.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototype pollution and ultimately attacker-controlled JavaScript executing in the privileged parent process. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When displaying the sender of an email, and the sender name contained the Braille Pattern Blank space character multiple times, Thunderbird would have displayed all the spaces. This could have been used by an attacker to send an email message with the attacker's digital signature, that was shown with an arbitrary sender email address chosen by the attacker. If the sender name started with a false email address, followed by many Braille space characters, the attacker's email address was not visible. Because Thunderbird compared the invisible sender address with the signature's email address, if the signing key or certificate was accepted by Thunderbird, the email was shown as having a valid digital signature. This vulnerability affects Thunderbird < 91.10.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
The search term could have been specified externally to trigger SQL injection. This vulnerability affects Firefox for iOS < 101.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
This affects the package convict before 6.2.3. This is a bypass of [CVE-2022-22143](https://security.snyk.io/vuln/SNYK-JS-CONVICT-2340604). The [fix](https://github.com/mozilla/node-convict/commit/3b86be087d8f14681a9c889d45da7fe3ad9cd880) introduced, relies on the startsWith method and does not prevent the vulnerability: before splitting the path, it checks if it starts with __proto__ or this.constructor.prototype. To bypass this check it's possible to prepend the dangerous paths with any string value followed by a dot, like for example foo.__proto__ or foo.this.constructor.prototype.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| report@snyk.io | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-1321,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | convict | * |
If an object prototype was corrupted by an attacker, they would have been able to set undesired attributes on a JavaScript object, leading to privileged code execution. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
The package convict before 6.2.2 are vulnerable to Prototype Pollution via the convict function due to missing validation of parentKey. **Note:** This vulnerability derives from an incomplete fix of another [vulnerability](https://security.snyk.io/vuln/SNYK-JS-CONVICT-1062508)
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| report@snyk.io | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-1321,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | convict | * |
An OpenPGP digital signature includes information about the date when the signature was created. When displaying an email that contains a digital signature, the email's date will be shown. If the dates were different, then Thunderbird didn't report the email as having an invalid signature. If an attacker performed a replay attack, in which an old email with old contents are resent at a later time, it could lead the victim to believe that the statements in the email are current. Fixed versions of Thunderbird will require that the signature's date roughly matches the displayed date of the email. This vulnerability affects Thunderbird < 102 and Thunderbird < 91.11.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | 101.0 |
| mozilla | thunderbird | * |
If Firefox was installed to a world-writable directory, a local privilege escalation could occur when Firefox searched the current directory for system libraries. However the install directory is not world-writable by default.<br>*This bug only affects Firefox for Windows in a non-default installation. Other operating systems are unaffected.*. This vulnerability affects Firefox < 96.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Constructing audio sinks could have lead to a race condition when playing audio files and closing windows. This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-buffer-overflow causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Certain network request objects were freed too early when releasing a network request handle. This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
The constructed curl command from the "Copy as curl" feature in DevTools was not properly escaped for PowerShell. This could have lead to command injection if pasted into a Powershell prompt.<br>*This bug only affects Thunderbird for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed.<br>*This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a program and handling an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When scanning QR codes, Firefox for Android would have allowed navigation to some URLs that do not point to web content.<br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 96.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
By generally accepting and passing resource handles across processes, a compromised content process might have confused higher privileged processes to interact with handles that the unprivileged process should not have access to.<br>*This bug only affects Firefox for Windows and MacOS. Other operating systems are unaffected.*. This vulnerability affects Firefox < 96.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers Christian Holler and Jason Kratzer reported memory safety bugs present in Firefox 95. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 96.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A Time-of-Check Time-of-Use bug existed in the Maintenance (Updater) Service that could be abused to grant Users write access to an arbitrary directory. This could have been used to escalate to SYSTEM access.<br>*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
If a user installed an extension of a particular type, the extension could have auto-updated itself and while doing so, bypass the prompt which grants the new version the new requested permissions. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
By using XSL Transforms, a malicious webserver could have served a user an XSL document that would continue to execute JavaScript (within the bounds of the same-origin policy) even after the tab was closed. This vulnerability affects Firefox < 97.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
If a user was convinced to drag and drop an image to their desktop or other folder, the resulting object could have been changed into an executable script which would have run arbitrary code after the user clicked on it. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Remote Agent, used in WebDriver, did not validate the Host or Origin headers. This could have allowed websites to connect back locally to the user's browser to control it. <br>*This bug only affected Firefox when WebDriver was enabled, which is not the default configuration.*. This vulnerability affects Firefox < 97.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When clicking on a tel: link, USSD codes, specified after a <code>\*</code> character, would be included in the phone number. On certain phones, or on certain carriers, if the number was dialed this could perform actions on a user's account, similar to a cross-site request forgery attack.<br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 97.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
If a document created a sandboxed iframe without <code>allow-scripts</code>, and subsequently appended an element to the iframe's document that e.g. had a JavaScript event handler - the event handler would have run despite the iframe's sandbox. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When importing resources using Web Workers, error messages would distinguish the difference between <code>application/javascript</code> responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Web-accessible extension pages (pages with a moz-extension:// scheme) were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension's Content Security Policy. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Under certain circumstances, a JavaScript alert (or prompt) could have been shown while another website was displayed underneath it. This could have been abused to trick the user. <br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 97.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When a worker is shutdown, it was possible to cause script to run late in the lifecycle, at a point after where it should not be possible. This vulnerability affects Firefox < 96, Thunderbird < 91.6, and Firefox ESR < 91.6.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96 and Firefox ESR 91.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.1, Firefox < 103, and Thunderbird < 102.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
While the text displayed in Autofill tooltips cannot be directly read by JavaScript, the text was rendered using page fonts. Side-channel attacks on the text by using specially crafted fonts could have lead to this text being inferred by the webpage. This vulnerability affects Firefox < 98.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
If an attacker could control the contents of an iframe sandboxed with <code>allow-popups</code> but not <code>allow-scripts</code>, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
In unusual circumstances, an individual thread may outlive the thread's manager during shutdown. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 98.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Previously Firefox for macOS and Linux would download temporary files to a user-specific directory in <code>/tmp</code>, but this behavior was changed to download them to <code>/tmp</code> where they could be affected by other local users. This behavior was reverted to the original, user-specific directory. <br>*This bug only affects Firefox for macOS and Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.7 and Thunderbird < 91.7.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When installing an add-on, Firefox verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Firefox would not have noticed. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_focus | * |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_focus | * |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of bounds write would have occurred leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
By using a link with <code>rel="localization"</code> a use-after-free could have been triggered by destroying an object during JavaScript execution and then referencing the object through a freed pointer, leading to a potential exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
The sourceMapURL feature in devtools was missing security checks that would have allowed a webpage to attempt to include local files or other files that should have been inaccessible. This vulnerability affects Firefox < 99.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
SVG's <code><use></code> element could have been used to load unexpected content that could have executed script in certain circumstances. While the specification seems to allow this, other browsers do not, and web developers relied on this property for script security so gecko's implementation was aligned with theirs. This vulnerability affects Firefox < 99.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When generating the assembly code for <code>MLoadTypedArrayElementHole</code>, an incorrect AliasSet was used. In conjunction with another vulnerability this could have been used for an out of bounds memory read. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Due to a layout change, iframe contents could have been rendered outside of its border. This could have led to user confusion or spoofing attacks. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
In unusual circumstances, selecting text could cause text selection caching to behave incorrectly, leading to a crash. This vulnerability affects Firefox < 99.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla developers and community members Randell Jesup, Sebastian Hengst, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 98. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 99.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla developers and community members Nika Layzell, Andrew McCreight, Gabriele Svelto, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 91.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Hawk is an HTTP authentication scheme providing mechanisms for making authenticated HTTP requests with partial cryptographic verification of the request and response, covering the HTTP method, request URI, host, and optionally the request payload. Hawk used a regular expression to parse `Host` HTTP header (`Hawk.utils.parseHost()`), which was subject to regular expression DoS attack - meaning each added character in the attacker's input increases the computation time exponentially. `parseHost()` was patched in `9.0.1` to use built-in `URL` class to parse hostname instead. `Hawk.authenticate()` accepts `options` argument. If that contains `host` and `port`, those would be used instead of a call to `utils.parseHost()`.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
| security-advisories@github.com | 7.4 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H | 2.8 | 4.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-400,CWE-1333,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | hawk | * |
Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When closed or sent to the background, Firefox for Android would not properly record and persist HSTS settings.<br>*Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 100.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
An improper implementation of the new iframe sandbox keyword <code>allow-top-navigation-by-user-activation</code> could lead to script execution without <code>allow-scripts</code> being present. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Requests initiated through reader mode did not properly omit cookies with a SameSite attribute. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
The parent process would not properly check whether the Speech Synthesis feature is enabled, when receiving instructions from a child process. This vulnerability affects Thunderbird < 91.9.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
When reusing existing popups Firefox would have allowed them to cover the fullscreen notification UI, which could have enabled browser spoofing attacks. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
The Performance API did not properly hide the fact whether a request cross-origin resource has observed redirects. This vulnerability affects Firefox < 100.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Firefox behaved slightly differently for already known resources when loading CSS resources involving CSS variables. This could have been used to probe the browser history. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers Andrew McCreight, Gabriele Svelto, Tom Ritter and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99 and Firefox ESR 91.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox < 100.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers Gabriele Svelto, Randell Jesup and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 100.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When receiving an HTML email that contained an <code>iframe</code> element, which used a <code>srcdoc</code> attribute to define the inner HTML document, remote objects specified in the nested document, for example images or videos, were not blocked. Rather, the network was accessed, the objects were loaded and displayed. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
If a Thunderbird user replied to a crafted HTML email containing a <code>meta</code> tag, with the <code>meta</code> tag having the <code>http-equiv="refresh"</code> attribute, and the content attribute specifying an URL, then Thunderbird started a network request to that URL, regardless of the configuration to block remote content. In combination with certain other HTML elements and attributes in the email, it was possible to execute JavaScript code included in the message in the context of the message compose document. The JavaScript code was able to perform actions including, but probably not limited to, read and modify the contents of the message compose document, including the quoted original message, which could potentially contain the decrypted plaintext of encrypted data in the crafted email. The contents could then be transmitted to the network, either to the URL specified in the META refresh tag, or to a different URL, as the JavaScript code could modify the URL specified in the document. This bug doesn't affect users who have changed the default Message Body display setting to 'simple html' or 'plain text'. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
When receiving an HTML email that specified to load an <code>iframe</code> element from a remote location, a request to the remote document was sent. However, Thunderbird didn't display the document. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
When saving or opening an email attachment on macOS, Thunderbird did not set attribute com.apple.quarantine on the received file. If the received file was an application and the user attempted to open it, then the application was started immediately without asking the user to confirm. This vulnerability affects Thunderbird < 102.3.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
A malicious website could have learned the size of a cross-origin resource that supported Range requests. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A malicious webpage could have caused an out-of-bounds write in WebGL, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When exiting fullscreen mode, an iframe could have confused the browser about the current state of fullscreen, resulting in potential user confusion or spoofing attacks. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When downloading files on Windows, the % character was not escaped, which could have lead to a download incorrectly being saved to attacker-influenced paths that used variables such as %HOMEPATH% or %APPDATA%.<br>*This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
On arm64, WASM code could have resulted in incorrect assembly generation leading to a register allocation problem, and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
An attacker could have exploited a timing attack by sending a large number of allowCredential entries and detecting the difference between invalid key handles and cross-origin key handles. This could have led to cross-origin account linking in violation of WebAuthn goals. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Firefox's HTML parser did not correctly interpret HTML comment tags, resulting in an incongruity with other browsers. This could have been used to escape HTML comments on pages that put user-controlled data in them. This vulnerability affects Firefox < 101.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
An attacker could have injected CSS into stylesheets accessible via internal URIs, such as resource:, and in doing so bypass a page's Content Security Policy. This vulnerability affects Firefox ESR < 91.11, Thunderbird < 102, Thunderbird < 91.11, and Firefox < 101.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
If array shift operations are not used, the Garbage Collector may have become confused about valid objects. This vulnerability affects Firefox < 101.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Internal URLs are protected by a secret UUID key, which could have been leaked to web page through the Referrer header. This vulnerability affects Firefox for iOS < 102.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100 and Firefox ESR 91.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers Gabriele Svelto, Timothy Nikkel, Randell Jesup, Jon Coppeard, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 101.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
An out-of-bounds read can occur when decoding H264 video. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
An iframe that was not permitted to run scripts could do so if the user clicked on a <code>javascript:</code> link. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When a TLS Certificate error occurs on a domain protected by the HSTS header, the browser should not allow the user to bypass the certificate error. On Firefox for Android, the user was presented with the option to bypass the error; this could only have been done by the user explicitly. <br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 102.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Session history navigations may have led to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When downloading an update for an addon, the downloaded addon update's version was not verified to match the version selected from the manifest. If the manifest had been tampered with on the server, an attacker could trick the browser into downgrading the addon to a prior version. This vulnerability affects Firefox < 102.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
The HTML Sanitizer should have sanitized the <code>href</code> attribute of SVG <code><use></code> tags; however it incorrectly did not sanitize <code>xlink:href</code> attributes. This vulnerability affects Firefox < 102.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Even when an iframe was sandboxed with <code>allow-top-navigation-by-user-activation</code>, if it received a redirect header to an external protocol the browser would process the redirect and prompt the user as appropriate. This vulnerability affects Firefox < 102.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
SVG <code><use></code> tags that referenced a same-origin document could have resulted in script execution if attacker input was sanitized via the HTML Sanitizer API. This would have required the attacker to reference a same-origin JavaScript file containing the script to be executed. This vulnerability affects Firefox < 102.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
ASN.1 parsing of an indefinite SEQUENCE inside an indefinite GROUP could have resulted in the parser accepting malformed ASN.1. This vulnerability affects Firefox < 102.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The MediaError message property should be consistent to avoid leaking information about cross-origin resources; however for a same-site cross-origin resource, the message could have leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox < 102.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The <code>ms-msdt</code>, <code>search</code>, and <code>search-ms</code> protocols deliver content to Microsoft applications, bypassing the browser, when a user accepts a prompt. These applications have had known vulnerabilities, exploited in the wild (although we know of none exploited through Thunderbird), so in this release Thunderbird has blocked these protocols from prompting the user to open them.<br>*This bug only affects Thunderbird on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A malicious website that could create a popup could have resized the popup to overlay the address bar with its own content, resulting in potential user confusion or spoofing attacks. <br>*This bug only affects Thunderbird for Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Within the <code>lg_init()</code> function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated. This vulnerability affects Firefox < 102.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
In the <code>nsTArray_Impl::ReplaceElementsAt()</code> function, an integer overflow could have occurred when the number of elements to replace was too large for the container. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from CVE-2022-34483. This vulnerability affects Firefox < 102.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from CVE-2022-34482. This vulnerability affects Firefox < 102.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The Mozilla Fuzzing Team reported potential vulnerabilities present in Thunderbird 91.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers Bryce Seager van Dyk and the Mozilla Fuzzing Team reported potential vulnerabilities present in Firefox 101. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 102.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 101.0 |
| mozilla | firefox | 101.0.1 |
A vulnerability found in nss. By this security vulnerability, nss client auth crash without a user certificate in the database and this can lead us to a segmentation fault or crash.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | network_security_services | * |
When opening a Windows shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system.<br>This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 102.1, Firefox < 103, and Thunderbird < 102.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When loading a script with Subresource Integrity, attackers with an injection capability could trigger the reuse of previously cached entries with incorrect, different integrity metadata. This vulnerability affects Firefox < 103.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When using the Performance API, an attacker was able to notice subtle differences between PerformanceEntries and thus learn whether the target URL had been subject to a redirect. This vulnerability affects Firefox < 103.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When visiting a website with an overly long URL, the user interface would start to hang. Due to session restore, this could lead to a permanent Denial of Service.<br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 103.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When visiting directory listings for `chrome://` URLs as source text, some parameters were reflected. This vulnerability affects Firefox ESR < 102.1, Firefox ESR < 91.12, Firefox < 103, Thunderbird < 102.1, and Thunderbird < 91.12.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed. This vulnerability affects Firefox ESR < 102.1, Firefox ESR < 91.12, Firefox < 103, Thunderbird < 102.1, and Thunderbird < 91.12.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 103.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
An attacker could have abused XSLT error handling to associate attacker-controlled content with another origin which was displayed in the address bar. This could have been used to fool the user into submitting data intended for the spoofed origin. This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A cross-origin iframe referencing an XSLT document would inherit the parent domain's permissions (such as microphone or camera access). This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A website that had permission to access the microphone could record audio without the audio notification being shown. This bug does not allow the attacker to bypass the permission prompt - it only affects the notification shown once permission has been granted.<br />*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 104.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
An attacker could have written a value to the first element in a zero-length JavaScript array. Although the array was zero-length, the value was not written to an invalid memory address. This vulnerability affects Firefox < 104.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A data race could occur in the <code>PK11_ChangePW</code> function, potentially leading to a use-after-free vulnerability. In Firefox, this lock protected the data when a user changed their master password. This vulnerability affects Firefox ESR < 102.2 and Thunderbird < 102.2.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developer Nika Layzell and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103 and Firefox ESR 102.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.2, Thunderbird < 102.2, and Firefox < 104.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Members the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103, Firefox ESR 102.1, and Firefox ESR 91.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A vulnerability was found in davidmoreno onion. It has been rated as problematic. Affected by this issue is the function onion_response_flush of the file src/onion/response.c of the component Log Handler. The manipulation leads to allocation of resources. The name of the patch is de8ea938342b36c28024fd8393ebc27b8442a161. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-214028.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| onion_project | onion | * |
| mozilla | firefox | - |
When injecting an HTML base element, some requests would ignore the CSP's base-uri settings and accept the injected element's base instead. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Inconsistent data in instruction and data cache when creating wasm code could lead to a potentially exploitable crash.<br>*This bug only affects Firefox on ARM64 platforms.*. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
By injecting a cookie with certain special characters, an attacker on a shared subdomain which is not a secure context could set and thus overwrite cookies from a secure context, leading to session fixation and other attacks. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
During iframe navigation, certain pages did not have their FeaturePolicy fully initialized leading to a bypass that leaked device permissions into untrusted subdocuments. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Concurrent use of the URL parser with non-UTF-8 data was not thread-safe. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
During startup, a graphics driver with an unexpected name could lead to a stack-buffer overflow causing a potentially exploitable crash.<br>*This issue only affects Firefox for Android. Other operating systems are not affected.*. This vulnerability affects Firefox < 105.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla developers Nika Layzell, Timothy Nikkel, Sebastian Hengst, Andreas Pehrson, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 104 and Firefox ESR 102.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via `performance.getEntries()`. This vulnerability affects Firefox < 106, Firefox ESR < 102.4, and Thunderbird < 102.4.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Certain types of allocations were missing annotations that, if the Garbage Collector was in a specific state, could have lead to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 106, Firefox ESR < 102.4, and Thunderbird < 102.4.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
If a website called `window.print()` in a particular way, it could cause a denial of service of the browser, which may persist beyond browser restart depending on the user's session restore settings. This vulnerability affects Firefox < 106, Firefox ESR < 102.4, and Thunderbird < 102.4.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
If two Workers were simultaneously initializing their CacheStorage, a data race could have occurred in the `ThirdPartyUtil` component. This vulnerability affects Firefox < 106.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Logins saved by Firefox should be managed by the Password Manager component which uses encryption to save files on-disk. Instead, the username (not password) was saved by the Form Manager to an unencrypted file on disk. This vulnerability affects Firefox < 106.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105 and Firefox ESR 102.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 106, Firefox ESR < 102.4, and Thunderbird < 102.4.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined with Range requests might have allowed them to determine the presence or length of a media file. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Through a series of popup and <code>window.print()</code> calls, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Freeing arbitrary <code>nsIInputStream</code>'s on a different thread than creation could have led to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
If an out-of-memory condition occurred when creating a JavaScript global, a JavaScript realm may be deleted while references to it lived on in a BaseShape. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
If an attacker loaded a font using <code>FontFace()</code> on a background worker, a use-after-free could have occurred, leading to a potentially exploitable crash. This vulnerability affects Firefox < 107.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
The garbage collector could have been aborted in several states and zones and <code>GCRuntime::finishCollection</code> may not have been called, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When a ServiceWorker intercepted a request with <code>FetchEvent</code>, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec and then in browsers. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Cross-Site Tracing occurs when a server will echo a request back via the Trace method, allowing an XSS attack to access to authorization headers and cookies inaccessible to JavaScript (such as cookies protected by HTTPOnly). To mitigate this attack, browsers placed limits on <code>fetch()</code> and XMLHttpRequest; however some webservers have implemented non-standard headers such as <code>X-Http-Method-Override</code> that override the HTTP method, and made this attack possible again. Thunderbird has applied the same mitigations to the use of this and similar headers. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When resolving a symlink such as <code>file:///proc/self/fd/1</code>, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer. <br>*This bug only affects Thunderbird on Unix-based operated systems (Android, Linux, MacOS). Windows is unaffected.*. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Using the <code>S.browser_fallback_url parameter</code> parameter, an attacker could redirect a user to a URL and cause SameSite=Strict cookies to be sent.<br>*This issue only affects Firefox for Android. Other operating systems are not affected.*. This vulnerability affects Firefox < 107.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
If a Thunderbird user quoted from an HTML email, for example by replying to the email, and the email contained either a VIDEO tag with the POSTER attribute or an OBJECT tag with a DATA attribute, a network request to the referenced remote URL was performed, regardless of a configuration to block remote content. An image loaded from the POSTER attribute was shown in the composer window. These issues could have given an attacker additional capabilities when targetting releases that did not yet have a fix for CVE-2022-3033 which was reported around three months ago. This vulnerability affects Thunderbird < 102.5.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
When downloading an HTML file, if the title of the page was formatted as a filename with a malicious extension, Firefox may have saved the file with that extension, leading to possible system compromise if the downloaded file was later ran. This vulnerability affects Firefox < 107.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Keyboard events reference strings like "KeyA" that were at fixed, known, and widely-spread addresses. Cache-based timing attacks such as Prime+Probe could have possibly figured out which keys were being pressed. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Service Workers did not detect Private Browsing Mode correctly in all cases, which could have led to Service Workers being written to disk for websites visited in Private Browsing Mode. This would not have persisted them in a state where they would run again, but it would have leaked Private Browsing Mode details to disk. This vulnerability affects Firefox < 107.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
If the user added a security exception for an invalid TLS certificate, opened an ongoing TLS connection with a server that used that certificate, and then deleted the exception, Firefox would have kept the connection alive, making it seem like the certificate was still trusted. This vulnerability affects Firefox < 107.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Thunderbird 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages.<br>*This bug only affects Thunderbird for Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Because Firefox did not implement the <code>unsafe-hashes</code> CSP directive, an attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able to inject executable script. This would be severely constrained by the specified Content Security Policy of the document. This vulnerability affects Firefox < 108.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could potentially led to user confusion and the execution of malicious code.<br/>*Note*: This issue was originally included in the advisories for Thunderbird 102.6, but a patch (specific to Thunderbird) was omitted, resulting in it actually being fixed in Thunderbird 102.6.1. This vulnerability affects Firefox < 108, Thunderbird < 102.6.1, Thunderbird < 102.6, and Firefox ESR < 102.6.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
The executable file warning was not presented when downloading .atloc and .ftploc files, which can run commands on a user's computer. <br>*Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers and community members Lukas Bernhard, Gabriele Svelto, Randell Jesup, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 107. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 108.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A missing check related to tex units could have led to a use-after-free and potentially exploitable crash.<br />*Note*: This advisory was added on December 13th, 2022 after we better understood the impact of the issue. The fix was included in the original release of Firefox 105. This vulnerability affects Firefox ESR < 102.6, Firefox < 105, and Thunderbird < 102.6.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
An optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a potentially exploitable crash. *Note*: This advisory was added on December 13th, 2022 after we better understood the impact of the issue. The fix was included in the original release of Firefox 106. This vulnerability affects Firefox < 106, Firefox ESR < 102.6, and Thunderbird < 102.6.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A use-after-free in WebGL extensions could have led to a potentially exploitable crash. This vulnerability affects Firefox < 107, Firefox ESR < 102.6, and Thunderbird < 102.6.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers Gabriele Svelto, Yulia Startsev, Andrew McCreight and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 106. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.<br />*Note*: This advisory was added on December 13th, 2022 after discovering it was inadvertently left out of the original advisory. The fix was included in the original release of Firefox 107. This vulnerability affects Firefox < 107.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A potential use-after-free vulnerability existed in SVG Images if the Refresh Driver was destroyed at an inopportune time. This could have lead to memory corruption or a potentially exploitable crash. *Note*: This advisory was added on December 13th, 2022 after discovering it was inadvertently left out of the original advisory. The fix was included in the original release of Firefox 106. This vulnerability affects Firefox < 106.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla developers Timothy Nikkel, Ashley Hale, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 106.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability in Mozilla Convict. This allows an attacker to inject attributes that are used in other components, or to override existing attributes with ones that have incompatible type, which may lead to a crash. The main use case of Convict is for handling server-side configurations written by the admins owning the servers, and not random users. So it's unlikely that an admin would deliberately sabotage their own server. Still, a situation can happen where an admin not knowledgeable about JavaScript could be tricked by an attacker into writing the malicious JavaScript code into some config files. This issue affects Convict: before 6.2.4.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.4 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.5 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | convict | * |
Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed with a revoked certificate would be displayed as having a valid signature. Thunderbird versions from 68 to 102.7.0 were affected by this bug. This vulnerability affects Thunderbird < 102.7.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted email, and revoked certificates would be accepted. Thunderbird versions from 68 to 102.9.1 were affected by this bug. This vulnerability affects Thunderbird < 102.10.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
If a MIME email combines OpenPGP and OpenPGP MIME data in a certain way Thunderbird repeatedly attempts to process and display the message, which could cause Thunderbird's user interface to lock up and no longer respond to the user's actions. An attacker could send a crafted message with this structure to attempt a DoS attack. This vulnerability affects Thunderbird < 102.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
On Linux the sccache client can execute arbitrary code with the privileges of a local sccache server, by preloading the code in a shared library passed to LD_PRELOAD. If the server is run as root (which is the default when installing the snap package https://snapcraft.io/sccache ), this means a user running the sccache client can get root privileges.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | sccache | * |
Unexpected data returned from the Safe Browsing API could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 102.10 and Firefox ESR < 102.10.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
In Nunjucks versions prior to version 3.2.4, it was possible to bypass the restrictions which are provided by the autoescape functionality. If there are two user-controlled parameters on the same line used in the views, it was possible to inject cross site scripting payloads using the backslash \ character.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | nunjucks | * |
A compromised web child process could disable web security opening restrictions, leading to a new child process being spawned within the `file://` context. Given a reliable exploit primitive, this new process could be exploited again leading to arbitrary file read. This vulnerability affects Firefox < 109.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to `DataTransfer.setData`. This vulnerability affects Firefox < 109, Firefox ESR < 102.7, and Thunderbird < 102.7.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within. This vulnerability affects Firefox < 109, Firefox ESR < 102.7, and Thunderbird < 102.7.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Per origin notification permissions were being stored in a way that didn't take into account what browsing context the permission was granted in. This lead to the possibility of notifications to be displayed during different browsing sessions. *This bug only affects Firefox for Android. Other operating systems are unaffected.* This vulnerability affects Firefox < 109.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks This vulnerability affects Firefox < 109, Firefox ESR < 102.7, and Thunderbird < 102.7.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers. This vulnerability affects Firefox < 109, Firefox ESR < 102.7, and Thunderbird < 102.7.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Regular expressions used to filter out forbidden properties and values from style directives in calls to `console.log` weren't accounting for external URLs. Data could then be potentially exfiltrated from the browser. This vulnerability affects Firefox < 109, Firefox ESR < 102.7, and Thunderbird < 102.7.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A duplicate `SystemPrincipal` object could be created when parsing a non-system html document via `DOMParser::ParseFromSafeString`. This could have lead to bypassing web security checks. This vulnerability affects Firefox < 109.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108 and Firefox ESR 102.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 109, Firefox ESR < 102.7, and Thunderbird < 102.7.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 109.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The <code>Content-Security-Policy-Report-Only</code> header could allow an attacker to leak a child iframe's unredacted URI when interaction with that iframe triggers a redirect. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Permission prompts for opening external schemes were only shown for <code>ContentPrincipals</code> resulting in extensions being able to open them without user interaction via <code>ExpandedPrincipals</code>. This could lead to further malicious actions such as downloading files or interacting with software already installed on the system. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A background script invoking <code>requestFullscreen</code> and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Due to URL previews in the network panel of developer tools improperly storing URLs, query parameters could potentially be used to overwrite global objects in privileged code. This vulnerability affects Firefox < 110.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When encoding data from an <code>inputStream</code> in <code>xpcom</code> the size of the input being encoded was not correctly calculated potentially leading to an out of bounds memory write. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
The return value from `gfx::SourceSurfaceSkia::Map()` wasn't being verified which could have potentially lead to a null pointer dereference. This vulnerability affects Firefox < 110.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
After downloading a Windows <code>.url</code> shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system. This also had the potential to leak NTLM credentials to the resource.<br>*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free after unwrapping the proxy. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
An invalid downcast from `nsHTMLDocument` to `nsIContent` could have lead to undefined behavior. This vulnerability affects Firefox < 110.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
An invalid downcast from <code>nsTextNode</code> to <code>SVGElement</code> could have lead to undefined behavior. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Members of the <code>DEVMODEW</code> struct set by the printer device driver weren't being validated and could have resulted in invalid values which in turn would cause the browser to attempt out of bounds access to related variables.<br>*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in <code>ScriptLoadContext</code>. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
After downloading a Windows <code>.scf</code> script from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system. This also had the potential to leak NTLM credentials to the resource.<br>*This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 110.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When dragging and dropping an image cross-origin, the image's size could potentially be leaked. This behavior was shipped in 109 and caused web compatibility problems as well as this security concern, so the behavior was disabled until further review. This vulnerability affects Firefox < 110.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When importing a SPKI RSA public key as ECDSA P-256, the key would be handled incorrectly causing the tab to crash. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A lack of in app notification for entering fullscreen mode could have lead to a malicious website spoofing browser chrome.<br>*This bug only affects Firefox Focus. Other versions of Firefox are unaffected.*. This vulnerability affects Firefox < 110 and Firefox ESR < 102.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_focus | - |
Mmemory safety bugs present in Firefox 109 and Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 110 and Firefox ESR < 102.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
Memory safety bugs present in Firefox 109. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 110.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Memory safety bugs present in Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 102.8 and Firefox ESR < 102.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A potential use-after-free in libaudio was fixed by disabling the AAudio backend when running on Android API below version 30. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox for Android < 110.1.0.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
By displaying a prompt with a long description, the fullscreen notification could have been hidden, resulting in potential user confusion or spoofing attacks. <br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 111.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Android applications with unpatched vulnerabilities can be launched from a browser using Intents, exposing users to these vulnerabilities. Firefox will now confirm with users that they want to launch an external application before doing so. <br>*This bug only affects Firefox for Android. Other versions of Firefox are unaffected.*. This vulnerability affects Firefox < 111.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Under certain circumstances, a ServiceWorker's offline cache may have leaked to the file system when using private browsing mode. This vulnerability affects Firefox < 111.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Sometimes, when invalidating JIT code while following an iterator, the newly generated code could be overwritten incorrectly. This could lead to a potentially exploitable crash. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When accessing throttled streams, the count of available bytes needed to be checked in the calling function to be within bounds. This may have lead future code to be incorrect and vulnerable. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
The fullscreen notification could have been hidden on Firefox for Android by using download popups, resulting in potential user confusion or spoofing attacks. <br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 111.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When following a redirect to a publicly accessible web extension file, the URL may have been translated to the actual local path, leaking potentially sensitive information. This vulnerability affects Firefox < 111.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
If temporary "one-time" permissions, such as the ability to use the Camera, were granted to a document loaded using a file: URL, that permission persisted in that tab for all other documents loaded from a file: URL. This is potentially dangerous if the local files came from different sources, such as in a download directory. This vulnerability affects Firefox < 111.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
While implementing AudioWorklets, some code may have casted one type to another, invalid, dynamic type. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When downloading files through the Save As dialog on Windows with suggested filenames containing environment variable names, Windows would have resolved those in the context of the current user. <br>*This bug only affects Firefox on Windows. Other versions of Firefox are unaffected.*. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Memory safety bugs present in Firefox 110 and Firefox ESR 102.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Memory safety bugs present in Firefox 110. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 111.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash. *This bug only affects Firefox and Thunderbird for macOS. Other operating systems are unaffected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not work on a SMB server. *Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A website could have obscured the fullscreen notification by using a combination of <code>window.open</code>, fullscreen requests, <code>window.name</code> assignments, and <code>setInterval</code> calls. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| mozilla | focus | * |
Different techniques existed to obscure the fullscreen notification in Firefox and Focus for Android. These could have led to potential user confusion and spoofing attacks. *This bug only affects Firefox and Focus for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox for Android < 112 and Focus for Android < 112.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_focus | * |
| mozilla | firefox | * |
Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| mozilla | focus | * |
An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| mozilla | focus | * |
Multiple race conditions in the font initialization could have led to memory corruption and execution of attacker-controlled code. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | focus | * |
Under specific circumstances a WebExtension may have received a <code>jar:file:///</code> URI instead of a <code>moz-extension:///</code> URI during a load request. This leaked directory paths on the user's machine. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | focus | * |
When handling the filename directive in the Content-Disposition header, the filename would be truncated if the filename contained a NULL character. This could have led to reflected file download attacks potentially tricking users to install malware. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| mozilla | focus | * |
Using a redirect embedded into <code>sourceMappingUrls</code> could allow for navigation to external protocol links in sandboxed iframes without <code>allow-top-navigation-to-custom-protocols</code>. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | focus | * |
Firefox did not properly handle downloads of files ending in <code>.desktop</code>, which can be interpreted to run attacker-controlled commands. <br>*This bug only affects Firefox for Linux on certain Distributions. Other operating systems are unaffected, and Mozilla is unable to enumerate all affected Linux Distributions.*. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| mozilla | focus | * |
A newline in a filename could have been used to bypass the file extension security mechanisms that replace malicious file extensions such as .lnk with .download. This could have led to accidental execution of malicious code. *This bug only affects Firefox and Thunderbird on Windows. Other versions of Firefox and Thunderbird are unaffected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
An attacker could have caused memory corruption and a potentially exploitable use-after-free of a pointer in a global object's debugger vector. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | focus | * |
If multiple instances of resource exhaustion occurred at the incorrect time, the garbage collector could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | focus | * |
Similar to CVE-2023-28163, this time when choosing 'Save Link As', suggested filenames containing environment variable names would have resolved those in the context of the current user. *This bug only affects Firefox and Thunderbird on Windows. Other versions of Firefox and Thunderbird are unaffected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When recording the screen while in Private Browsing on Firefox for Android the address bar and keyboard were not hidden, potentially leaking sensitive information. *This bug only affects Firefox for Android. Other operating systems are unaffected.* This vulnerability affects Firefox for Android < 112 and Focus for Android < 112.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_focus | * |
| mozilla | firefox | * |
When a secure cookie existed in the Firefox cookie jar an insecure cookie for the same domain could have been created, when it should have silently failed. This could have led to a desynchronization in expected results when reading from the secure cookie. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
| mozilla | focus | * |
A wrong lowering instruction in the ARM64 Ion compiler resulted in a wrong optimization result. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| mozilla | focus | * |
Under certain circumstances, a call to the <code>bind</code> function may have resulted in the incorrect realm. This may have created a vulnerability relating to JavaScript-implemented sandboxes such as SES. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | focus | * |
Memory safety bugs present in Firefox 111 and Firefox ESR 102.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| mozilla | focus | * |
Memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | focus | * |
In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
An out-of-bound read could have led to a crash in the RLBox Expat driver. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Service workers could reveal script base URL due to dynamic `import()`. This vulnerability affects Firefox < 113.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A maliciously crafted favicon could have led to an out of memory crash. This vulnerability affects Firefox < 113.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Documents were incorrectly assuming an ordering of principal objects when ensuring we were loading an appropriately privileged principal. In certain circumstances it might have been possible to cause a document to be loaded with a higher privileged principal than intended. This vulnerability affects Firefox < 113.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A type checking bug would have led to invalid code being compiled. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
An attacker could have positioned a `datalist` element to obscure the address bar. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When reading a file, an uninitialized value could have been used as read limit. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Protocol handlers `ms-cxh` and `ms-cxh-full` could have been leveraged to trigger a denial of service. *Note: This attack only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers and community members Gabriele Svelto, Andrew Osmond, Emily McDonough, Sebastian Hengst, Andrew McCreight and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 112 and Firefox ESR 102.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Mozilla developers and community members Ronald Crane, Andrew McCreight, Randell Jesup and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 112. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 113.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in fact it was an executable file. Newer versions of Thunderbird will strip the character and show the correct file extension. This vulnerability affects Thunderbird < 115.0.1 and Thunderbird < 102.13.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from attacks that exploit human response time delays. If a malicious page elicited user clicks in precise locations immediately before navigating to a site with a certificate error and made the renderer extremely busy at the same time, it could create a gap between when the error page was loaded and when the display actually refreshed. With the right timing the elicited clicks could land in that gap and activate the button that overrides the certificate error for that site. This vulnerability affects Firefox ESR < 102.12, Firefox < 114, and Thunderbird < 102.12.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When choosing a site-isolated process for a document loaded from a data: URL that was the result of a redirect, Firefox would load that document in the same process as the site that issued the redirect. This bypassed the site-isolation protections against Spectre-like attacks on sites that host an "open redirect". Firefox no longer follows HTTP redirects to data: URLs. This vulnerability affects Firefox < 114.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Memory safety bugs present in Firefox 113, Firefox ESR 102.11, and Thunderbird 102.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.12, Firefox < 114, and Thunderbird < 102.12.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Memory safety bugs present in Firefox 113. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 114.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When Firefox is configured to block storage of all cookies, it was still possible to store data in localstorage by using an iframe with a source of 'about:blank'. This could have led to malicious websites storing tracking data without permission. This vulnerability affects Firefox < 115.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
During the worker lifecycle, a use-after-free condition could have occurred, which could have led to a potentially exploitable crash. This vulnerability affects Firefox < 115.0.2, Firefox ESR < 115.0.2, and Thunderbird < 115.0.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
Insufficient validation in the Drag and Drop API in conjunction with social engineering, may have allowed an attacker to trick end-users into creating a shortcut to local system files. This could have been leveraged to execute arbitrary code. This vulnerability affects Firefox < 115.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A website could have obscured the fullscreen notification by using an option element by introducing lag via an expensive computational function. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 115.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The use of RTL Arabic characters in the address bar may have allowed for URL spoofing. This vulnerability affects Firefox < 115.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Uploading files which contain symlinks may have allowed an attacker to trick a user into submitting sensitive data to a malicious website. This vulnerability affects Firefox < 115.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
When opening Diagcab files, Firefox did not warn the user that these files may contain malicious code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
A use-after-free condition existed in `NotifyOnHistoryReload` where a `LoadingSessionHistoryEntry` object was freed and a reference to that object remained. This resulted in a potentially exploitable condition when the reference to that object was later reused. This vulnerability affects Firefox < 115.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A website could prevent a user from exiting full-screen mode via alert and prompt calls. This could lead to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 115.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
Memory safety bugs present in Firefox 114. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 115.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The permission request prompt from the site in the background tab was overlaid on top of the site in the foreground tab. This vulnerability affects Firefox for iOS < 115.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The session restore helper crashed whenever there was no parameter sent to the message handler. This vulnerability affects Firefox for iOS < 115.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect compilation and a potentially exploitable crash in the content process. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
An out-of-bounds read could have led to an exploitable crash when parsing HTML with DOMParser in low memory situations. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
Race conditions in reference counting code were found through code inspection. These could have resulted in potentially exploitable use-after-free vulnerabilities. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 116, Firefox ESR < 115.2, and Thunderbird < 115.2.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The Firefox updater created a directory writable by non-privileged users. When uninstalling Firefox, any files in that directory would be recursively deleted with the permissions of the uninstalling user account. This could be combined with creation of a junction (a form of symbolic link) to allow arbitrary file deletion controlled by the non-privileged user. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116, Firefox ESR < 115.1, and Thunderbird < 115.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
A website could have obscured the full screen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 116, Firefox ESR < 115.2, and Thunderbird < 115.2.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When opening appref-ms files, Firefox did not warn the user that these files may contain malicious code. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116, Firefox ESR < 102.14, Firefox ESR < 115.1, Thunderbird < 102.14, and Thunderbird < 115.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When the number of cookies per domain was exceeded in `document.cookie`, the actual cookie jar sent to the host was no longer consistent with expected cookie jar state. This could have caused requests to be sent with some cookies missing. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
Memory safety bugs present in Firefox 115, Firefox ESR 115.0, Firefox ESR 102.13, Thunderbird 115.0, and Thunderbird 102.13. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
Memory safety bugs present in Firefox 115, Firefox ESR 115.0, and Thunderbird 115.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 116, Firefox ESR < 115.1, and Thunderbird < 115.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
Memory safety bugs present in Firefox 115. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 116.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups. *This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected.* This vulnerability affects Mozilla VPN 2.16.1 < (Linux).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | vpn | * |
Common Voice is the web app for Mozilla Common Voice, a platform for collecting speech donations in order to create public domain datasets for training voice recognition-related tools. Version 1.88.2 is vulnerable to reflected Cross-Site Scripting given that user-controlled data flows to a path expression (path of a network request). This issue may lead to reflected Cross-Site Scripting (XSS) in the context of Common Voice’s server origin. As of time of publication, it is unknown whether any patches or workarounds exist.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
| security-advisories@github.com | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | common_voice | 1.88.2 |
The NSS code used for checking PKCS#1 v1.5 was leaking information useful in mounting Bleichenbacher-like attacks. Both the overall correctness of the padding as well as the length of the encrypted message was leaking through timing side-channel. By sending large number of attacker-selected ciphertexts, the attacker would be able to decrypt a previously intercepted PKCS#1 v1.5 ciphertext (for example, to decrypt a TLS session that used RSA key exchange), or forge a signature using the victim's key. The issue was fixed by implementing the implicit rejection algorithm, in which the NSS returns a deterministic random message in case invalid padding is detected, as proposed in the Marvin Attack paper. This vulnerability affects NSS < 3.61.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | nss | * |
When receiving rendering data over IPC `mStream` could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When creating a callback over IPC for showing the File Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
On Windows, an integer overflow could occur in `RecordedSourceSurfaceCreation` which resulted in a heap buffer overflow potentially leaking sensitive data that could have led to a sandbox escape. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.6 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N | 3.9 | 4.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When `UpdateRegExpStatics` attempted to access `initialStringHeap` it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When calling `JS::CheckRegExpSyntax` a Syntax Error could have been set which would end in calling `convertToRuntimeErrorAndClear`. A path in the function could attempt to allocate memory when none is available which would have caused a newly created Out of Memory exception to be mishandled as a Syntax Error. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Search queries in the default search engine could appear to have been the currently navigated URL if the search query itself was a well formed URL. This could have led to a site spoofing another if it had been maliciously set as the default search engine. This vulnerability affects Firefox < 117.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.1 | LOW | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N | 1.6 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Excel `.xll` add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occurred when allocating too much private shader memory on mac OS. *This bug only affects Firefox on macOS. Other operating systems are unaffected.* This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
When checking if the Browsing Context had been discarded in `HttpBaseChannel`, if the load group was not available then it was assumed to have already been discarded which was not always the case for private channels after the private session had ended. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 3.9 | 3.6 |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Memory safety bugs present in Firefox 116, Firefox ESR 102.14, Firefox ESR 115.1, Thunderbird 102.14, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| fedoraproject | fedora | 37 |
| chrome | * | |
| mozilla | firefox_esr | * |
| debian | debian_linux | 12.0 |
| microsoft | edge | * |
| fedoraproject | fedora | 38 |
| microsoft | teams | 1.6.00.26463 |
| microsoft | teams | 1.6.00.26474 |
| debian | debian_linux | 10.0 |
| bandisoft | honeyview | * |
| microsoft | teams | * |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| fedoraproject | fedora | 39 |
| webmproject | libwebp | * |
| microsoft | webp_image_extension | * |
| microsoft | edge_chromium | * |
| bentley | seequent_leapfrog | * |
| debian | debian_linux | 11.0 |
| microsoft | webp_image_extension | 1.0.62681.0 |
| netapp | active_iq_unified_manager | - |
An attacker could have accessed internal pages or data by ex-filtrating a security key from ReaderMode via the `referrerpolicy` attribute. This vulnerability affects Firefox for iOS < 120.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
An attacker could have performed HTML template injection via Reader Mode and exfiltrated user information. This vulnerability affects Firefox for iOS < 120.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. If present, Thunderbird did not compare the signature creation date with the message date and time, and displayed a valid signature despite a date or time mismatch. This could be used to give recipients the impression that a message was sent at a different date or time. This vulnerability affects Thunderbird < 115.6.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
When processing a PGP/MIME payload that contains digitally signed text, the first paragraph of the text was never shown to the user. This is because the text was interpreted as a MIME message and the first paragraph was always treated as an email header section. A digitally signed text from a different context, such as a signed GIT commit, could be used to spoof an email message. This vulnerability affects Thunderbird < 115.6.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
A compromised content process could have provided malicious data in a `PathRecording` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| fedoraproject | fedora | 39 |
| mozilla | firefox_esr | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This memory leak could be used to effect a sandbox escape if the correct data was leaked. This vulnerability affects Firefox < 118.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.4 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N | 2.8 | 4.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| fedoraproject | fedora | 39 |
| mozilla | firefox_esr | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
A hashtable in the Ion Engine could have been mutated while there was a live interior reference, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox < 118.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
In a non-standard configuration of Firefox, an integer overflow could have occurred based on network traffic (possibly under influence of a local unprivileged webpage), leading to an out-of-bounds write to privileged process memory. *This bug only affects Firefox if a non-standard preference allowing non-HTTPS Alternate Services (`network.http.altsvc.oe`) is enabled.* This vulnerability affects Firefox < 118.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash. *This bug only affects Firefox on Windows when run in non-standard configurations (such as using `runas`). Other operating systems are unaffected.* This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
During process shutdown, it was possible that an `ImageBitmap` was created that would later be used after being freed from a different codepath, leading to a potentially exploitable crash. This vulnerability affects Firefox < 118.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| fedoraproject | fedora | 37 |
| mozilla | firefox_focus | * |
| chrome | * | |
| mozilla | firefox_esr | * |
| debian | debian_linux | 12.0 |
| webmproject | libvpx | * |
| apple | iphone_os | * |
| apple | ipados | 16.7 |
| redhat | enterprise_linux | 9.0 |
| fedoraproject | fedora | 38 |
| debian | debian_linux | 10.0 |
| apple | ipados | * |
| mozilla | firefox | * |
| microsoft | edge_chromium | 116.0.5845.229 |
| apple | ipad_os | * |
| mozilla | thunderbird | * |
| fedoraproject | fedora | 39 |
| apple | ipad_os | 16.7 |
| microsoft | edge | 117.0.2045.47 |
| microsoft | edge_chromium | 117.0.5938.132 |
| debian | debian_linux | 11.0 |
| apple | iphone_os | 16.7 |
| microsoft | edge | 116.0.1938.98 |
NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| debian | debian_linux | 10.0 |
It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient activation-delay. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
Using iterative requests an attacker was able to learn the size of an opaque response, as well as the contents of a server-supplied Vary header. This vulnerability affects Firefox < 119.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
An attacker with temporary script access to a site could have set a cookie containing invalid characters using `document.cookie` that could have led to unknown errors. This vulnerability affects Firefox < 119.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Drivers are not always robust to extremely large draw calls and in some cases this scenario could have led to a crash. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
A malicious installed WebExtension could open arbitrary URLs, which under the right circumstance could be leveraged to collect sensitive user data. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks. *Note: This issue only affected macOS operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
The executable file warning was not presented when downloading .msix, .msixbundle, .appx, and .appxbundle files, which can run commands on a user's computer. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
A malicious web site can enter fullscreen mode while simultaneously triggering a WebAuthn prompt. This could have obscured the fullscreen notification and could have been leveraged in a spoofing attack. This vulnerability affects Firefox < 119.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Memory safety bugs present in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
Memory safety bugs present in Firefox 118. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 119.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
An attacker could have created a malicious link using bidirectional characters to spoof the location in the address bar when visited. This vulnerability affects Firefox < 117, Firefox ESR < 115.4, and Thunderbird < 115.4.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
When opening a page in reader mode, the redirect URL could have caused attacker-controlled script to execute in a reflected Cross-Site Scripting (XSS) attack. This vulnerability affects Firefox for iOS < 119.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox < 121.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
On some systems—depending on the graphics settings and drivers—it was possible to force an out-of-bounds read and leak memory data into the images created on the canvas element. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to an exploitable crash. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N | 2.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
Ownership mismanagement led to a use-after-free in ReadableByteStreams This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
When using X11, text selected by the page using the Selection API was erroneously copied into the primary selection, a temporary storage not unlike the clipboard. *This bug only affects Firefox on X11. Other systems are unaffected.* This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
Relative URLs starting with three slashes were incorrectly parsed, and a path-traversal "/../" part in the path could be used to override the specified host. This could contribute to security problems in web sites. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
When an https: web page created a pop-up from a "javascript:" URL, that pop-up was incorrectly allowed to load blockable content such as iframes from insecure http: URLs This vulnerability affects Firefox < 120.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
If an attacker needed a user to load an insecure http: page and knew that user had enabled HTTPS-only mode, the attacker could have tricked the user into clicking to grant an HTTPS-only exception if they could get the user to participate in a clicking game. This vulnerability affects Firefox < 120.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Memory safety bugs present in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
Memory safety bugs present in Firefox 119. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 120.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
When resolving a symlink, a race may occur where the buffer passed to `readlink` may actually be smaller than necessary. *This bug only affects Firefox on Unix-based operating systems (Android, Linux, MacOS). Windows is unaffected.* This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N | 1.6 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
Firefox was susceptible to a heap buffer overflow in `nsTextFragment` due to insufficient OOM handling. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
The `VideoBridge` allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
The `nsWindow::PickerOpen(void)` method was susceptible to a heap buffer overflow when running in headless mode. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
A use-after-free was identified in the `nsDNSService::Init`. This issue appears to manifest rarely during start-up. This vulnerability affects Firefox ESR < 115.6 and Thunderbird < 115.6.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
The `ShutdownObserver()` was susceptible to potentially undefined behavior due to its reliance on a dynamic type that lacked a virtual destructor. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
`EncryptingOutputStream` was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR < 115.6 and Firefox < 121.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
TypedArrays can be fallible and lacked proper exception handling. This could lead to abuse in other APIs which expect TypedArrays to always succeed. This vulnerability affects Firefox < 121.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox ESR < 115.6 and Firefox < 121.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
In some instances, the user-agent would allow push requests which lacked a valid VAPID even though the push manager subscription defined one. This could allow empty messages to be sent from unauthorized parties. *This bug only affects Firefox on Android.* This vulnerability affects Firefox < 121.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A `<dialog>` element could have been manipulated to paint content outside of a sandboxed iframe. This could allow untrusted content to display under the guise of trusted content. This vulnerability affects Firefox < 121.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Applications which spawn a Toast notification in a background thread may have obscured fullscreen notifications displayed by Firefox. *This issue only affects Android versions of Firefox and Firefox Focus.* This vulnerability affects Firefox < 121.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_focus | - |
Under certain conditions, Firefox did not display a warning when a user attempted to navigate to a new protocol handler. This vulnerability affects Firefox < 121.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Browser tab titles were being leaked by GNOME to system logs. This could potentially expose the browsing habits of users running in a private tab. This vulnerability affects Firefox < 121.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Memory safety bugs present in Firefox 120. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 121.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| debian | debian_linux | 12.0 |
| debian | debian_linux | 11.0 |
| debian | debian_linux | 10.0 |
Using a javascript: URI with a setTimeout race condition, an attacker can execute unauthorized scripts on top origin sites in urlbar. This bypasses security measures, potentially leading to arbitrary code execution or unauthorized actions within the user's loaded webpage. This vulnerability affects Focus for iOS < 122.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_focus | * |
An attacker could execute unauthorized script on a legitimate site through UXSS using window.open() by opening a javascript URI leading to unauthorized actions within the user's loaded webpage. This vulnerability affects Focus for iOS < 122.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_focus | * |
An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 10.0 |
It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 10.0 |
An unchecked return value in TLS handshake code could have caused a potentially exploitable crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.9, and Thunderbird < 115.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
In some circumstances, JIT compiled code could have dereferenced a wild pointer value. This could have led to an exploitable crash. This vulnerability affects Firefox < 122.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The WebAudio `OscillatorNode` object was susceptible to a stack buffer overflow. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 122.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A Linux user opening the print preview dialog could have caused the browser to crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 10.0 |
When a parent page loaded a child in an iframe with `unsafe-inline`, the parent Content Security Policy could have overridden the child Content Security Policy. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 10.0 |
A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox < 122.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A phishing site could have repurposed an `about:` dialog to show phishing content with an incorrect origin in the address bar. This vulnerability affects Firefox < 122 and Thunderbird < 115.7.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 10.0 |
A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 10.0 |
A malicious devtools extension could have been used to escalate privileges. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 10.0 |
A use-after-free crash could have occurred on macOS if a Firefox update were being applied on a very busy system. This could have resulted in an exploitable crash. This vulnerability affects Firefox < 122.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 10.0 |
Some WASM source files could have caused a crash when loaded in devtools. This vulnerability affects Firefox < 122.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 10.0 |
When a user scans a QR Code with the QR Code Scanner feature, the user is not prompted before being navigated to the page specified in the code. This may surprise the user and potentially direct them to unwanted content. This vulnerability affects Firefox for iOS < 129.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | - |
A permission leak could have occurred from a trusted site to an untrusted site via `embed` or `object` elements. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
The origin of an external protocol handler prompt could have been obscured using a data: URL within an `iframe`. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the response header was not respected and did not force a download, which could allow XSS attacks. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Truncation of a long URL could have allowed origin spoofing in a permission prompt. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Video frames could have been leaked between origins in some situations. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Repeated writes to history interface attributes could have been used to cause a Denial of Service condition in the browser. This was addressed by introducing rate-limiting to this API. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
A clipboard "paste" button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
By sending a specially crafted push message, a remote server could have hung the parent process, causing the browser to become unresponsive. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Potential race conditions in IndexedDB could have caused memory corruption, leading to a potentially exploitable crash. This vulnerability affects Firefox < 132 and Thunderbird < 132.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Focus was incorrectly allowing internal links to utilize the app scheme used for deeplinking, which could result in links potentially circumventing some URL safety checks This vulnerability affects Focus for iOS < 132.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N | 3.9 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_focus | * |
A malicious website could have included an iframe with an malformed URI resulting in a non-exploitable browser crash. This vulnerability affects Firefox < 126.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Using remote content in OpenPGP encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird < 128.4.3 and Thunderbird < 132.0.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in Apple's GPU driver. *This bug only affected the application on Apple M series hardware. Other platforms were unaffected.* This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Firefox ESR < 115.18, Thunderbird < 133, Thunderbird < 128.5, and Thunderbird < 115.18.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
An attacker could cause a select dropdown to be shown over another tab; this could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Enhanced Tracking Protection's Strict mode may have inadvertently allowed a CSP `frame-src` bypass and DOM-based XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could have exposed users to malicious frames masquerading as legitimate content. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Firefox ESR < 115.18, Thunderbird < 133, Thunderbird < 128.5, and Thunderbird < 115.18.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing attack. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N | 2.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
The application failed to account for exceptions thrown by the `loadManifestFromFile` method during add-on signature verification. This flaw, triggered by an invalid or unsupported extension manifest, could have caused runtime errors that disrupted the signature validation process. As a result, the enforcement of signature validation for unrelated add-ons may have been bypassed. Signature validation in this context is used to ensure that third-party applications on the user's computer have not tampered with the user's extensions, limiting the impact of this issue. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N | 2.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation dialog. This could have led to malicious code execution. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
A flaw in handling fullscreen transitions may have inadvertently caused the application to become stuck in fullscreen mode when a modal dialog was opened during the transition. This issue left users unable to exit fullscreen mode using standard actions like pressing "Esc" or accessing right-click menus, resulting in a disrupted browsing experience until the browser is restarted. *This bug only affects the application when running on macOS. Other operating systems are unaffected.* This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
A double-free issue could have occurred in `sec_pkcs7_decoder_start_decrypt()` when handling an error path. Under specific conditions, the same symmetric key could have been freed twice, potentially leading to memory corruption. This vulnerability affects Firefox < 133, Thunderbird < 133, Firefox ESR < 128.7, and Thunderbird < 128.7.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
`NSC_DeriveKey` inadvertently assumed that the `phKey` parameter is always non-NULL. When it was passed as NULL, a segmentation fault (SEGV) occurred, leading to crashes. This behavior conflicted with the PKCS#11 v3.0 specification, which allows `phKey` to be NULL for certain mechanisms. This vulnerability affects Firefox < 133 and Thunderbird < 133.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H | 3.9 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| debian | debian_linux | 10.0 |
Through a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website (with the victim website's URL shown). This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| debian | debian_linux | 10.0 |
A website could have obscured the fullscreen notification by using a dropdown select input element. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| debian | debian_linux | 10.0 |
If a website set a large custom cursor, portions of the cursor could have overlapped with the permission dialog, potentially resulting in user confusion and unexpected granted permissions. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| debian | debian_linux | 10.0 |
A malicious website could have used a combination of exiting fullscreen mode and `requestPointerLock` to cause the user's mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently granting permissions they did not intend to grant. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| debian | debian_linux | 10.0 |
Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior.*Note:* This issue only affects 32-bit ARM devices. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| debian | debian_linux | 10.0 |
Memory safety bugs present in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| debian | debian_linux | 10.0 |
When opening a website using the `firefox://` protocol handler, SameSite cookies were not properly respected. This vulnerability affects Firefox < 123.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The incorrect object was checked for NULL in the built-in profiler, potentially leading to invalid memory access and undefined behavior. *Note:* This issue only affects the application when the profiler is running. This vulnerability affects Firefox < 123.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Memory safety bugs present in Firefox 122. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 123.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
An attacker could have executed unauthorized scripts on top origin sites using a JavaScript URI when opening an external URL with a custom Firefox scheme and a timeout race condition. This vulnerability affects Focus for iOS < 122.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_focus | * |
The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in Thunderbird's local cache. Consequently, when replying to the contaminated email message, the user might accidentally leak the confidential subject to a third-party. While this update fixes the bug and avoids future message contamination, it does not automatically repair existing contaminations. Users are advised to use the repair folder functionality, which is available from the context menu of email folders, which will erase incorrect subject assignments. This vulnerability affects Thunderbird < 115.8.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
| debian | debian_linux | 10.0 |
If an attacker could find a way to trigger a particular code path in `SafeRefPtr`, it could have triggered a crash or potentially be leveraged to achieve code execution. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Data was not properly sanitized when decoding a QUIC ACK frame; this could have led to unrestricted memory consumption and a crash. This vulnerability affects Firefox < 124.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Memory safety bugs present in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| debian | debian_linux | 10.0 |
To harden ICU against exploitation, the behavior for out-of-memory conditions was changed to crash instead of attempt to continue. This vulnerability affects Firefox ESR < 115.9 and Thunderbird < 115.9.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Upon scanning a JavaScript URI with the QR code scanner, an attacker could have executed unauthorized scripts on the current top origin sites in the URL bar. This vulnerability affects Firefox for iOS < 123.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Using an AMP url with a canonical element, an attacker could have executed JavaScript from an opened bookmarked page. This vulnerability affects Firefox for iOS < 123.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
An attacker could have executed unauthorized scripts on top origin sites using a JavaScript URI when opening an external URL with a custom Firefox scheme. This vulnerability affects Firefox for iOS < 123.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Utilizing a 302 redirect, an attacker could have conducted a Universal Cross-Site Scripting (UXSS) on a victim website, if the victim had a link to the attacker's website. This vulnerability affects Focus for iOS < 123.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_focus | * |
When browsing private tabs, some data related to location history or webpage thumbnails could be persisted incorrectly within the sandboxed app bundle after app termination This vulnerability affects Firefox for iOS < 127.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
In certain scenarios a malicious website could attempt to display a fake location URL bar which could mislead users as to the actual website address This vulnerability affects Firefox for iOS < 127.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The executable file warning was not presented when downloading .xrm-ms files. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox 124. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 125.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The contextual menu for links could provide an opportunity for cross-site scripting attacks This vulnerability affects Firefox for iOS < 129.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 |
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| open-xchange | open-xchange_appsuite_frontend | * |
| debian | debian_linux | 10.0 |
The `ShmemCharMapHashEntry()` code was susceptible to potentially undefined behavior by bypassing the move semantics for one of its data members. This vulnerability affects Firefox < 126.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Accessing a non-secure HTTP site that uses a non-existent port may cause the SSL padlock icon in the location URL bar to, misleadingly, appear secure. This vulnerability affects Firefox for iOS < 133.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L | 2.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
If a specific sequence of actions is performed when opening a new tab, the triggering principal associated with the new tab may have been incorrect. The triggering principal is used to calculate many values, including the `Referer` and `Sec-*` headers, meaning there is the potential for incorrect security checks within the browser in addition to incorrect or misleading information sent to remote websites. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 127.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
In addition to detecting when a user was taking a screenshot (XXX), a website was able to overlay the 'My Shots' button that appeared, and direct the user to a replica Firefox Screenshots page that could be used for phishing. This vulnerability affects Firefox < 127.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| debian | debian_linux | 10.0 |
By tricking the browser with a `X-Frame-Options` header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
On Windows 10, when using the 'Save As' functionality, an attacker could have tricked the browser into saving the file with a disallowed extension such as `.url` by including an invalid character in the extension. *Note:* This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
An attacker could have caused a use-after-free in the JavaScript engine to read memory in the JavaScript string section of the heap. This vulnerability affects Firefox < 127.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
If an out-of-memory condition occurs at a specific point using allocations in the probabilistic heap checker, an assertion could have been triggered, and in rarer situations, memory corruption could have occurred. This vulnerability affects Firefox < 127.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
By manipulating the text in an `<input>` tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| debian | debian_linux | 10.0 |
A website was able to detect when a user took a screenshot of a page using the built-in Screenshot functionality in Firefox. This vulnerability affects Firefox < 127.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid a text box over the address bar. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 127.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Due to large allocation checks in Angle for GLSL shaders being too lenient an out-of-bounds access could occur when allocating more than 8192 ints in private shader memory on macOS. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
A mismatch between allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a `<select>` element over certain permission prompts. This could be used to confuse a user into giving a site unintended permissions. This vulnerability affects Firefox < 128 and Thunderbird < 128.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox < 128 and Thunderbird < 128.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. This vulnerability affects Firefox < 128 and Thunderbird < 128.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox < 128 and Thunderbird < 128.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and achieved XSS, bypassing the CSP strict-dynamic protection. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the `with` environment. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence would indicate certain browser features had been used, such as when a user opened the Dev Tools console. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don't have a trusted newsreader installed by default, an unscrupulous program that the user downloaded could register itself as a handler. The website that served the application download could then launch that application at will. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Firefox ESR < 115.15.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | firefox_esr | * |
Multiple prompts and panels from both Firefox and the Android OS could be used to obscure the notification announcing the transition to fullscreen mode after the fix for CVE-2023-6870 in Firefox 121. This could lead to spoofing the browser UI if the sudden appearance of the prompt distracted the user from noticing the visual transition happening behind the prompt. These notifications now use the Android Toast feature. *This bug only affects Firefox on Android. Other operating systems are unaffected.* This vulnerability affects Firefox < 130.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox < 129, Firefox ESR < 128.3, and Thunderbird < 128.3.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A compromised content process could have allowed for the arbitrary loading of cross-origin pages. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://pdf.js` origin. This could allow them to access cross-origin PDF content. This access is limited to "same site" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 129.0 |
| mozilla | firefox_esr | * |
An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://devtools` origin. This could allow them to access cross-origin JSON content. This access is limited to "same site" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 129.0 |
| mozilla | firefox_esr | * |
By checking the result of calls to `window.open` with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handler is installed. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | thunderbird | 129.0 |
| mozilla | firefox_esr | * |
A website configured to initiate a specially crafted WebTransport session could crash the Firefox process leading to a denial of service condition. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, Firefox ESR < 115.16.1, Thunderbird < 131.0.1, Thunderbird < 128.3.1, and Thunderbird < 115.16.0.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
| mozilla | firefox_esr | * |
| mozilla | thunderbird | 131.0 |
| debian | debian_linux | 11.0 |
The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N | 2.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Firefox ESR < 115.19, Thunderbird < 134, and Thunderbird < 128.6.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Parsing a JavaScript module as JSON could, under some circumstances, cause cross-compartment access, which may result in a use-after-free. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
When segmenting specially crafted text, segmentation would corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.7 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L | 2.2 | 5.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 115.18, Firefox ESR 128.5, Thunderbird 115.18, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Firefox ESR < 115.19, Thunderbird < 134, and Thunderbird < 128.6.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 128.5, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 2.5 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Thunderbird displayed an incorrect sender address if the From field of an email used the invalid group name syntax that is described in CVE-2024-49040. This vulnerability affects Thunderbird < 128.7 and Thunderbird < 135.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
An attacker could have caused a use-after-free via the Custom Highlight API, leading to a potentially exploitable crash. This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
A bug in WebAssembly code generation could have lead to a crash. It may have been possible for an attacker to leverage this to achieve code execution. This vulnerability affects Firefox < 135, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
A race during concurrent delazification could have led to a use-after-free. This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
A race condition could have led to private browsing tabs being opened in normal browsing windows. This could have resulted in a potential privacy leak. This vulnerability affects Firefox < 135, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed. This vulnerability affects Firefox < 135, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 135, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
The fullscreen notification is prematurely hidden when fullscreen is re-requested quickly by the user. This could have been leveraged to perform a potential spoofing attack. This vulnerability affects Firefox < 135 and Thunderbird < 135.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.3 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 3.9 | 3.4 |
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
The z-order of the browser windows could be manipulated to hide the fullscreen notification. This could potentially be leveraged to perform a spoofing attack. This vulnerability affects Firefox < 135 and Thunderbird < 135.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox 134 and Thunderbird 134. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 135 and Thunderbird < 135.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Opening links via the contextual menu in Focus iOS for certain URL schemes would fail to load but would not refresh the toolbar correctly, allowing attackers to spoof websites if users were coerced into opening a link explicitly through a long-press This vulnerability affects Focus for iOS < 143.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_focus | * |
Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L | 2.8 | 3.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component. This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.3 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 3.9 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Same-origin policy bypass in the Layout component. This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability affects Firefox < 143 and Thunderbird < 143.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Mitigation bypass in the Web Compatibility: Tooling component. This vulnerability affects Firefox < 143 and Thunderbird < 143.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N | 2.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Incorrect boundary conditions in the JavaScript: GC component. This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Integer overflow in the SVG component. This vulnerability affects Firefox < 143, Firefox ESR < 115.28, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Spoofing issue in the Site Permissions component. This vulnerability affects Firefox < 143 and Thunderbird < 143.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N | 2.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Information disclosure, mitigation bypass in the Privacy component in Firefox for Android. This vulnerability affects Firefox < 143.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Information disclosure in the Networking: Cache component. This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird < 140.3.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Cookie storage for non-HTML temporary documents was being shared incorrectly with normal browsing content, allowing information from private tabs to escape Incognito mode even after the user closed all tabs This vulnerability affects Firefox for iOS < 143.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Sandbox escape due to integer overflow in the Graphics: Canvas2D component. This vulnerability affects Firefox < 143.0.3.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.6 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L | 3.9 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 143.0.3.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Use-after-free in MediaTrackGraphImpl::GetInstance() This vulnerability affects Firefox < 144, Firefox ESR < 140.4, Thunderbird < 144, and Thunderbird < 140.4.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using manipulated WebGL textures. This vulnerability affects Firefox < 144, Firefox ESR < 115.29, Firefox ESR < 140.4, Thunderbird < 144, and Thunderbird < 140.4.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process. This vulnerability affects Firefox < 144, Firefox ESR < 115.29, Firefox ESR < 140.4, Thunderbird < 144, and Thunderbird < 140.4.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable. This vulnerability affects Firefox < 144, Firefox ESR < 115.29, Firefox ESR < 140.4, Thunderbird < 144, and Thunderbird < 140.4.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
A malicious page could have used the type attribute of an OBJECT tag to override the default browser behavior when encountering a web resource served without a content-type. This could have contributed to an XSS on a site that unsafely serves files without a content-type header. This vulnerability affects Firefox < 144, Firefox ESR < 140.4, Thunderbird < 144, and Thunderbird < 140.4.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Insufficient escaping in the “Copy as cURL” feature could have been used to trick a user into executing unexpected code on Windows. This did not affect the application when running on other operating systems. This vulnerability affects Firefox < 144, Firefox ESR < 140.4, Thunderbird < 144, and Thunderbird < 140.4.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N | 2.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 144, Firefox ESR < 115.29, Firefox ESR < 140.4, Thunderbird < 144, and Thunderbird < 140.4.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 144, Firefox ESR < 140.4, Thunderbird < 144, and Thunderbird < 140.4.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Links in a sandboxed iframe could open an external app on Android without the required "allow-" permission. This vulnerability affects Firefox < 144 and Thunderbird < 144.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
When switching between Android apps using the card carousel Firefox shows a black screen as its card image when a password-related screen was the last one being used. Prior to Firefox 144 the password edit screen was visible. This vulnerability affects Firefox < 144.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N | 3.9 | 5.2 |
| nvd@nist.gov | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N | 3.9 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When the address bar was hidden due to scrolling on Android, a malicious page could create a fake address bar to fool the user in response to a visibilitychange event This vulnerability affects Firefox < 144.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Starting in Thunderbird 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption. This vulnerability affects Firefox < 144 and Thunderbird < 144.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that was loaded, not the full hostname. User supplied content hosted on a subdomain of a site could have been used to fool a user into thinking it was content from a different subdomain of that site. This vulnerability affects Firefox < 144.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N | 2.8 | 5.2 |
| nvd@nist.gov | 8.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N | 2.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Memory safety bug present in Firefox 143 and Thunderbird 143. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox < 144 and Thunderbird < 144.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after-free in the GPU or browser process using WebGPU-related IPC calls. This may have been usable to escape the child process sandbox. This vulnerability affects Firefox < 144.0.2.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Race condition in the Graphics component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mitigation bypass in the DOM: Core & HTML component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Use-after-free in the Audio/Video component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Spoofing issue in Firefox. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Same-origin policy bypass in the DOM: Notifications component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Same-origin policy bypass in the DOM: Workers component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Use-after-free in the WebRTC: Audio/Video component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 145 and Thunderbird < 145.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Memory safety bugs present in Firefox 144 and Thunderbird 144. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 145 and Thunderbird < 145.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Use-after-free in the WebRTC: Signaling component. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.0 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N | 1.6 | 5.8 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Privilege escalation in the DOM: Notifications component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.3 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 3.9 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Use-after-free in the Audio/Video: GMP component. This vulnerability affects Firefox < 146 and Thunderbird < 146.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Spoofing issue in the Downloads Panel component. This vulnerability affects Firefox < 146, Thunderbird < 146, and Firefox ESR < 140.7.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Same-origin policy bypass in the Request Handling component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox 145 and Thunderbird 145. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 146 and Thunderbird < 146.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.3 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 3.9 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox ESR 140.5, Thunderbird ESR 140.5, Firefox 145 and Thunderbird 145. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Unicode RTLO characters could allow malicious websites to spoof filenames in the downloads UI for Firefox for iOS, potentially tricking users into saving files of an unexpected file type. This vulnerability affects Firefox for iOS < 144.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Use-after-free in the Disability Access APIs component. This vulnerability affects Firefox < 146.0.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Memory safety bugs present in Firefox 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 146.0.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
It was possible to cause a use-after-free in the content process side of a WebTransport connection, leading to a potentially exploitable crash. This vulnerability affects Firefox < 136, Firefox ESR < 115.21, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
An inconsistent comparator in xslt/txNodeSorter could have resulted in potentially exploitable out-of-bounds access. Only affected version 122 and later. This vulnerability affects Firefox < 136, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H | 2.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type. This vulnerability affects Firefox < 136, Firefox ESR < 115.21, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.6 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H | 2.8 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
It was possible to interrupt the processing of a RegExp bailout and run additional JavaScript, potentially triggering garbage collection when the engine was not expecting it. This vulnerability affects Firefox < 136, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
A web page could trick a user into setting that site as the default handler for a custom URL protocol. This vulnerability affects Firefox < 136, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
jar: URLs retrieve local file content packaged in a ZIP archive. The null and everything after it was ignored when retrieving the content from the archive, but the fake extension after the null was used to determine the type of content. This could have been used to hide code in a web extension disguised as something else like an image. This vulnerability affects Firefox < 136, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, and Thunderbird 128.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 136, Firefox ESR < 115.21, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 136, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Android apps can load web pages using the Custom Tabs feature. This feature supports a transition animation that could have been used to trick a user into granting sensitive permissions by hiding what the user was actually clicking. This vulnerability affects Firefox < 136.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 3.9 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N | 1.3 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Thunderbird's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the user-privileged process, an attacker could bypass intended access controls, allowing SYSTEM-level file operations on paths controlled by a non-privileged user and enabling privilege escalation. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird < 128.10.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the victim's system. This vulnerability is not limited to Linux; similar behavior has been observed on Windows as well. This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L | 2.8 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
Following the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape. The original vulnerability was being exploited in the wild. *This only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 136.0.4, Firefox ESR < 128.8.1, and Firefox ESR < 115.21.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
JavaScript code running while transforming a document with the XSLTProcessor could lead to a use-after-free. This vulnerability affects Firefox < 137, Firefox ESR < 115.22, Firefox ESR < 128.9, Thunderbird < 137, and Thunderbird < 128.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
A crafted URL containing specific Unicode characters could have hidden the true origin of the page, resulting in a potential spoofing attack. This vulnerability affects Firefox < 137, Firefox ESR < 128.9, Thunderbird < 137, and Thunderbird < 128.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.3 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 3.9 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 137, Firefox ESR < 128.9, Thunderbird < 137, and Thunderbird < 128.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Thunderbird processes the X-Mozilla-External-Attachment-URL header to handle attachments which can be hosted externally. When an email is opened, Thunderbird accesses the specified URL to determine file size, and navigates to it when the user clicks the attachment. Because the URL is not validated or sanitized, it can reference internal resources like chrome:// or SMB share file:// links, potentially leading to hashed Windows credential leakage and opening the door to more serious security issues. This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L | 2.8 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
When an email contains multiple attachments with external links via the X-Mozilla-External-Attachment-URL header, only the last link is shown when hovering over any attachment. Although the correct link is used on click, the misleading hover text could trick users into downloading content from untrusted sources. This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.4 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:L | 1.6 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
A race condition existed in nsHttpTransaction that could have been exploited to cause memory corruption, potentially leading to an exploitable condition. This vulnerability affects Firefox < 137.0.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N | 2.2 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Websites directing users to long URLs that caused eliding to occur in the location view could leverage the truncating behavior to potentially trick users into thinking they were on a different webpage This vulnerability affects Focus < 138.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_focus | * |
Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an invalid From address to be used. For example, if the From header contains an (invalid) value "Spoofed Name ", Thunderbird treats spoofed@example.com as the actual address. This vulnerability affects Thunderbird < 128.10.1 and Thunderbird < 138.0.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment (message/rfc822) and setting its content type to application/pdf, Thunderbird may incorrectly render it as HTML when opened, allowing the embedded JavaScript to run without requiring a file download. This behavior relies on Thunderbird auto-saving the attachment to /tmp and linking to it via the file:/// protocol, potentially enabling JavaScript execution as part of the HTML. This vulnerability affects Thunderbird < 128.10.1 and Thunderbird < 138.0.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
It was possible to craft an email that showed a tracking link as an attachment. If the user attempted to open the attachment, Thunderbird automatically accessed the link. The configuration to block remote content did not prevent that. Thunderbird has been fixed to no longer allow access to web pages listed in the X-Mozilla-External-Attachment-URL header of an email. This vulnerability affects Thunderbird < 128.10.1 and Thunderbird < 138.0.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
Modification of specific WebGL shader attributes could trigger an out-of-bounds read, which, when chained with other vulnerabilities, could be used to escalate privileges. *This bug only affects Thunderbird for macOS. Other versions of Thunderbird are unaffected.* This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird < 128.10.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.9 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.2 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
A process isolation vulnerability in Thunderbird stemmed from improper handling of javascript: URIs, which could allow content to execute in the top-level document's process instead of the intended frame, potentially enabling a sandbox escape. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird < 128.10.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N | 3.9 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Due to insufficient escaping of the special characters in the "copy as cURL" feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. *This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.* This vulnerability affects Firefox ESR < 128.10, Firefox ESR < 115.23, and Thunderbird < 128.10.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.7 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N | 2.1 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
An attacker with control over a content process could potentially leverage the privileged UITour actor to leak sensitive information or escalate privileges. This vulnerability affects Firefox < 138 and Thunderbird < 138.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N | 2.8 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
A specially crafted filename containing a large number of encoded newline characters could obscure the file's extension when displayed in the download dialog. *This bug only affects Thunderbird for Android. Other versions of Thunderbird are unaffected.* This vulnerability affects Firefox < 138 and Thunderbird < 138.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
A vulnerability was identified in Thunderbird where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access and potentially, memory corruption. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Thunderbird < 138, and Thunderbird < 128.10.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
A security vulnerability in Thunderbird allowed malicious sites to use redirects to send credentialed requests to arbitrary endpoints on any site that had invoked the Storage Access API. This enabled potential Cross-Site Request Forgery attacks across origins. This vulnerability affects Firefox < 138 and Thunderbird < 138.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Due to insufficient escaping of special characters in the "copy as cURL" feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability affects Firefox < 138 and Thunderbird < 138.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 2.5 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
A vulnerability existed in Thunderbird for Android where potentially sensitive library locations were logged via Logcat. This vulnerability affects Firefox < 138 and Thunderbird < 138.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Thunderbird < 138, and Thunderbird < 128.10.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox 137 and Thunderbird 137. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 138 and Thunderbird < 138.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bug present in Firefox ESR 128.9, and Thunderbird 128.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 128.10 and Thunderbird < 128.10.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability affects Firefox < 138.0.4, Firefox ESR < 128.10.1, Firefox ESR < 115.23.1, Thunderbird < 128.10.2, and Thunderbird < 138.0.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes. This vulnerability affects Firefox < 138.0.4, Firefox ESR < 128.10.1, Firefox ESR < 115.23.1, Thunderbird < 128.10.2, and Thunderbird < 138.0.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Certain canvas operations could have lead to memory corruption. This vulnerability affects Firefox < 139.0.4.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
An integer overflow was present in `OrderedHashTable` used by the JavaScript engine This vulnerability affects Firefox < 139.0.4.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client This vulnerability affects Firefox for iOS < 139.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A double-free could have occurred in `vpx_codec_enc_init_multi` after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 139 and Thunderbird < 128.11.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks. This vulnerability affects Firefox < 139, Firefox ESR < 115.24, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability affects Firefox < 139, Firefox ESR < 115.24, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 4.8 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L | 1.3 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. *This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 139, Firefox ESR < 115.24, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 4.8 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L | 1.3 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox < 139, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
A clickjacking vulnerability could have been used to trick a user into leaking saved payment card details to a malicious page. This vulnerability affects Firefox < 139, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N | 2.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 139, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 128.11 and Thunderbird < 128.11.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability affects Firefox < 139 and Thunderbird < 139.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Previewing a response in Devtools ignored CSP headers, which could have allowed content injection attacks. This vulnerability affects Firefox < 139 and Thunderbird < 139.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Memory safety bugs present in Firefox 138 and Thunderbird 138. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 139 and Thunderbird < 139.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.3 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 3.9 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the expected sandbox restrictions declared on the parent page This vulnerability affects Firefox for iOS < 141.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The URL scheme used by Firefox to facilitate searching of text queries could incorrectly allow attackers to open arbitrary website URLs or internal pages if a user was tricked into clicking a link This vulnerability affects Firefox for iOS < 141.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N | 2.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The QR scanner could allow arbitrary websites to be opened if a user was tricked into scanning a malicious link that leveraged Firefox's open-text URL scheme This vulnerability affects Firefox for iOS < 141.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N | 3.9 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Malicious scripts utilizing repetitive JavaScript alerts could prevent client user interaction in some scenarios and allow for denial of service attacks This vulnerability affects Firefox for iOS < 142.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Malicious scripts could bypass the popup blocker to spam new tabs, potentially resulting in denial of service attacks This vulnerability affects Firefox for iOS < 142.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Firefox for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline rather than downloading, potentially allowing for XSS attacks This vulnerability affects Firefox for iOS < 142.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Malicious pages could use Firefox for iOS to pass FIDO: links to the OS and trigger the hybrid passkey transport. An attacker within Bluetooth range could have used this to trick the user into using their passkey to log the attacker's computer into the target account. This vulnerability affects Firefox for iOS < 142 and Focus for iOS < 142.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_focus | * |
| mozilla | firefox | * |
Focus for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline, potentially allowing for XSS attacks This vulnerability affects Focus for iOS < 142.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_focus | * |
Dragging JavaScript links to the URL bar in Focus for iOS could be utilized to run malicious scripts, potentially resulting in XSS attacks This vulnerability affects Focus for iOS < 142.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox_focus | * |
A vulnerability in Mozilla VPN on macOS allows privilege escalation from a normal user to root. *This bug only affects Mozilla VPN on macOS. Other operating systems are unaffected.* This vulnerability affects Mozilla VPN 2.28.0 < (macOS).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | vpn | * |
A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is disabled. This behavior can be abused to fill the disk with garbage data (e.g. using /dev/urandom on Linux) or to leak Windows credentials via SMB links when the email is viewed in HTML mode. While user interaction is required to download the .pdf file, visual obfuscation can conceal the download trigger. Viewing the email in HTML mode is enough to load external content. This vulnerability affects Thunderbird < 128.11.1 and Thunderbird < 139.0.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
A use-after-free in FontFaceSet resulted in a potentially exploitable crash. This vulnerability affects Firefox < 140, Firefox ESR < 115.25, Firefox ESR < 128.12, Thunderbird < 140, and Thunderbird < 128.12.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private browsing mode, but not profiles. This vulnerability affects Firefox < 140, Firefox ESR < 115.25, Firefox ESR < 128.12, Thunderbird < 140, and Thunderbird < 128.12.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The executable file warning did not warn users before opening files with the `terminal` extension. *This bug only affects Firefox for macOS. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 140, Firefox ESR < 128.12, Thunderbird < 140, and Thunderbird < 128.12.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
An attacker was able to bypass the `connect-src` directive of a Content Security Policy by manipulating subdocuments. This would have also hidden the connections from the Network tab in Devtools. This vulnerability affects Firefox < 140 and Thunderbird < 140.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N | 3.9 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When a URL was provided in a link querystring parameter, Firefox for Android would follow that URL instead of the correct URL, potentially leading to phishing attacks. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 140.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Firefox could have incorrectly parsed a URL and rewritten it to the youtube.com domain when parsing the URL specified in an `embed` tag. This could have bypassed website security checks that restricted which domains users were allowed to embed. This vulnerability affects Firefox < 140, Firefox ESR < 128.12, Thunderbird < 140, and Thunderbird < 128.12.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When a file download is specified via the `Content-Disposition` header, that directive would be ignored if the file was included via a `<embed>` or `<object>` tag, potentially making a website vulnerable to a cross-site scripting attack. This vulnerability affects Firefox < 140, Firefox ESR < 128.12, Thunderbird < 140, and Thunderbird < 128.12.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When a link can be opened in an external application, Firefox for Android will, by default, prompt the user before doing so. An attacker could have bypassed this prompt, potentially exposing the user to security vulnerabilities or privacy leaks in external applications. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 140.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
When Multi-Account Containers was enabled, DNS requests could have bypassed a SOCKS proxy when the domain name was invalid or the SOCKS proxy was not responding. This vulnerability affects Firefox < 140 and Thunderbird < 140.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.6 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L | 3.9 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
If a user visited a webpage with an invalid TLS certificate, and granted an exception, the webpage was able to provide a WebAuthn challenge that the user would be prompted to complete. This is in violation of the WebAuthN spec which requires "a secure transport established without errors". This vulnerability affects Firefox < 140 and Thunderbird < 140.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP, lacked an anti-clickjacking delay, potentially allowing an attacker to trick a user into granting an exception and loading a webpage over HTTP. This vulnerability affects Firefox < 140 and Thunderbird < 140.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
If a user saved a response from the Network tab in Devtools using the Save As context menu option, that file may not have been saved with the `.download` file extension. This could have led to the user inadvertently running a malicious executable. This vulnerability affects Firefox < 140 and Thunderbird < 140.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox 139 and Thunderbird 139. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 140 and Thunderbird < 140.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Improper Input Validation vulnerability in Mozilla neqo leads to an unexploitable crash..This issue affects neqo: from 0.4.24 through 0.13.2.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | neqo | * |
On 64-bit platforms IonMonkey-JIT only wrote 32 bits of the 64-bit return value space on the stack. Baseline-JIT, however, read the entire 64 bits. This vulnerability affects Firefox < 141, Firefox ESR < 115.26, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
On arm64, a WASM `br_table` instruction with a lot of entries could lead to the label being too far from the instruction causing truncation and incorrect computation of the branch address. This vulnerability affects Firefox < 141, Firefox ESR < 115.26, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Thunderbird executed `javascript:` URLs when used in `object` and `embed` tags. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N | 2.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Insufficient escaping in the “Copy as cURL” feature could potentially be used to trick a user into executing unexpected code. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N | 2.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
The `username:password` part was not correctly stripped from URLs in CSP reports potentially leaking HTTP Basic Authentication credentials. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
XSLT document loading did not correctly propagate the source document which bypassed its CSP. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N | 2.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
The JavaScript engine did not handle closed generators correctly and it was possible to resume them leading to a nullptr deref. This vulnerability affects Firefox < 141, Firefox ESR < 115.26, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox ESR 115.25, Firefox ESR 128.12, Thunderbird ESR 128.12, Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 141, Firefox ESR < 115.26, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox ESR 128.12, Thunderbird ESR 128.12, Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Thunderbird cached CORS preflight responses across IP address changes. This allowed circumventing CORS with DNS rebinding. This vulnerability affects Firefox < 141, Firefox ESR < 140.1, Thunderbird < 141, and Thunderbird < 140.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N | 2.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was set over HTTP and the shadowed cookie included the `Secure` attribute. This vulnerability affects Firefox < 141, Firefox ESR < 140.1, Thunderbird < 141, and Thunderbird < 140.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N | 3.9 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Thunderbird ignored paths when checking the validity of navigations in a frame. This vulnerability affects Firefox < 141, Firefox ESR < 140.1, Thunderbird < 141, and Thunderbird < 140.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
In some cases search terms persisted in the URL bar even after navigating away from the search page. This vulnerability affects Firefox < 141, Firefox ESR < 140.1, Thunderbird < 141, and Thunderbird < 140.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N | 2.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 141, Firefox ESR < 140.1, Thunderbird < 141, and Thunderbird < 140.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
In the address bar, Firefox for Android truncated the display of URLs from the end instead of prioritizing the origin. This vulnerability affects Firefox < 141.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Firefox for Android allowed a sandboxed iframe without the `allow-downloads` attribute to start downloads. This vulnerability affects Firefox < 141.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Focus incorrectly truncated URLs towards the beginning instead of around the origin. This vulnerability affects Firefox < 141 and Thunderbird < 141.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 141 and Thunderbird < 141.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
A crafted URL using a blob: URI could have hidden the true origin of the page, resulting in a potential spoofing attack. *Note: This issue only affected Android operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 141.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process. This vulnerability affects Firefox < 142, Firefox ESR < 115.27, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird < 140.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Same-origin policy bypass in the Graphics: Canvas2D component. This vulnerability affects Firefox < 142, Firefox ESR < 115.27, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird < 140.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N | 2.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Uninitialized memory in the JavaScript Engine component. This vulnerability affects Firefox < 142, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird < 140.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Denial-of-service due to out-of-memory in the Graphics: WebRender component. This vulnerability affects Firefox < 142, Firefox ESR < 140.2, Thunderbird < 142, and Thunderbird < 140.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Spoofing issue in the Address Bar component. This vulnerability affects Firefox < 142 and Firefox ESR < 140.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Memory safety bugs present in Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 142, Firefox ESR < 140.2, Thunderbird < 142, and Thunderbird < 140.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 142, Firefox ESR < 115.27, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird < 140.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
| nvd@nist.gov | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Spoofing issue in the Address Bar component of Firefox Focus for Android. This vulnerability affects Firefox < 142.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Memory safety bugs present in Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 142 and Thunderbird < 142.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
When a user explicitly requested Thunderbird to decrypt an inline OpenPGP message that was embedded in a text section of an email that was formatted and styled with HTML and CSS, then the decrypted contents were rendered in a context in which the CSS styles from the outer messages were active. If the user had additionally allowed loading of the remote content referenced by the outer email message, and the email was crafted by the sender using a combination of CSS rules and fonts and animations, then it was possible to extract the secret contents of the email. This vulnerability affects Thunderbird < 147.0.1 and Thunderbird < 140.7.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N | 2.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.0 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N | 1.6 | 5.8 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Sandbox escape due to incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Sandbox escape due to integer overflow in the Graphics component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Sandbox escape in the Messaging System component. This vulnerability affects Firefox < 147 and Thunderbird < 147.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 10.0 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H | 3.9 | 6.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Use-after-free in the IPC component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Information disclosure in the Networking component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Clickjacking issue, information disclosure in the PDF Viewer component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Information disclosure in the XML component. This vulnerability affects Firefox < 147 and Thunderbird < 147.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Denial-of-service in the DOM: Service Workers component. This vulnerability affects Firefox < 147 and Thunderbird < 147.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Spoofing issue in the DOM: Copy & Paste and Drag & Drop component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 147 and Thunderbird < 147.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Malicious scripts that interrupt new tab page loading could cause desynchronization between the address bar and page content, allowing the attacker to spoof arbitrary HTML under a trusted domain. This vulnerability affects Firefox for iOS < 147.2.1.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Heap buffer overflow in libvpx. This vulnerability affects Firefox < 147.0.4, Firefox ESR < 140.7.1, Firefox ESR < 115.32.1, Thunderbird < 140.7.2, and Thunderbird < 147.0.2.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Mitigation bypass in the Privacy: Anti-Tracking component. This vulnerability affects Firefox < 147.0.2.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Use-after-free in the Layout: Scrolling and Overflow component. This vulnerability affects Firefox < 147.0.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N | 2.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Malicious scripts could cause desynchronization between the address bar and web content before a response is received in Firefox iOS, allowing attacker-controlled pages to be presented under spoofed domains. This vulnerability affects Firefox for iOS < 147.4.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Incorrect boundary conditions in the Graphics: ImageLib component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Sandbox escape in the Graphics: WebRender component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Integer overflow in the JavaScript: Standard Library component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Sandbox escape in the Storage: IndexedDB component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Undefined behavior in the DOM: Core & HTML component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Use-after-free in the Audio/Video: Playback component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Incorrect boundary conditions in the Web Audio component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Integer overflow in the Audio/Video component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Mitigation bypass in the DOM: HTML Parser component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Privilege escalation in the Messaging System component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Incorrect boundary conditions in the Networking: JAR component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Integer overflow in the Libraries component in NSS. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Invalid pointer in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Use-after-free in the DOM: Window and Location component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Use-after-free in the Graphics: ImageLib component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Same-origin policy bypass in the Networking: JAR component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Mitigation bypass in the Networking: Cache component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. This vulnerability affects Firefox < 148.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability affects Firefox < 148 and Thunderbird < 148.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Race condition in the JavaScript: GC component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 4.2 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N | 1.6 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Information disclosure, mitigation bypass in the Settings UI component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N | 2.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Invalid pointer in the DOM: Core & HTML component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Uninitialized memory in the Graphics: Text component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 148 and Thunderbird < 148.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Heap buffer overflow in the Audio/Video: Playback component in Firefox for Android. This vulnerability affects Firefox < 148.0.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability affects Firefox < 148.0.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Memory safety bugs present in Firefox 148.0.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 148.0.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Spoofing issue in Thunderbird. This vulnerability affects Thunderbird < 149 and Thunderbird < 140.9.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were compromised, an attacker could cause the parser to malfunction, potentially crashing Thunderbird or leaking sensitive data. This vulnerability affects Thunderbird < 149 and Thunderbird < 140.9.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | thunderbird | * |
Race condition, use-after-free in the Graphics: WebRender component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Sandbox escape due to incorrect boundary conditions in the Telemetry component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.6 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H | 3.9 | 4.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 10.0 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H | 3.9 | 6.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.6 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H | 3.9 | 4.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Use-after-free in the CSS Parsing and Computation component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Use-after-free in the Layout: Text and Fonts component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Incorrect boundary conditions in the Layout: Text and Fonts component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Mitigation bypass in the Networking: HTTP component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
JIT miscompilation in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Denial-of-service in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Undefined behavior in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Incorrect boundary conditions in the Audio/Video component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Use-after-free in the Widget: Cocoa component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Information disclosure in the Widget: Cocoa component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Incorrect boundary conditions in the Audio/Video component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Uninitialized memory in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H | 3.9 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H | 3.9 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Undefined behavior in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Incorrect boundary conditions in the Graphics: Text component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Privilege escalation in the IPC component. This vulnerability affects Firefox < 149 and Thunderbird < 149.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 149 and Thunderbird < 149.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Undefined behavior in the Audio/Video component. This vulnerability affects Firefox < 149 and Thunderbird < 149.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149 and Thunderbird < 149.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 10.0 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H | 3.9 | 6.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Denial-of-service in the XML component. This vulnerability affects Firefox < 149 and Thunderbird < 149.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Denial-of-service in the Libraries component in NSS. This vulnerability affects Firefox < 149 and Thunderbird < 149.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Spoofing issue in the Privacy: Anti-Tracking component. This vulnerability affects Firefox < 149 and Thunderbird < 149.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 149 and Thunderbird < 149.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Incorrect boundary conditions, integer overflow in the Graphics: Text component. This vulnerability affects Firefox < 149.0.2, Firefox ESR < 140.9.1, Thunderbird < 149.0.2, and Thunderbird < 140.9.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 149.0.2 and Thunderbird < 149.0.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 149.0.2, Firefox ESR < 140.9.1, Thunderbird < 149.0.2, and Thunderbird < 140.9.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 149.0.2 and Thunderbird < 149.0.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150 and Thunderbird 150.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |
Memory safety bugs present in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | * |
| mozilla | thunderbird | * |